- krich2737
- Member
Offline - Registered: 10/05/2018
- Posts: 17
Re: Security Class Article #3 - Due Monday October 21st....
Avast target of cyber-security attack, company and Czech counterintelligence say
Czech-based Avast and Czech counterintelligence service BIS detected a network attack. BIS suspects the attack originated in China, but Avast is saying they don't know who was behind the attack.
The company found suspicious behavior on its network Sept. 23, and opened an investigation with the BIS, Czech police, and an external forensics team.
BIS said their investigation suggests the threat came from China and was targeting the tool CCleaner to take control of users' computers.
Avast's CISO said the intruder used compromised credentials through a temporary VPN to access the network, and there were several attempts between May 14th and Oct. 4th. They kept the VPN profile open to track the intruder. The company says no malicious changes were made to previous releases and they stopped new updates, pushing a "clean" update to users on Oct. 15 and revoked a previous certificate
[url=Avast target of cyber-security attack, company and Czech counterintelligence say Czech-based Avast and Czech counterintelligence service BIS detected a network attack. BIS suspects the attack originated in China, but Avast is saying they don't know who was behind the attack. The company found suspicious behavior on its network Sept. 23, and opened an investigation with the BIS, Czech police, and an external forensics team. BIS said their investigation suggests the threat came from China and was targeting the tool CCleaner to take control of users' computers. Avast's CISO said the intruder used compromised credentials through a temporary VPN to access the network, and there were several attempts between May 14th and Oct. 4th. They kept the VPN profile open to track the intruder. The company says no malicious changes were made to previous releases and they stopped new updates, pushing a "clean" update to users on Oct. 15 and revoked a previous certificate ][/url]
- EthanODonnell
- Member
Offline
- Registered: 9/25/2018
- Posts: 16
Re: Security Class Article #3 - Due Monday October 21st....
This article starts under the Hacker can remotely kill car engines via compromised GPS Apps: A hacker named L&M said he hacked 7,000 iTrack and 20,000 ProTrack accounts via brute force hacking. Then from there he gained access to some vehicle's internal systems. He said he could shut off cars going under 12 mph, and track where they were going. He said he did this to show that the companies security was compromised. - Ethan O'Donnell
- Lunar Time
- Member
Offline
- Registered: 10/01/2019
- Posts: 15
Re: Security Class Article #3 - Due Monday October 21st....
- Devin Fry
- New member
Offline
- Registered: 10/01/2019
- Posts: 8
Re: Security Class Article #3 - Due Monday October 21st....
Avast says hackers breached internal network through compromised VPN profile
In this article it talks about cyber-security software maker Avast closed today because a security breach that impacted its internal network by an attacker using an employees VPN credentials and passwords. This is interesting to me because they talked about how the hacker changed his IP and used a VPN to act like an employee. Employees also said there inbox in there email was being spammed by "important emails" that needed there password to access. This was detected on September 23, but Avast said it found evidence of the attacker targeting its infrastructure going as far back as May 14, this year.
Devin Fry
Last edited by Devin Fry (10/21/2019 10:14 am)
- Jonathan Higgins
- New member
Offline
- Registered: 10/05/2017
- Posts: 4
Re: Security Class Article #3 - Due Monday October 21st....
CenturyLink has had another data leak, where up to 2.8 million people could have had their data stolen, and hundreds of thousands did. They were exposed by logs from a third party Notification platform that CenturyLink used. Names, emails, phone numbers and addresses were exposed. the information had been exposed for almost 10 months, before being found in September. A cyber security company found the exposure.
"Any sufficiently advanced technology is indistinguishable from magic"
-- Arthur C. Clarke
"The only constant in the technology industry is change"
-- Marc Benioff
- AprilSands
- Member
Offline
- Registered: 10/21/2019
- Posts: 16
Re: Security Class Article #3 - Due Monday October 21st....
This is just an up-date to the newest hacking methods being used "currently 2019". Hackers are sharpening their skills. I.T. pro's should also keep up to date on the latest hacking techniques!
- Warshipping is a new form of existing hacking methods such as wardialing and wardriving.
- Spearphone is a new type of attack that can enable threat actors to eavesdrop on people’s mobile phone calls.
