Tag Archive for: hacker

Why Hacker Tactics Are Shifting To Cookie Theft: Expert


As more organizations adopt multifactor authentication, theft of browser cookies is becoming a go-to method for attackers to bypass the security measure, says Sophos Global Field CTO Chester Wisniewski.


As more organizations adopt multifactor authentication (MFA), the theft of web browser cookies is turning into a go-to method for attackers seeking to subvert the security measure, according to a top security researcher.

To combat the massive risk posed by stolen or compromised passwords, MFA—which requires a second form of authentication beyond username and password—has long been considered harder to defeat than password-only logins and is an essential part of cyberdefense.

[Related: 10 Major Cyberattacks And Data Breaches In 2023]

Organizations have gotten the message, and MFA is now increasingly commonplace even among small and midsize businesses. But because browser cookies are sometimes configured to allow logging in without triggering an MFA challenge, theft of the web session data is proving to be an ideal workaround for attackers, said Sophos Global Field CTO Chester Wisniewski.

“More and more small businesses are adopting good security practices, like multifactor [authentication],” Wisniewski told CRN. “But if I can get onto one computer and steal those cookies, I don’t need to worry about multifactor anymore. I can just bypass the authentication entirely.”

Ultimately, “the cookie is the universal key that unlocks everything,” he said.

The growth of this tactic among threat actors is underscored by findings from the recently released 2024 Sophos Threat Report, including the discovery that nearly all attacks tracked in the report—90 percent—included the use of infostealer malware. The percentage of attacks involving infostealers had not been tracked in previous years since it was seen as a significantly smaller concern, Wisniewski said.

And while the tools can be used to steal passwords, attackers are frequently using the malware to obtain browser cookies, he said. “I think…

Source…

Apex Legends hacker said he hacked tournament games ‘for fun’


On Sunday, the world of video games was shaken by a hacking and cheating scandal.

During a competitive esports tournament of Apex Legends, a free-to-play shooter video game played by hundreds of thousands of players daily, hackers appeared to insert cheats into the games of two well-known streamers — effectively hacking the players midgame.

“Wait, what the fuck? I’m getting hacked, I’m getting hacked bro, I’m getting hacked,” said one of the players allegedly compromised during a live stream of the gameplay.

The incidents forced the organizers of the Apex Legends Global Series tournament, which has a $5 million total prize pool, to postpone the event indefinitely “due to the competitive integrity of this series being compromised.”

As the midgame hacks were underway, the game’s chatbot displayed messages on-screen that appeared to come from the hackers: “Apex hacking global series, by Destroyer2009 &R4andom,” the messages read.

In an interview with TechCrunch, the hacker Destroyer2009 took credit for the hacks, saying that he did it “just for fun,” and with the goal of forcing the Apex Legends’ developers to fix the vulnerability he exploited.

The hacks sent the Apex Legends community into a frenzy, with countless streamers reacting to the incidents, and some players suggesting Apex Legends is not safe to play, because every player could be at risk of getting hacked not only in-game, but potentially having their computers hacked, too.

Destroyer2009 declined to provide details of how he allegedly pulled off hacking the two players midgame, or what specific vulnerabilities he exploited.

“I really don’t want to go into the details until everything is fully patched and everything goes back to normal,” the hacker said. The only thing Destroyer2009 said regarding the technique he used was that the vulnerability “has nothing to do with the server and I’ve never touched anything outside of the Apex process,” and that he did not hack the two players’ computers directly.

The hacks “never went outside of the game,” he said.

Destroyer2009 said he did not report the vulnerability to Respawn, the video game developer that makes Apex Legends,…

Source…

How to Think Like a Hacker — and Defend Your Data


How do hackers hack?

What tools and techniques are commonly used against organizations to gain unauthorized access into systems?

Where can we learn about the mindset of hackers and how to best protect our personal and professional data?


How can you disrupt (or stop) your information from being stolen?

WHO IS MISHAAL KHAN?

A few weeks back, I was in Las Vegas for the World Game Protection Conference as an invited keynote speaker covering ransomware stories. The presentation immediately prior to mine on the main stage was given by Mishaal Khan, who gave an entertaining keynote that demonstrated how hackers “do their thing” — often with information that is openly available to everyone online.

Not only did I enjoy and learn from Khan’s presentation, I had several follow-up conversations with him regarding cybersecurity, hacking, industry trends and much more. I was impressed with his passion, expertise and role as a vCISO and cybersecurity practice lead, in addition to his hacking roles. Mishaal is also an advocate for better online privacy, and he offers tips to audiences on how to protect your data.

You can learn more about Khan at his website bio. He’s co-author of The Phantom CISO, and he leans into the “hacker with a hoody” persona — which many in the cybersecurity industry shy away from. He also offers many presentations, podcasts and other online cyber resources at his website.

mishaal.jpg

Dan Lohrmann (DL):  Have you always wanted to be a hacker? When did you discover that you “think like a hacker”?

Mishaal Khan (MK): Ever since my middle school days, I’ve been immersed in a world of gadgets and computer parts, all thanks to my dad’s computer repair shop. Surrounded by the hum of computer fans, I couldn’t help but be drawn into the intricate workings of computers. As my understanding…

Source…

New Malware, Hacker Recruitment, and Global Threats Unveiled


Welcome to this week’s edition of the Cyber Security News Recap, diving into the forefront of cybersecurity advancements and the latest global threats. Our mission is to arm you with the knowledge needed to safeguard your digital landscape. From the recruitment of pentesters by a notorious hacker group to the discovery of innovative malware exploiting telecommunications protocols, we’ve got you covered.

Emerging Threats and Advanced Malware

One of the most concerning developments is the discovery of GTPDOOR, a Linux malware exploiting the GPRS protocol for stealthy command and control (C2) communication. Originating from the LightBasin hacker collective, this malware poses a significant threat to telecommunications networks, allowing attackers to spy on infected devices and exfiltrate sensitive data. Alongside, the Lazarus group’s exploitation of a Windows Kernel 0-day vulnerability in the wild demonstrates the increasing sophistication of cyber-attacks. Additionally, the startling revelation that millions of GitHub repositories have been infected with malicious code underscores the widespread vulnerability of open-source platforms.

Innovations in Cybersecurity Tools and Techniques

Amidst the alarming news, the cybersecurity community continues to innovate. The release of HackerGPT 2.0, a ChatGPT-powered AI tool for ethical hackers, marks a significant advancement in leveraging artificial intelligence for cybersecurity defense. Similarly, the deployment of the Stellar Cyber Open XDR platform by RSM US aims to enhance the security posture of clients by providing comprehensive threat detection and response capabilities. The publication of the NIST Cybersecurity Framework 2.0 offers updated guidelines for improving cybersecurity practices across industries.

Global Responses and Preventative Measures

On the global stage, the Five Eyes agencies’ exposure of Russian APT29 cloud attack tactics highlights the ongoing cyber espionage activities and the need for increased international cooperation in cybersecurity. Furthermore, the FBI and CISA’s warning about the ALPHV Blackcat ransomware targeting hospitals underscores the…

Source…