Tag Archive for: Simpler

MOVEit hackers may have found simpler business model beyond ransomware


A notorious cyber extortion gang’s latest plot is fueling concern that ransomware actors may have hit upon a simpler and just-as-lucrative business model than their traditional methods of demanding payment from victims in exchange for the release of their computer systems.

The Russian-speaking hacker group Cl0p confirmed it exploited a zero-day vulnerability in the popular MOVEit file transfer program and stole data from a growing number of victims, exposing the personal information of many millions of people worldwide.

It’s Cl0p’s third and largest hack of file-transfer software, which is designed to securely facilitate an organization’s transmission of sensitive data. More alarmingly, it’s also the third time it has simply demanded payment not to release data rather than demanding a ransom to decrypt a victim’s system.

“It’s sort of a new business model for them,” said Huntress senior researcher John Hammond, who helped find the backdoor zero-day exploit Cl0p used to trick MOVEit’s database to execute the gang’s commands. Hammond said the latest extortion method is easier to implement.

“You don’t need to encrypt the hard drive,” he said. 

Hammond and others warn that we should expect to see additional attacks in the future targeting file-transfer software in particular, as well as other data-rich tools such as document management programs.

“It’s been quite productive,” said Bert Kondruss, founder of cybersecurity firm Kon Briefing. “I’m pretty sure they will concentrate on this.” 

Scouring regulatory filings, public statements and other sources, Kondruss has compiled an unofficial list of 128 victims so far. Hammond, Kondruss and others expect many more. 

Analysts say the bulk of the attacks occurred over the Memorial Day weekend in the United States when staffing was minimal.  

The hacking group began publishing the names of its victims earlier this month after demanding payments from them, including the University of California, Los Angeles, Siemens Energy and three others reported on Monday. Cl0p continues to post updates that claim to detail new victims on a daily basis.

“The company doesn’t care about its customers, it ignored their security!!!” the hackers wrote on their…

Source…

Campaigners offer simpler way to find out if British government spied on you

There’s now an easier way to discover whether the U.K. intelligence services illegally obtained your information from their U.S. colleagues—but you’ll have to tell a U.K. campaign group as well as the U.K. Government Communications Headquarters your details to find out.

Civil rights group Privacy International has launched a website to allow anyone in the world to ask whether GCHQ has illegally spied on them. If you’re curious to find out you can sign up by giving the group your name, email address and, optionally, your phone number, and granting its legal team permission to share the data with GCHQ and the U.K.’s Investigatory Powers Tribunal.

To read this article in full or to leave a comment, please click here

Network World Security

Android Botnet? No, a Much Simpler Flaw in Yahoo! Mail’s App – PC Magazine


AFP

Android Botnet? No, a Much Simpler Flaw in Yahoo! Mail's App
PC Magazine
Lookout has discovered that Yahoo! Mail's Android app- the center of a potential "Android botnet" investigation-doesn't encrypt data in transit, warning hackers could hijack a user's account.
Yahoo Mail bugs may be behind Android 'botnet' spam, says researcherComputerworld
Android botnet claim in disputeCNET
Android Botnet Seen Spewing SpamInformationWeek (blog)
ZDNet (blog) –PCWorld –DailyTech
all 220 news articles »

android botnet – read more