Cybercriminals are increasingly becoming innovative with the techniques they use to launch attacks. So far, the year has seen quite a new attack techniques that could be/were used to steal data or spread malware.Here’s a quick look at some of the significant discoveries in attack methods that pose potential risks for organizations and individuals worldwide.Malboard attackDiscovered by a group of academics, the attack can be used to mimic a user’s identity through their keystrokes. The Malboard attack leverages the keystroke characteristics of users and has been successfully exploited on keyboards developed by Microsoft, Lenovo, and Dell. During the experiment, the researchers could evade detection by security solutions by fooling risk-based behavioral authentication systems KeyTrac, TypingDNA and DuckHunt.WarshippingWarshipping is a new form of existing hacking methods such as wardialing and wardriving. The attack technique can allow threat actors to disrupt business operations and steal sensitive data. Under this attack, the attacker needs to tuck their 3G-enabled device at the bottom of a packing box to gain access to a victim’s network.Spearphone attackSpearphone is a new type of attack that can enable threat actors to eavesdrop on people’s mobile phone calls. The attack makes use of Android devices’ onboard accelerometers to infer speech from the devices’ speakers. The attack was successfully tested on several Android models - LG G3, Samsung Galaxy Note 4 and Samsung Galaxy S6.CTRL-ALT-LED attackA research team came up with a new technique called CTRL-ALT-LED that leveraged secure air-gapped systems to pilfer sensitive data. The technique makes use of the Caps Lock, Num Lock, and Scroll Lock LEDs on a keyboard. It can be used against various optical devices such as smartphone cameras, a smartwatch’s camera, a security camera, extreme sports cameras, and even high-grade optical/light sensors.Minerva attackMinerva is a lattice-based cryptography attack that can recover private keys from cryptographic libraries. It is based on the timing leakage of the bit-length of nonces used in ECDSA and other similar signature algorithms. Older Athena IDProtect smart cards along with WolfSSL, MatrixSSL, Crypto++, Oracle SunEC, and Libgcrypt crypto libraries are vulnerable to the attack.PDFex attackGerman academics discovered a new attack named PDFex that could be used to steal data from encrypted PDF files. The attack was successfully tested against 27 desktop and web PDF viewers. This includes popular software such as Adobe Acrobat, Foxit Reader, Evince, Nitro, and Chrome and Firefox's built-in PDF viewers.WIBattackWIBattack is a new SIM card attack that is similar to the Simjacking attack. The attack leverages vulnerabilities in Wireless Internet Browser (WIB) apps to track users’ devices. In order to exploit WIB apps, attackers need to send a specially formatted binary SMS (called an OTA SMS) that will execute STK (SIM Toolkit) This is a new DDoS vector that leverages a UDP Amplification technique known as WS-Discovery (WSD). WSD operates over TCP and UDP port 3702 and is found in many internet-connected devices. It can be spoofed by sending a UDP packet with a forged return IP address. The response will be sent to the forged IP address and this allows hackers to aim the traffic to DDoS targets.
- SAMUS
- Member
Offline
- Registered: 10/02/2019
- Posts: 11
Re: Security Class Article #3 - Due Monday October 21st....
The article I am doing has to do with Alexa and google home devices for those of you who don't know what these are you could call them smart speakers with voice controlled intelligent personal assistant. These speakers are very new (last couple years) and have many kinks that must be fixed. A big one today is that people are able to get into alexas responses and start asking you for the users password, which amazon or google both say that a device should never ask you for that information. They also are eavesdropping on unsuspecting users in such a way that everything they are saying is getting logged and sent to the attackers servers for processing.
-Jorge Calderilla
Jorge Calderilla
- bpedersen3277
- New member
Offline
- Registered: 9/24/2018
- Posts: 3
Re: Security Class Article #3 - Due Monday October 21st....
Italy is experiencing a rash of ransomware attacks that play dark German rock music while encrypting victims' files. The musical ransomware, called FTCode, was detected by security analysts at AppRiver in malicious email campaigns directed at Italian Office 365 customers. Targeted inboxes have received emails with malicious content posing as resumes, invoices, or documents scans. The emails include a Visual Basic script (.vbs) file that downloads and blasts out Rammstein hits while encrypting files on the victim's computer. The .vbs file initially launches PowerShell to download and play an mp3 file from archive.org. David Pickett, security analyst at AppRiver, warned users not to take risks on links sent by strangers and to be particularly wary of any content that asks to be enabled.
[url],at%20Italian%20Office%20365%20customers.[/url] - Brandon Pedersen
Last edited by bpedersen3277 (10/23/2019 10:02 am)
- gsnyder24
- Member
Offline
- Registered: 1/22/2018
- Posts: 19
Re: Security Class Article #3 - Due Monday October 21st....
Toyota, Lexus Dealership In Japan Hacked
A Toyota and Lexus dealership in Japan was hacked about 6 months ago. Officials will not provide extended information about the breach, but did come out and say that the hackers got unauthorized access to a server. My guess is that a back-end server security protocols were not up to date, or poorly secured. About 3.1 million individuals had information hacked, but Japan officials stated that credit card credentials were not included in the information that was hacked.
Last edited by gsnyder24 (10/22/2019 10:47 am)
- Portscanner
- New member
Offline
- Registered: 10/02/2019
- Posts: 8
Re: Security Class Article #3 - Due Monday October 21st....
Hackers hover near online shopping carts, too. It's called e-skimmingHackers have been able to to gather credit/debit information from marketing websites at live time while you're shopping online. When you submit your purchase through their website it will get siphoned off to a server that's controlled stated by an FBI agent. Any businesses that haves online stores are vulnerable to these attacks by the hackers by exploiting a weak link to the company's e-commerce platform-from Susan Tompor. Which is a skimming codes that gathers information from the website.
Cristian Villanueva