by CIRT Team
More Than 120,000 Internet Connected Cameras Can Be Easily Hacked [vice]
The researcher found that two cameras from Chinese gadget maker Shenzhen Neo Electronic have vulnerabilities that allow hackers to remotely access their video stream, or take full control of the cameras, opening up the possibility that someone could amass an an Internet of Things botnet of around 150,000 devices. Alex Balan, a researcher at security firm Bitdefender who found the flaw, told Motherboard that he...
Read More
by CIRT Team
New Version of “Trickbot” Adds Worm Propagation Module [flashpoint-intel]
On July 27, 2017, in coordination with Luciano Martins, Director of Cyber Risk Services at Deloitte, Flashpoint observed a new version – “1000029” – of the formidable “Trickbot” banking Trojan with a new “worm64Dll” module, spread via the email spam vector, impersonating invoices from a large international financial institution.
by CIRT Team
Phishers’ techniques and behaviours, and what to do if you’ve been phished [helpnetsecurity]
Once a user has been phished, how long does it take for the phishers to misuse the stolen credentials? To discover the answer to that question and many others, Imperva researchers went undercover by creating 90 personal online accounts, including email and file sharing accounts with Google and Dropbox. Once the so-called honey pot accounts were active, the researchers deployed techniques to lure in the...
Read More
by CIRT Team
Don’t want your SMSs stolen? Don’t download these Android apps [nakedsecurity]
It’s normal for Android apps to download plugins. The main application might just be a “view folder” while plugins provide much of the functionality. It’s not so normal when one of those plugins tries to steal your SMS messages.
by CIRT Team
CowerSnail, from the creators of SambaCry [securelist]
Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. It was the common C&C server that both programs used – cl.ezreal.space:20480 – that suggested a relationship between them. Kaspersky Lab products detect the new malicious program as Backdoor.Win32.CowerSnail.
by CIRT Team
HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign [fireeye]
A wide variety of threat actors began distributing HawkEye malware through high-volume email campaigns after it became available for purchase via a public-facing website. The actors behind the phishing campaigns typically used email themes based on current events and media reports that would pique user interests, with the “Subject” line typically containing something about recent news. Although HawkEye malware has several different capabilities, it is...
Read More
by CIRT Team
Google Groups misconfiguration leads to sensitive data leaks [helpnetsecurity]
If your employees are using Google Groups to discuss issues and ideas, you might want to check whether the sharing setting for these groups is set to “Private”. According to RedLock researchers, many companies fail to do so, most probably by accident, and end up exposing messages containing sensitive information on the internet.
by CIRT Team
Real News, Fake Flash: Mac OS X Users Targeted [volexity]
Volexity recently identified a breach to the website of a well regarded media outlet in the country of Georgia. As part of this breach, the media organization’s website was being leveraged as a component of a malware campaign targeting select visitors who view it website in Georgian. The targets were then further narrowed to those that were running the Mac OS X operating system, had...
Read More
by CIRT Team
“Tick” Group Continues Attacks [paloaltonetworks]
The “Tick” group has conducted cyber espionage attacks against organizations in the Republic of Korea and Japan for several years. The group focuses on companies that have intellectual property or sensitive information like those in the Defense and High-Tech industries. The group is known to use custom malware called Daserf, but also employs multiple commodity and custom tools, exploit vulnerabilities, and use social engineering techniques.
by CIRT Team
Beware: New Bank of America Phishing Scam Stealing Card Data [hackread]
Cyber criminals are sending emails to unsuspecting users pretending to be representatives of the Bank of America. In the email, the sender is informing users that for their security, the bank has put limits on their account and the only way to get rid of limits is to confirm that they own the account. Whoever has sent the email has a terrible grammar, but it’s...
Read More
