News – April 2018


  • Who leaked the idea of ASD spying on Australians, and why?

    April 30, 2018

    “Secret plan to spy on Aussies,” The Sunday Telegraph headlined the story. “Two powerful government agencies are discussing radical new espionage powers that would see Australia’s cyber spy agency monitor Australian citizens for the first time.” It was a “power grab” detailed in “top secret letters” proposing that the Australian Signals Directorate (ASD) be able to use its cyber ...

  • Faulty Patch for Oracle WebLogic Flaw Opens Updated Servers to Hackers Again

    April 30, 2018

    Earlier this month, Oracle patched a highly critical Java deserialization remote code execution vulnerability in its WebLogic Server component of Fusion Middleware that could allow attackers to easily gain complete control of a vulnerable server. However, a security researcher, who operates through the Twitter handle @pyn3rd and claims to be part of the Alibaba security team, has now found a ...

  • ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks

    April 27, 2018

    Thailand’s Computer Emergency Response Team (ThaiCERT) has seized a server operated by the North Korea-linked Hidden Cobra APT, which is used to control the global GhostSecret espionage campaign. The campaign is still ongoing. ThaiCERT said in an alert on Wednesday that it is working with McAfee and law enforcement to analyze the control server, which was located at ...

  • Hackers build a ‘Master Key’ that unlocks millions of Hotel rooms

    April 25, 2018

    If you often leave your valuable and expensive stuff like laptop and passports in the hotel rooms, then beware. Your room can be unlocked by not only a malicious staff having access to the master key, but also by an outsider. A critical design vulnerability in a popular and widely used electronic lock system can be ...

  • Tech firms could face new EU regulations over fake news

    April 24, 2018

    EU security commissioner says new regulations may have to be brought in if tech firms fail to tackle issues voluntarily Brussels may threaten social media companies with regulation unless they move urgently to tackle fake news and Cambridge Analytica-style use of personal data before the European elections in 2019. The EU security commissioner, Julian King, said “short-term, ...

  • New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia

    April 23, 2018

    Symantec has identified a new attack group dubbed Orangeworm deploying the Kwampirs backdoor in a targeted attack campaign against the healthcare sector and related industries. Symantec has identified a previously unknown group called Orangeworm that has been observed installing a custom backdoor called Trojan.Kwampirs within large international corporations that operate within the healthcare sector in the United States, ...

  • A Lack Of Cybersecurity Funding And Expertise Threatens U.S. Infrastructure

    April 23, 2018

    As our physical infrastructure becomes increasingly digitalized, it also becomes increasingly vulnerable to cyber attack. Russian hackers, for example, have been trying to compromise U.S. electrical infrastructure for years, and successfully cut off power to hundreds of thousands of people throughout Ukraine in 2015 and again in 2016. Beyond our energy infrastructure, traffic signals are also susceptible to being hijacked, ...

  • Kaspersky Lab Discovers Russian Hacker Infrastructure

    April 23, 2018

    Compromised servers used by Crouching Yeti/Energetic Bear hacker group found by Kaspersky Lab A hacker collective known for attacking industrial companies around the world have had some of their infrastructure identified by Russian security specialists. Kaspersky Lab said that it has discovered a number of servers compromised by the group, belonging to different organisations based in Russia, ...

  • Gmail spam mystery: Why have secure accounts started spamming themselves?

    April 23, 2018

    Some Gmail users have been surprised to find spam inexplicably in their Sent folders, with the messages continuing to appear even after users changed their passwords. People have been reporting on Gmail’s Help Forum that the spam to unknown contacts appears to have come from their own account, causing concerns that affected accounts had been compromised. Read more… Source: ZDNet  

  • How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs

    April 23, 2018

    Dr. Mordechai Guri, the head of R&D team at Israel’s Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named “BeatCoin.” BeatCoin is not a new hacking technique; instead, it’s an experiment wherein the researcher demonstrates how all previously discovered out-of-band communication methods can be ...

