Offline
Avast target of cyber-security attack, company and Czech counterintelligence say
Czech-based Avast and Czech counterintelligence service BIS detected a network attack. BIS suspects the attack originated in China, but Avast is saying they don't know who was behind the attack.
The company found suspicious behavior on its network Sept. 23, and opened an investigation with the BIS, Czech police, and an external forensics team.
BIS said their investigation suggests the threat came from China and was targeting the tool CCleaner to take control of users' computers.
Avast's CISO said the intruder used compromised credentials through a temporary VPN to access the network, and there were several attempts between May 14th and Oct. 4th. They kept the VPN profile open to track the intruder. The company says no malicious changes were made to previous releases and they stopped new updates, pushing a "clean" update to users on Oct. 15 and revoked a previous certificate
[url=Avast target of cyber-security attack, company and Czech counterintelligence say Czech-based Avast and Czech counterintelligence service BIS detected a network attack. BIS suspects the attack originated in China, but Avast is saying they don't know who was behind the attack. The company found suspicious behavior on its network Sept. 23, and opened an investigation with the BIS, Czech police, and an external forensics team. BIS said their investigation suggests the threat came from China and was targeting the tool CCleaner to take control of users' computers. Avast's CISO said the intruder used compromised credentials through a temporary VPN to access the network, and there were several attempts between May 14th and Oct. 4th. They kept the VPN profile open to track the intruder. The company says no malicious changes were made to previous releases and they stopped new updates, pushing a "clean" update to users on Oct. 15 and revoked a previous certificate ] [/url]
Offline
This article starts under the Hacker can remotely kill car engines via compromised GPS Apps: A hacker named L&M said he hacked 7,000 iTrack and 20,000 ProTrack accounts via brute force hacking. Then from there he gained access to some vehicle's internal systems. He said he could shut off cars going under 12 mph, and track where they were going. He said he did this to show that the companies security was compromised. - Ethan O'Donnell
Offline
Offline
Avast says hackers breached internal network through compromised VPN profile
In this article it talks about cyber-security software maker Avast closed today because a security breach that impacted its internal network by an attacker using an employees VPN credentials and passwords. This is interesting to me because they talked about how the hacker changed his IP and used a VPN to act like an employee. Employees also said there inbox in there email was being spammed by "important emails" that needed there password to access. This was detected on September 23, but Avast said it found evidence of the attacker targeting its infrastructure going as far back as May 14, this year.
Devin Fry
Last edited by Devin Fry (10/21/2019 10:14 am)
Offline
CenturyLink has had another data leak, where up to 2.8 million people could have had their data stolen, and hundreds of thousands did. They were exposed by logs from a third party Notification platform that CenturyLink used. Names, emails, phone numbers and addresses were exposed. the information had been exposed for almost 10 months, before being found in September. A cyber security company found the exposure.
Offline
This is just an up-date to the newest hacking methods being used "currently 2019". Hackers are sharpening their skills. I.T. pro's should also keep up to date on the latest hacking techniques!
Offline
The article I am doing has to do with Alexa and google home devices for those of you who don't know what these are you could call them smart speakers with voice controlled intelligent personal assistant. These speakers are very new (last couple years) and have many kinks that must be fixed. A big one today is that people are able to get into alexas responses and start asking you for the users password, which amazon or google both say that a device should never ask you for that information. They also are eavesdropping on unsuspecting users in such a way that everything they are saying is getting logged and sent to the attackers servers for processing.
-Jorge Calderilla
Offline
Italy is experiencing a rash of ransomware attacks that play dark German rock music while encrypting victims' files. The musical ransomware, called FTCode, was detected by security analysts at AppRiver in malicious email campaigns directed at Italian Office 365 customers. Targeted inboxes have received emails with malicious content posing as resumes, invoices, or documents scans. The emails include a Visual Basic script (.vbs) file that downloads and blasts out Rammstein hits while encrypting files on the victim's computer. The .vbs file initially launches PowerShell to download and play an mp3 file from archive.org. David Pickett, security analyst at AppRiver, warned users not to take risks on links sent by strangers and to be particularly wary of any content that asks to be enabled.
[url] ,at%20Italian%20Office%20365%20customers.[/url] - Brandon Pedersen
Last edited by bpedersen3277 (10/23/2019 10:02 am)
Offline
Toyota, Lexus Dealership In Japan Hacked
A Toyota and Lexus dealership in Japan was hacked about 6 months ago. Officials will not provide extended information about the breach, but did come out and say that the hackers got unauthorized access to a server. My guess is that a back-end server security protocols were not up to date, or poorly secured. About 3.1 million individuals had information hacked, but Japan officials stated that credit card credentials were not included in the information that was hacked.
Last edited by gsnyder24 (10/22/2019 10:47 am)
Offline
Hackers hover near online shopping carts, too. It's called e-skimmingHackers have been able to to gather credit/debit information from marketing websites at live time while you're shopping online. When you submit your purchase through their website it will get siphoned off to a server that's controlled stated by an FBI agent. Any businesses that haves online stores are vulnerable to these attacks by the hackers by exploiting a weak link to the company's e-commerce platform-from Susan Tompor. Which is a skimming codes that gathers information from the website.
Cristian Villanueva