Water utilities are popular targets
It wasn't the first time the Fort Collins-Loveland Water District and its wastewater counterpart had been hit by "ransomware," a type of malware that encrypts victims' computer files and demands online payment to unlock them.While operations weren't harmed, the infection prompted the water district to switch out its information technology service provider and call in the FBI. The case, first reported by the Coloradoan, remains under active investigation. FCLWD and the South Fort Collins Sanitation District treat and distribute water to 45,000 customers in northern Colorado.Colorado water officials aren't alone in their cybersecurity woes. The nation's nearly 70,000 water and wastewater utilities are struggling to keep their heads above a rising tide of online threats, based on interviews with security experts ... Read More
Social engineering led to potential kidnapping
Social engineering and impersonation attacks can lead to far more dangerous consequences than monetary losses, according to Matt Devost from OODA LLC. Devost appeared on the CyberWire’s Hacking Humans Podcast last week, where he described the attacks he’s seen involving cybercriminals with fraudulent personas.
Devost described one case in which an attacker impersonated a broker and an investor to target a successful entrepreneur who was looking for funding for a new startup. Under the guise of the broker, the attacker introduced the target to the supposed investor. Now posing as the investor, the attacker conversed with the target about the company, and eventually asked the entrepreneur to fly to South America so they could meet.
“That individual is very, very close to ... Read More
September 3, 2024Mark Anthony Germanos
Malicious links on otherwise honest web pages
Webroot revealed the results of their 2019 Threat Report, showing that tried-and-true attack methods are still going strong, but new threats emerge daily, and cybercrime is highly innovative. This includes adding malicious URLs (web page addresses) as links on legitimate sites.
Hal Lonas, Webroot's CTO said: “We wax poetic about innovation in the cybersecurity field, but you only have to take one look at the stats in this year’s report to know that the true innovators are the cybercriminals. They continue to find new ways to combine attack methods or compromise new and existing vectors for maximum results. My call to businesses today is to be aware, assess your risk, create a layered approach that protects multiple threat vectors and, ... Read More
September 3, 2024Mark Anthony Germanos
Is this the best Facebook phishing scam ever?
Scams seeking to harvest online credentials have long tried to replicate known logon pages. But this newly found instance is just about perfect.
In every scam that uses social engineering, the key is to be believable. If it looks right, feels right, has the timing right, etc., the victim is more likely to fall for it. This latest scam seeks to take advantage of a user’s desire to leverage single sign-on (SSO) via well-known websites. In this case, Facebook. Rather than creating (and remembering) countless passwords for an equivalently large number of websites, users will take advantage of identifying themselves via Facebook.
Under normal circumstances, a Facebook API is called which prompts the user to authenticate. But researchers at security vendor Myki have ... Read More
September 2, 2024Mark Anthony Germanos
Robocall scams more prolific than ever
Robocall spam has surged to 12 billion calls per month globally. Bank account, credit card and extortion are common scams, according to Hiya, a company that makes apps to fend off unwanted calls.
According to Hiya's first Global Robocall Radar Report, global spam calls grew 325 percent from a year ago to 85 billion. Hiya's estimate is based on an analysis of 12 billion calls per month globally.
UK, Spain, Italy, France and Argentina were the countries with the most robocalls. Like spam, robocalls have proliferated because scammers get just enough victims to rake in profits. The Federal Communications Commission and Federal Trade Commission have been looking at ways to curb robocalls, which are one of the top consumer complaints in the U.S.
The ... Read More
September 2, 2024Mark Anthony Germanos
Cyber attacks are dirt cheap
Deloitte says the cost of committing a cyber attack is so surprisingly low that anyone can afford to be a bad guy. When you picture a cybercriminal organization today, you should be thinking about a group of individuals who run their operations like a business; concerned with profit and loss, looking for ways to execute as inexpensively as possible, while yielding the largest return. But what you don’t necessarily need to have in that vision is an organization with a large cash reserve.
According to Deloitte’s newest report, Black-market ecosystem: Estimating the cost of “Pwnership”, the cost of running a campaign is so low, it’s downright reasonable as a business model for even the smallest cybercriminal business.
Some cyber attack examples from the report ... Read More
September 2, 2024Mark Anthony Germanos
Malware found in Office Depot malware scans...not really
Office Depot and its tech partner tricked customers into buying unneeded tech support services by offering PC scans that gave fake results, according to the Federal Trade Commission. Consumers paid up to $300 each for unnecessary services.
The FTC yesterday announced that Office Depot and its software supplier, Support.com, have agreed to pay a total of $35 million in settlements with the agency. Office Depot agreed to pay $25 million while Support.com will pay the other $10 million. The FTC said it intends to use the money to provide refunds to wronged consumers.
Office Depot caught claiming out-of-box PCs showed “symptoms of malware”
Between 2009 and 2016, Office Depot and OfficeMax offered computer scans inside their stores using a "PC Health Check" ... Read More
September 2, 2024Mark Anthony Germanos
Advanced Persistent Threats and Zero Day Exploits get a lot of press these days. I am reprinting content from the Office for Civil Rights (OCR) in the US Department of Health and Human Services.
Advanced Persistent Threats and Zero Day Exploits
An advanced persistent threat (APT) is a long-term cybersecurity attack that continuously attempts to find and exploit vulnerabilities in a target’s information systems to steal information or disrupt the target’s operations.1 Although individual APT attacks need not be technologically sophisticated, the persistent nature of the attack, as well as the attacker’s ability to change tactics to avoid detection, make APTs a formidable threat.
APTs are a serious threat to any information technology (IT) system, but especially those that are part of the health care field. Healthcare services ... Read More
September 2, 2024Mark Anthony Germanos
Malvertising is the newest attack on your identity.
Yes, you read that right. Internet thieves have a new tool against unsuspecting victims: malvertising. Take the hostility of malware and the persuasiveness of advertising, put them together, and you get malvertising. Our friends at Respond Software created this short video for us:
Wikipedia reports this overview of malvertising.
Websites or web publishers unknowingly incorporate a corrupted or malicious advertisement into their page. Computers can become infected pre-click and post click. It is a misconception that infection only happens when visitors begin clicking on a malvertisement. "Examples of pre-click malware include being embedded in main scripts of the page or drive-by-downloads. Malware can also auto-run, as in the case of auto redirects, where the user is automatically taken to a ... Read More
September 2, 2024Mark Anthony Germanos
Phishing attackers have found a new avenue: bogus job offers
A series of phishing campaigns are targeting companies in various industries with phony job offers using direct messages on LinkedIn, according to researchers at Proofpoint. The attacker initially makes contact by sending an invitation to the target on LinkedIn with a short message regarding job offers.
Within a week after the target accepts the invitation, the attacker will send a follow-up email with either a link or a PDF attachment that contains embedded URLs. These links take the target to a spoofed version of a real staffing service, which forces the download of either a Word document or a JScript loader. This document or loader will result in the installation of a JScript backdoor known as “More_eggs.”
More_eggs ... Read More
September 2, 2024Mark Anthony Germanos