Most Digital Attacks Today Involve Social Engineering
On May 14, the FBI marked a sobering milestone: the receipt of its six millionth digital crime complaint. It took just 14 months for the FBI’s Internet Crime Complaint Center (IC3) to reach its new threshold. Digital crime complaints are on the rise, and we have some ideas as to why. Check out what these…
Hackers Return Portion of Record Crypto Heist Haul
Poly Network fired off a tweet Wednesday saying hackers had returned $260 million worth of the digital assets taken in a heist a day earlier valued at $613 million. Polygon had urged the thieves to return the stolen fortune and provided online addresses for transfers. “Seven minutes prior to sending the first transaction returning some…
Home routers are being hijacked using vulnerability disclosed just 2 days ago
The early bird catches the worm. Unless the worm was early enough to hide. On August 3, 2021 a vulnerability that was discovered by Tenable was made public. Only two days later, on August 5, Juniper Threat Labs identified some attack patterns that attempted to exploit this vulnerability in the wild. The vulnerability is listed…
How to prepare your Windows network for a ransomware attack
Recently I spoke with Ryan Chapman of the SANS Institute, author of the upcoming SANS course FOR528: Ransomware for Incident Responders, on how to better prepare for ransomware. That preparation comes in two forms: planning how you would respond to a successful ransomware attack and overcoming barriers to hardening your network against them. Planning for…
Potential RCE Flaw Patched in PyPI’s GitHub Repository
On Friday, security researcher RyotaK published information on three vulnerabilities in PyPI, one of which could potentially lead to the compromise of the entire PyPI ecosystem. Python Package Index (PyPI) is the official third-party software repository for the Python programming language, with some package managers using it as the default source for packages and dependencies….
LemonDuck no longer settles for breadcrumbs
LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [1][2] on the Microsoft Security blog. LemonDuck Trojan.LemonDuck has always been an advanced cryptominer that…
US Gov Warning: VPN, Network Perimeter Product Flaws Under Constant Attack
In a joint advisory published Wednesday, cybersecurity response agencies from the U.S., the U.K., and Australia called special attention to flaws in network perimeter tech from Citrix, Fortinet, Pulse, F5 Networks and MobileIron. The agencies listed 30 distinct security vulnerabilities (categorized by CVEs) that have been “routinely exploited” over the last two years to plant…
Judge: Ex-CIA Worker Can Represent Himself in Espionage Case
U.S. District Judge Paul A. Crotty said in a written order that Joshua Schulte had shown that he was sure he wanted to act as his own lawyer. Schulte, 32, faces an October trial on charges that he leaked CIA secrets to WikiLeaks, which published materials in 2017 that revealed how the CIA hacked Apple…
Ransomware Attack on UK Rail System – Spray and Pray or Targeted?
Railways in the UK are operated under a licensed franchise system following the breakup of the state-owned British Rail, which was privatized gradually from 1994 to 1997. The rail infrastructure is owned and managed by Network Rail, described as an ‘arm’s length’ public body of the Department of Transport – but the rail services are…
Details Emerge on Iranian Railroad Cyberattack
More details on the cyberattack on Iran’s railroad system emerged over the weekend. On Friday, July 9, 2021 Iran International reported that a system-wide disruption of Iran’s railroads was probably due to a cyberattack, citing the Revolutionary Guard-backed FARS news agency. Now it appears that the attackers had penetrated the system at least a month…
