Last week I told you about bug fixes announced by Android as part of its May security bulletin. Well, over the weekend Samsung began releasing fixes for 27 vulnerabilities. Twenty-one of those are labeled as high severity. Handsets affected are the S9, Note 8 and S8 phones. Make sure you get them installed. Those of […]
Last week I told you about bug fixes announced by Android as part of its May security bulletin. Well, over the weekend Samsung began releasing fixes for 27 vulnerabilities.
Twenty-one of those are labeled as high severity. Handsets affected are the S9, Note 8 and S8 phones. Make sure you get them installed.
Those of you who use the desktop version of the Signal Messaging App should apply the latest patch. It fixes a bug in the Windows and Linux versions that could allow an attacker to get at messages.
Meanwhile, a security researcher warns of a potential problem with the macOS version. Apparently it doesn’t totally delete messages.
According to a new report from cloud security vendor RedLock, there’s good news-bad news on the cyber security front. The good news is more organizations are implementing best practices to avert cloud account compromises.
Ransomware: This is what it looks like
Family Planning NSW has written to clients revealing that a “cyber-attack” on its website may have compromised a number of its online databases.
“These databases contained information from clients who had contacted Family Planning NSW through our website in the past two-and-a-half years, seeking appointments or leaving feedback,” said an email signed by Sue Carrick, chair of the organisation’s board, and CEO Ann Brassil.
Journalist Lauren Ingram posted the contents of the letter on Twitter.
Health service providers accounted for almost a quarter of the breaches reported in the first six weeks of operation of the government’s Notifiable Data Breach (NDB) scheme, which began on 22 February.
The Office of the Australian Information Commissioner in April issued its first report on the scheme, which revealed it had received 63 reports of data breaches. Health service providers accounted for 24 per cent of the notifications received by the OAIC.
Yep, I have to say, really not good. Who is securing these sites?
Late last week, the team over at WineHQ announced the release of version 3.8, containing bug fixes alongside a few feature enhancements.
Masquerading as a systemd package, it has been revealed that malware is hiding in plain sight over at the Ubuntu Snap Store. Know your sources and always be cautious when installing third party application. This is true, regardless of the operating system.
Linux kernel 4.17 release candidate 5 has officially landed. It is mostly packed with driver updates.
Here is a bit of good news for Android users: presented at Google I/O 2018, Google may start forcing hardware manufacturers to push security updates on a more regular basis.
Attention PGP and S/MIME users: new vulnerabilities revealed which require immediate updates. Those who are immediately affected are the ones relying on such decryption tools for e-mail communication.
To Phish or not to Phish?
Ahh, ok, if you are considering that title with anything other than peaked amusement, you are on the wrong site.
Most of us in the security community are well enough aware of what Phishing and Spear Phishing are, but for you newbies out there who are wondering if this is related to your Padi Scuba Diving certifications – we can assure you that it’s not.
Wikipedia defines Phishing in the following manner.
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim.
And defines the even more insidious Spear Phishing like this.
Phishing attempts directed at specific individuals or companies have been termed spear phishing. Attackers may gather personal information about their target to increase their probability of success. This technique is by far the most successful on the Internet today, accounting for 91% of attacks.
Threat Group-4127 used spear phishing tactics to target email accounts linked to Hillary Clinton‘s 2016 presidential campaign. They attacked more than 1,800 Google accounts and implemented accounts-google.com domain to threaten targeted users.
So, we are some 10 years into the time period of Phishing and apparently, its still alive and kicking.
Today, some service pretending to be linkedIn set me this email below. Don’t worry, its just an image of the email.
So, how does this work?
These type of emails are set up to get users to click and go somewhere.
That somewhere, might be a fake site, set up to attempt to get the user to login as if they were logging into the real service. It takes all of 180 seconds or less to use specific linux tools to grab an entire site from wherever. No, no help from me, if you don’t already know what the tools are, we aren’t telling here.
This fake site might not only try to entice the user to give up their username/password, but if it finds that the user is using a browser that is susceptible to certain kinds of attacks, that user may find that they have inadvertantly downloaded something that they should not have.
Further, the hacker may also decide to passively monetize the visit by using either Google Adsense on the site or running a browser based monero crypto-coin application which won’t directly hurt the user – but it will steal cpu cycles in order to decrypt monero.
The primary reason that this attempt is so successful is because it uses multiple attack vectors.
If you click over to the site, figure out that you don’t want to login, the browser based Monero program is already stealing your CPU cycles and enriching the hackers. If 100,000 people visit in a week and 95,000 click off almost immediately, this still leaves 5,000 computers working on the block-chain problem. Of those 5000, most will click off within an hour, but 500 users may have 10 or more browser tab windows open and if they leave to look at something else, its quite possible that their computer may end up working on blockchain problems for several weeks or more.
The block-chain work was not the primary reason that the hackers set up this system, but it sure is handy for making some money in the background.
The real reason is that the hackers are primarily looking either directly for credit card information or indirectly trying to piece together a profile on you that might allow them to figure out what other sites you go to and eventually crack your entry to a site that can either directly or indirectly help them to profit.
If you don’t quite understand this last paragraph, don’t hold your breath, because we are not going to go into any more detail that might give amateur script kiddie persons more information than they really need to know.
Another example of Phishing – this one also from our friends at Wikipedia