- Tuesday, 14 July 2015
- Hits: 1647
Hackers Steal $1 Billion in Massive, Worldwide Breach
Hackers have stolen as much as $1 billion from banks around the world, according to a prominent cybersecurity firm. In a report scheduled to be delivered Monday, Russian security company Kaspersky Lab claims that a hacking ring has infiltrated more than 100 banks in 30 countries over the past two years. Read more...
Barack Obama to host cyber-crime summit in Silicon Valley
|Major Hacks of the Week|
Yanbian Gang steals millions from mobile banking customers of South Korea
According to researchers at Trend Micro, the cybercriminals used fake banking apps having the same appearance (i.e. icons and user interface) of the legitimate mobile apps, to trick users. They also used other popular apps, such as utilities, chat, portal and security apps attract users into their scam and steal their mobile banking credentials. These bogus mobile apps transferred stolen user information (i.e. mobile phone numbers, Bank account names, Bank account numbers, login credentials and Text messages) to the command and control servers. The Yanbian Gang used several Android malware to infect mobile banking customers, none of the malware used by the gang was distributed through Google Play or third-party app stores. Read more...
Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions
Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets). This tool can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.), obtain Kerberos tickets and reuse them in other Windows or Unix systems and dump cleartext passwords entered by users at logon. Read more...
|Major Vulnerabilities Disclosed|
Is Bio hacking a security risk? The future is now!
Bio hacking – technology and humans have never been so close, they complement each other. But what are the security and privacy risks? Imagine a world where our day to day activities like door locking, supermarket purchases, credit card swipes and smartphone usage are replaced by just one chip embedded under your skin. We are upgrading the human bodies to meet the technological needs. The future is expected to be completely technology dependent with very little human interruptions. Humans have been implanting technologies in their bodies for medical reasons like the adoption of implantable aids such as pacemakers, insulin pumps, deep brain stimulation system, the world is already filling with humans who could be considered part machines. Read more...
Defending 'unpreventable' cyber attacks
Businesses should stop worrying about preventing intruders getting into their computer networks, and concentrate instead on minimising the damage they cause when they do. Read more...
|Legal, Regulatory and Corporate|
IBM puts software and cloud at the center of storage
FBI Director James Comey and Deputy Attorney General Sally Quillian Yates testified before a Senate Judiciary committee that they are stumped by end-to-end encryption and that while they want to work with the private sector to come up with a solution Yates noted that a legislative mandate “may ultimately be necessary” to force companies to comply. To back up their stand they also tried playing the terrorism card saying that ISIS is using social media to bolster their recruitment efforts. When a prospective terrorist is first contacted they are told to switch to an end-to-end encrypted messaging system where they can work out their nefarious plans in private. Read more...
Credit card info stolen in BigFish Games site compromise
Seattle-based casual gaming company Big Fish Games has has its site and personal and financial information of some of its users compromised in an attack that started on last Christmas Eve. "An unknown criminal installed malware on the billing and payment pages of our website that appears to have intercepted customer payment information," the company CTO, Ian Hurlock-Jones, explained in a notification letter sent out to potentially affected customers. Read more...
Security and Beyond
Jamie Oliver serves up steaming pile of malware
Tousle-haired celebrity chef Jamie Oliver has served up a stomach-churning exploit kit to those who visit his web site. His eponymous .com site, ranked 519 in the UK and drawing some 10 million visitors a month was compromised to plate-up the foul-tasting Fiesta exploit kit to compromise user machines. Malwarebytes senior researcher Jérôme Segura said crook cooks orchestrated a "carefully and well hidden" attack and hid an iframe URL with base-64 encoding. Read more...
Securing Your Computer to Maintain Your Privacy
Securing your computer is essential to protecting your privacy, reducing the risk of identity theft, and preventing hackers from taking over your computer. Unfortunately, maintaining the security of your computer can be challenging. Hackers often seem to be one step ahead of even those computer users who are following the best security practices. Read more...
|Security Awareness Tip|
Phishing Emails Can Be Detected. Learn About the Obvious Signs
Phishing emails are emails that are designed to gather information about you for a malicious purpose. While these emails can be quite deceptive, there are usually some major warning signs. Phishing emails often contain some form of warning, such as an account suspension. This warning will request that you click on a link and fill out a form with either personal information or account login information.
When in doubt, call the company that the phishing email claims to be from directly rather than responding to the email in any fashion.
|Silensec Editorial Team|
Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor
Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.
Associate Editor: Joseph Alulu (B.A)
Joseph Alulu leads the Silensec Marketing Department. He holds a Bachelors of Arts Degree from the University of Nairobi in Kenya. He publishes the weekly Silensec Newsletter, keeping you up to date on the latest information security news as well as creating information security awareness.
For any questions please click on the following contact us link