  • Nearly half of UK manufacturers hit by cyber attacks

    April 23, 2018

    Nearly half of UK manufacturers have been hit by a cyber security incident, according to a report by an industry organisation, which calls for greater government focus on the specific security needs of the sector Some 48% of UK manufacturers admit they have at some time been subject to a cyber security incident, with half of ...

  • NATO cyber defenders tested at world’s largest cyber drill

    April 20, 2018

    NATO cyber experts will test and train their ability to defend against cyber attacks in the in the largest international live-fire cyber defence exercise, Locked Shields (23 April – 27 April). A team of 30 from the NATO Communications and Information Agency (NCIA) will be taking part in the week-long event, alongside 1000 national experts from around 30 ...

  • Cyber crime now “generates $1.5tn per year”

    April 20, 2018

    Cyber crime generates $1.5tn (£1.1tn) in revenue every year, according to a groundbreaking report released at RSA Conference on Friday. The research, conducted by Surrey University criminologist Michael McGuire and commissioned by security firm Bromium, reveals that if cyber crime was a country, it would have the 13th highest GDP in the world. According to McGuire’s “conservative ...

  • Milipol Qatar’s 12th edition to be held from 29 to 31 October 2018

    April 19, 2018

    Middle East’s leading homeland security exhibition incorporates Civil Defence Exhibition and Conference for the first time and calls upon industry experts to take part in the 2018 edition Doha, Qatar –  April 2018: Milipol Qatar, the leading international exhibition dedicated to homeland security and Civil Defence in the Middle East, returns for its 12th edition this year, for ...

  • Millions of scraped public social net profiles left in open AWS S3 box

    April 19, 2018

    US social network data aggregator LocalBlox has been caught leaving its AWS bucket of 48 million records – harvested in part from public Facebook, LinkedIn and Twitter profiles – available to be viewed by anyone who stopped by. Security biz Upguard wandered by on February 18, and found the publicly accessible files in a misconfigured AWS ...

  • Tools like Palantir illustrate how easily big data can be misused

    April 19, 2018

    Data privacy has become a topic of critical concern among tech and business leaders, following revelations that Cambridge Analytica harvested the data of some 87 million Facebook users to build targeted political content. However, Cambridge Analytica is only one of perhaps many firms doing similar work. Another company that has engaged in such controversial activity is Palantir, a ...

  • Facebook moving 1.5 billion users away from GDPR protection

    April 19, 2018

    If a new European law restricting what companies can do with people’s online data went into effect tomorrow, almost 1.9 billion Facebook users around the world would be protected by it. But the online social network is making changes that ensure the number will be much smaller. Facebook members outside the United States and Canada, whether they ...

  • Incoming: Airborne Cyber Attacks No Longer the Stuff of Sci-Fi

    April 19, 2018

    From RSA: The prospect of virus-like cyberattacks spreading over the air may sound like science fiction but it’s shaping up to be the next major field of battle with hackers One if by land. Two if by sea. How about Three by airborne internet attack? CISOs will soon need to protect their organizations from virus-like cyber attacks ...

  • ID theft in UK hits record high as crooks shift to more vulnerable targets

    April 18, 2018

    Identity fraud in Blighty hit a record high of 174,523 incidents last year – and the vast majority of it happened online. According to the latest report by fraud prevention service Cifas, ID theft rose 1 per cent on last year. However, that is an increase of 125 per cent on 2007, the Fraudscape (PDF) report shows. Read more… Source: The ...

  • Gold Galleon Hacking Group Plunders Shipping Industry

    April 18, 2018

    Researchers have identified the hacking group behind several widescale business email compromise (BEC) attacks gouging the maritime shipping industry millions of dollars since last year. Attackers are taking advantage of the industry’s lax security and the use of outdated computers, according to a report released here at the RSA Conference Wednesday. Researchers from the Dell SecureWorks Counter ...