Tag: notice | SpinSafe

New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice

March 27, 2024/in Computer Security

Mar 27, 2024NewsroomVulnerability / Cybercrime

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla.

Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment.

The archive (“Bank Handlowy w Warszawie – dowód wpłaty_pdf.tar.gz”) conceals a malicious loader that activates the procedure to deploy Agent Tesla on the compromised host.

“This loader then used obfuscation to evade detection and leveraged polymorphic behavior with complex decryption methods,” security researcher Bernard Bautista said in a Tuesday analysis.

“The loader also exhibited the capability to bypass antivirus defenses and retrieved its payload using specific URLs and user agents leveraging proxies to further obfuscate traffic.”

The tactic of embedding malware within seemingly benign files is a tactic that has been repeatedly employed by threat actors to trick unsuspecting victims into triggering the infection sequence.

The loader used in the attack is written in .NET, with Trustwave discovering two distinct variants that each make use of a different decryption routine to access its configuration and ultimately retrieve the XOR-encoded Agent Tesla payload from a remote server.

In an effort to evade detection, the loader is also designed to bypass the Windows Antimalware Scan Interface (AMSI), which offers the ability for security software to scan files, memory, and other data for threats.

It achieves this by “patching the AmsiScanBuffer function to evade malware scanning of in-memory content,” Bautista explained.

The last phase involves decoding and executing Agent Tesla in memory, allowing the threat actors to stealthily exfiltrate sensitive data via SMTP using a compromised email account associated with a legitimate security system supplier in Turkey (“merve@temikan[.]com[.]tr”).

The approach, Trustwave said, not only does not raise any red flags, but also affords a layer of anonymity that makes it harder to trace the attack back to the adversary, not to mention save…

Source…

iPhone Hacking: Notice sent to Apple, CERT-In has started probe: IT Secretary on hacking attempt threat notification row

November 3, 2023/in Computer Security

iPhone Hacking: The government’s cybersecurity agency CERT-In has started its investigation into the issue of the Apple threat notification received by several opposition MPs, and a notice has been sent to the company, IT Secretary S Krishnan said on Thursday.

The move assumes significance as the Minister of State for Electronics and IT Rajeev Chandrasekhar had earlier this week said that the government wants Apple to clarify if its devices are secure and why ‘threat notifications’ were sent to people in over 150 countries, given the company’s repeated claims about its products being designed for privacy.

The government will investigate the threat notifications and also Apple’s claims of being secure and privacy-compliant devices, Chandrasekhar had penned in a post on X (formerly Twitter) on Tuesday, after several opposition leaders claimed ‘state-sponsored’ attack notification were sent to them from Apple and the government ordered a probe.

IT Minister Ashwini Vaishnaw has categorically rejected the opposition’s attack on the government, saying “compulsive critics” were indulging in the politics of “distraction”, as they could not tolerate the country’s progress under the PM’s Narendra Modi leadership.
On Thursday, S Krishnan, Secretary, IT Ministry confirmed that notice has been sent to Apple.

“CERT-In has started its probe… They (Apple) will cooperate in this probe,” Krishnan told reporters on the sidelines of an event related to the Meity-NSF research collaboration.

Indian Computer Emergency Response Team or CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.

Asked if a notice has been sent to Apple, the IT Secretary answered in the affirmative. Apple did not reply to an email by PTI seeking comments on the notice.

Several opposition leaders on Tuesday claimed they have received an alert from Apple warning them of “state-sponsored attackers trying to remotely compromise” their iPhones and alleged hacking by the government.

Those who received such notifications included Congress chief Mallikarjun Kharge, party leaders Shashi Tharoor, Pawan Khera, K C Venugopal, Supriya Shrinate, T S Singhdeo and Bhupinder S Hooda; Trinamool…

Source…

Merced College Provides Notice of Data Breach to Students Following Malware Attack | Console and Associates, P.C.

March 14, 2023/in Computer Security

On March 9, 2023, Merced College (“MCCD”) filed a notice of data breach with the Attorney General of California after learning that a malware attack resulted in confidential student information being exposed to an unauthorized party. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses and other Personally Identifying Information (“PII”). After confirming that consumer data was leaked, Merced College began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

If you received a data breach notification from Merced College, it is essential you understand what is at risk and what you can do about it. As we’ve previously reported, hackers have shown an increased interest in targeting schools, colleges and universities; however, these institutions have been slow to adjust to the increased threat. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Merced College data breach, please see our recent piece on the topic here.

What We Know So Far About the MCCD Data Breach

The available information regarding the Merced College breach comes from the company’s filing with the Attorney General of California. According to this source, on November 3, 2022, MCDD noticed that some of the organization’s computer systems had been encrypted. Further investigation revealed that the devices were encrypted as a result of a malware attack. In response, MCCD launched an investigation into the incident to determine what, if any, student and faculty information was leaked as a result.

The Merced College investigation confirmed that an unauthorized party had gained access to the school’s IT network between October 25, 2022 and November 3, 2022. It was also determined that some of the files that were accessible to the unauthorized party contained confidential information belonging to certain students and faculty members.

Upon discovering that sensitive consumer data was made available to an unauthorized party, Merced College began to review the…

Source…

Byrne Notice presented by Mercedes-Benz

September 13, 2022/in Mobile Security

Bryant-Denny Stadium 360-Degree Security Perimeter and Concourse

As we head into our second home football game of the season, a reminder that Bryant-Denny Stadium has a 360-degree security perimeter, which includes six public security checkpoints located around the stadium. To simplify stadium entry, guests are encouraged to queue at the first security checkpoint they arrive to as they approach the stadium.

Once inside the security perimeter, head over to the gate indicated on your ticket as your ticket will only scan at the gate(s) listed. On Android devices, you will need to click the “Details” button on your digital ticket and scroll down to view your assigned gate.

Also, keep in mind that concessions on the south side of Bryant-Denny are now accessible to all fans. We are adding several drink and snack portables on the 100 and 800 level concourses on the east side as well to help alleviate some of the lines at the concession stands that were encountered last game.

No. 18 Soccer Hosts No. 4 South Carolina, Chattanooga this Week

We’ve got a big week on the pitch as our nationally-ranked soccer team hosts No. 4 South Carolina on Thursday at 6 p.m. in the Southeastern Conference opener. The Tide will then step out of SEC action on Sunday for its match against Chattanooga, which is also slated to begin at 6 p.m. Admission to soccer is free, so help us pack the stands and create an incredible home-field advantage for our team!

Men’s Golf Wins Rod Myers Invitational Championship

Congratulations to our men’s golf team for winning its first team championship of the season at the Rod Myers Invitational. Canon Claycomb also claimed medalist honors to help lead the team to victory at the two-day event. Celebratory milkshakes all around!

Six Schedules Announced

More opportunities to mark your calendars as we’ve had six more of our sports schedules announced recently including men’s basketball, women’s basketball, gymnastics (home schedule), men’s and women’s tennis and rowing.

The complete men’s basketball schedule was announced today, which includes 18 SEC games and nonconference matchups with the likes of Gonzaga, Michigan State, Houston, Oklahoma and Memphis.

The

Source…

Tag Archive for: notice

What We Know So Far About the MCCD Data Breach