Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 156

Jan 13, 2020

U.S. Government Issues Powerful Security Alert: Upgrade VPN Or Expect Cyber-Attacks

Posted by in categories: cybercrime/malcode, government, policy

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that strongly urges users and administrators alike to update a VPN with long-since disclosed critical vulnerabilities. “Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability,” the CISA alert warns, “can become compromised in an attack.” What has dictated the need for this level of Government agency interest and the urgency of the language used? The simple answer is the ongoing Travelex foreign currency exchange cyber-attack, thought to have been facilitated by no less than seven VPN servers that were late in being patched against this critical vulnerability. The vulnerability in question is CVE-2019–11510, first disclosed way back in April 2019 when Pulse Secure VPN also released a patch to fix it.

Critical VPN security vulnerability timeline

The CISA alert provides a telling timeline that outlines how the Pulse Secure VPN critical vulnerability, CVE-2019–11510, became such a hot security potato. Pulse Secure first released an advisory regarding the vulnerabilities in the VPN on April 24, 2019. “Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS),” that advisory warned, “this includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect Secure gateway.” An upgrade patch to fix the problem, which had been rated as critical, was made available at the same time. Warning users that the vulnerabilities posed a “significant risk to your deployment,” Pulse Secure recommended patching as soon as possible.

Jan 12, 2020

Gov. Cooper urges people to pay attention as officials prepare for possible cyberattack

Posted by in categories: cybercrime/malcode, finance

The Department of Homeland Security is preparing for possible cyberattack from Iran. Officials said it could target finance, energy and telecom companies. Gov. Roy Cooper is urging people to pay attention to keep North Carolina’s computer networks safe.

Click the video player above to learn how to stay safe online .

Jan 11, 2020

Air Travel Cyber-Attacks: New York Airport Hit, Travelex Exchange Held To Ransom

Posted by in categories: cybercrime/malcode, transportation

Cyber-attackers have ramped up their campaigns against the travel industry and those who use it.

Jan 10, 2020

Cyber Threats To North American Power Grid Are Growing

Posted by in category: cybercrime/malcode

Threats of cyber attacks on North America’s electric network systems are growing, industrial cybersecurity firm Dragos said in a new report this week.

This year, the firm has identified two groups, Magnallium and Xenotime, which are increasingly probing to compromise electric assets in North America, expanding their targeting from the oil and gas sector to include electric assets.

“This underscores the trend in threats expanding from single-vertical ICS operations to multi-vertical ICS operations we observe from adversaries targeting industrial entities,” Dragos said in its report.

Jan 10, 2020

US Govt Warns of Attacks on Unpatched Pulse VPN Servers

Posted by in categories: cybercrime/malcode, privacy

The US Cybersecurity and Infrastructure Security Agency (CISA) today alerted organizations to patch their Pulse Secure VPN servers as a defense against ongoing attacks trying to exploit a known remote code execution (RCE) vulnerability.

This warning follows another alert issued by CISA in October 2019, and others coming from the National Security Agency (NSA), the Canadian Centre for Cyber Security, and UK’s National Cyber Security Center (NCSC).

Pulse Secure reported the vulnerability tracked as CVE-2019–11510 and disclosed by Orange Tsai and Meh Chang from the DEVCORE research team, and by Jake Valletta from FireEye in an April 2019 out-of-cycle advisory.

Jan 9, 2020

Dunwoody becomes latest metro Atlanta government hit by cyber attack

Posted by in categories: bitcoin, cybercrime/malcode, government

Dunwoody officials said Thursday that no data was compromised during the ransomware attack, which was detected on Christmas Eve and is now under investigation by the FBI. The intrusion was quickly identified by staff, which worked with the city’s computer security contractors at InterDev to shut down servers and disconnect computers in order to limit the impact of the attack.

“As soon as we detected a problem, we took immediate steps to protect the city’s infrastructure,” Ashley Smith, InterDev’s director of government services, said in a news release. “Data back-ups were used to fully restore systems with no loss.”

Dunwoody police Chief Billy Grogan said the attackers demanded a ransom be paid in bitcoin, a digital currency. He declined to reveal the amount requested but said the city did not pay.

Jan 9, 2020

These hacking groups are eyeing power grids, says security company

Posted by in categories: cybercrime/malcode, energy

Cybersecurity company warns that hackers are investigating industrial control systems associated with power infrastructure.

Jan 9, 2020

North Korean hacker group Lazarus is using Telegram to steal cryptocurrency

Posted by in categories: cryptocurrencies, cybercrime/malcode

A hacking group believed to be from North Korea is reportedly stepping up its game to continue its cryptocurrency stealing campaigns.

In a statement published yesterday, security researchers from Kaspersky say they found evidence to suggest Lazarus has made significant changes to its attack methodology.

According to Kaspersky, the hacking group is taking “more careful steps” and is employing “improved tactics and procedures” to steal cryptocurrency.

Jan 9, 2020

Here’s How an Iranian Cyberattack Could Affect You

Posted by in category: cybercrime/malcode

Would you like to live to be 400 years old?

Jan 6, 2020

Microsoft: RDP brute-force attacks last 2–3 days on average

Posted by in category: cybercrime/malcode

Microsoft publishes insights into RDP brute-force attacks from months-long 45,000 PC study.