Tag: Corporations

Businesses turn on ‘alert’ after ransomware attacks corporations

April 5, 2024/in Internet Security

ransomware khanhlinh.jpg — *Illustrative photo (Photo: Khanh Linh)*

Just eight days after a ransomware attack of the VnDirect Securities’ database was discovered, Vietnam’s cyberspace on April 2 recognized another intentional ransomware attack targeting PVOIL, a petroleum distributor, which caused the disruption of the entire information system of the enterprise.

Agencies in charge of network safety and security, with the main force being A05 under the Ministry of Public Security and the Authority of Information Security (AIS) under the Ministry of Information and Communications (MIC), have been helping the two businesses to handle the problems.

Experts believe that the attackers only targeted the two businesses, and more businesses may become their next victims.

AIS in recent days has found an increase in the number of ransomware attacks targeting businesses and organizations in Vietnam. The two attacks above have raised worries about a new ransomware campaign.

Talking to VietNamNet right after PVOIL confirmed the attack, Ngo Quoc Vinh, deputy CEO of VNCS Global, said Vietnam’s cyberspace has been seeing many ransomware attacks recently, but it’s too early to conclude that there is an intentional attack campaign targeting Vietnam.

According to Vinh, one of the reasons Vietnam is among the countries sustaining many ‘Prior Compromised’ attacks is the habit of Vietnamese who use unlicensed software provided on the internet for free.

The use of pirated software allows hackers to easily install malware inside many systems for a long time.

In general, ransomware attacks don’t begin right after hackers install malware in information systems. Hackers carry out undercover activities for a certain time before they conduct attack at the suitable moment — for example, when they are sure that the attacks will have the biggest impact and bring the highest financial benefits.

In many cases, attacks are tailored based on the characteristics of targeted enterprises’ business activities. “Hackers conduct multi-directional execution, weaponized by AI to help increase the success rate,” he said.

Commenting about the attack method used in VnDirect and PVOIL cases, Vu Ngoc Son, CTO of NCS, said the…

Source…

China Cyberattacked US Corporations Front Lines Taiwan Microsoft Guam

May 29, 2023/in Internet Security

Homeland Security’s Cybersecurity and Infrastructure Security Agency, speaks at the National Association of Secretaries of State winter meeting, Thursday, Feb. 16, 2023, in Washington. (AP Photo/Patrick Semansky)

This week, news broke that China cyberattacked the US homeland. The attackers breached critical infrastructure in Guam, an often-forgotten US territory critical to US defense and power projection. The sophisticated attack infiltrated computer networks used for both civilian and military purposes. MicrosoftMSFT assessed with “moderate confidence” that the attackers are laying the groundwork for cyber capabilities that could threaten communications infrastructure in the future. The cyberattack is a serious event that presages a cruel reality of any future conflict with China—civilians are on the front lines, and corporations will need to defend them.

The cyberattack was revealed by Microsoft and the intelligence-sharing group known as the Five Eyes: the United States, United Kingdom, New Zealand, Australia, and Canada. Microsoft and agencies from each of the Five Eyes countries attributed the attack to a China-sponsored group called Volt Typhoon, which has targeted infrastructure organizations in Guam and the US since mid-2021. Volt Typhoon is capable of infiltrating corporate systems and stealing user credentials while avoiding detection for as long as possible. Microsoft directly notified customers who were targeted or compromised and provided necessary information to secure their businesses. China has denied the attack, calling it a “sophisticated disinformation campaign” by the Five Eyes.

Los Angeles-class fast attack submarine USS Oklahoma City (SSN 723) returns to U.S. Naval Base in Guam, Aug. 19, 2021. The powerful Pacific typhoon Mawar that lashed of Guam on Thursday, May 25, 2023, with damaging high winds, heavy rains and a dangerous storm surge arrived as the worst storm in decades, interrupting life for residents and the U.S. military on a tropical island that is the easternmost of the nation’s territories. (Mass Communication Specialist 3rd Class Naomi Johnson/U.S. Navy via AP, File)

Public…

Source…

Hackers Start Selling Data Center Logins for Some of World’s Largest Corporations

February 20, 2023/in Computer Security

Reuters

Putin set for major Ukraine war speech after Biden walks streets of Kyiv

Russian President Vladimir Putin was due to make a speech on Tuesday setting out aims for the second year of his invasion of Ukraine, a day after U.S. President Joe Biden walked central Kyiv promising to stand with Ukraine as long as it takes. Following his surprise visit to Kyiv, Biden flew to Poland and on Tuesday will give a speech on how the United States has helped rally the world to support Ukraine and stress American support for NATO’s eastern flank. Biden, in his trademark aviator sunglasses, and President Volodymyr Zelenskiy, in green battle fatigues, walked side-by-side to a gold-domed cathedral in Kyiv on a bright winter Monday morning pierced by the sound of air raid sirens.

Source…

The teenage hackers paid millions to expose corporations’ weak spots

May 2, 2022/in Computer Security

The 19-year-old sat at his desk, eyes hooked on the screen. Displayed on it was a corporate-looking website. At a casual glance it was just another nondescript web page, perhaps a little sparser than the colourful social media platforms he might be expected to browse.

But the American teenager had in fact gained access to the TAT-14 submarine telecommunications cable system. In operation until December 2020, the vital global commerce conduit stretched for more than 9,500 miles between France, Germany, Denmark, the Netherlands, Britain and the US.

“I came across this one web server. And the title was super interesting. So I wanted to see if I could hack it,” says Corben Leo.

His method was shockingly simple: Leo navigated to a very specific web address and refreshed the page twice. Thanks to a hitherto undetected flaw, the website treated his computer as if he had logged in with an administrator account.

It gave him the same level of control as the owners of TAT-14, resting his fingers on the artery of transatlantic trade in March 2019. And nobody knew he was there.

Leo’s hack is just one among a global community of bug bounty researchers: ethical hackers who investigate companies’ web servers for security flaws – bugs – and then reveal their findings to the owners, usually in return for payment.

“I could add admin access to all of their accounts. I could manage them, I had access to all of the internal cable documentation,” says Leo. “Everything that had to do with the inner workings of the cable, how the cable was physically structured, their maintenance periods.”

Not yet old enough to even buy a beer at the time, he could have triggered stock market crashes, disrupted governments or sparked accusations of international espionage.

Instead, he says, “I reported it to the telecommunication company as part of their security programme.

“I didn’t try to do too much because it was an undersea cable. I was fearful of getting thrown at a CIA black site!”

A lucrative pastime

For the most highly skilled hackers, bug bounties can be a lucrative pastime. Leo, now aged 22, claims he has earned “close to a million dollars” from his research efforts. As a…

Source…

Tag Archive for: Corporations

Putin set for major Ukraine war speech after Biden walks streets of Kyiv

A lucrative pastime