Archive for August 9, 2022

Dramatic Uptick In Threat Activity With Exploits Growing Nearly 150%: Nuspire

Posted in Commentary with tags on August 9, 2022 by itnerd

Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q2 2022 Quarterly Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs).

Nuspire’s data reveals a significant increase in overall threat activity across malware, botnet and exploits. Malware events increased over 25%, botnets doubled over the first quarter and exploit activity grew by nearly 150%, buoyed by the Log4j vulnerability.

Additional notable findings from Nuspire’s Q2 2022 Threat Report include:

  • VBA agent activity, which has been one of the top offenders over the past year in Nuspire’s Quarterly Threat Reports, has significantly decreased as predicted last quarter, due to Microsoft’s announcement of blocking them by default.
  • A substantial increase in botnet activity near the end of Q2, attributed to Torpig Mebroot botnet, which is a banking trojan designed to scrape and collect credit card and payment information from infected devices. Torpig Mebroot is particularly difficult to detect and remove, as it infects the victim machine’s master boot record.
  • Manufacturing is the world’s most attacked industry vertical. Our data shows the LockBit ransomware gang and Dynamite Panda (APT18) as two of the most prevalent threats to the manufacturing industry in the second quarter.  

Learn more about protecting your organization from increasing cyber threats and download Nuspire’s Q2 2022 Quarterly Threat Report. Register here to see the findings tomorrow.

Beware The Darkverse And The Cyber-Physical Threats It Will Enable: Trend Micro

Posted in Commentary with tags on August 9, 2022 by itnerd

 Trend Micro Incorporated, today released a new report warning of a “darkverse” of criminality hidden from law enforcement, which could quickly evolve to fuel a new industry of metaverse-related cybercrime.

The top five metaverse threats outlined in the report are:

  • NFTs will be hit by phishing, ransom, fraud and other attacks, which will be increasingly targeted as they become an important metaverse commodity to regulate ownership.
  • The darkverse will become the go-to place for conducting illegal/criminal activities because it will be difficult to trace, monitor and infiltrate by law enforcement. In fact, it may be years before police catch up.
  • Money laundering using overpriced metaverse real estate and NFTs will provide a new outlet for criminals to clean cash.
  • Social engineering, propaganda and fake news will have a profound impact in a cyber-physical world. Influential narratives will be employed by criminals and state actors targeting vulnerable groups who are sensitive to certain topics.
  • Privacy will be redefined, as metaverse-like space operators will have unprecedented visibility into user actions – essentially when using their worlds, there will be zero privacy as we know it.

As imagined by Trend Micro, the darkverse will resemble a metaverse version of the dark web, enabling threat actors to coordinate and carry out illegal activities with impunity. 

Underground marketplaces operating in the darkverse would be impossible for police to infiltrate without the correct authentication tokens. Because users can only access a darkverse world if they’re inside a designated physical location, there’s an additional level of protection for closed criminal communities.

This could provide a haven for multiple threats to flourish—from financial fraud and e-commerce scams to NFT theft, ransomware and more. The cyber-physical nature of the metaverse will also open new doors to threat actors.

Cybercriminals might look to compromise the “digital twin” spaces run by critical infrastructure operators, for sabotage or extortion of industrial systems. Or they could deploy malware to metaverse users’ full body actuator suits to cause physical harm. Assault of avatars has already been reported on several occasions. 

Although a fully-fledged metaverse is still some years away, metaverse-like spaces will be commonplace much sooner. Trend Micro’s report seeks to start an urgent dialog about what cyber threats to expect and how they could be mitigated.

Questions to start asking include:

  • How will we moderate user activity and speech in the metaverse? And who will be responsible?
  • How will copyright infringements be policed and enforced?
  • How will users know whether they’re interacting with a real person or a bot? Will there be a Turing Test to validate AI/humans?
  • Is there a way to safeguard privacy by preventing the metaverse from becoming dominated by a few large tech companies?
  • How can law enforcement overcome the high costs of intercepting metaverse crimes at scale, and solve issues around jurisdiction?

To read a full copy of the report, Metaverse or MetaWorse? Cyber Security Threats Against the Internet of Experiences, please visit: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/metaworse-the-trouble-with-the-metaverse.

Guest Post: Over 80% Of Malware Attacks Target Education Sector As Back-To-School Season Nears

Posted in Commentary with tags on August 9, 2022 by itnerd

With the school season approaching, parents hurry to get their children supplies while students enjoy their last days of summer. 

However, barely anyone realizes that enterprises in the education sector are currently under a barrage of malware attacks. Data presented by Atlas VPN reveals that the education industry has been the primary target for cyberattacks in the last 30 days. 

Over 80% of malware attacks globally were aimed at companies in the education sector, totaling 5.13 million attacks for the period, which comes out to an average of 171 thousand attacks daily.  

The data for the analysis was extracted via Microsoft’s Security Intelligence platform. 

One of the reasons why the education industry became the main target is the shift towards digitalization. The pandemic forced e-institutions to employ technologies that enable students to complete the curricula and exams. 

In turn, a lot of new companies sprang up as they saw the opportunity in the market.

However, video conferencing programs, e-learning software, and other digital tools expanded the cyberattack surface exponentially. 

It is worth noting that the aforementioned attacks are directed toward enterprises, not institutions. In other words, the data provided shows the number of attacks on businesses in the educational sector, not on schools, colleges, and universities.

To read the full article, head over to: https://atlasvpn.com/blog/over-80-of-malware-attacks-target-education-sector-as-back-to-school-season-nears

#Fail : Slack Exposes Hashed Passwords

Posted in Commentary with tags on August 9, 2022 by itnerd

If you’re a Slack user, you might have received a request to change your password in the last day or two. I’m here to tell you that this email isn’t a phishing attempt. It’s actually real and you should pay attention to it.

Here’s why.

Slack has admitted to accidentally exposing the hashed passwords of at least 50,000 users, roughly .5% of total Slack users. The workspace application began sending password reset links to affected users last week. While the passwords were not in plaintext and were not visible to any Slack clients, it appears that this issue has been going since 2017.

#Fail.

Sharon Nachshony, Security Researcher, Silverfort had this to say:

     “Hashes of salted passwords being leaked is not as dangerous as exposing them in plain-text, as an attacker would have to use brute-force methods – essentially automating a script to guess passwords – which takes some time.

While this makes exploitation less likely, a threat actor may still be motivated to do this because Slack is used by so many companies. Incidents like these are once again a clear argument for users to enable MFA. If implemented correctly, this would alert the legitimate user to any authentication attempt on their behalf, denying any malicious access attempt.”

MFA (Multi Factor Authentication) or even the new hot technology which is passwordless authentication is the way to go to reduce your attack surface. Companies should look at technologies like these to avoid being pwned because of a password exploit.

Wise Deepens Roots In Canada With New INTERAC e-Transfer Request Money Feature

Posted in Commentary with tags on August 9, 2022 by itnerd

 Wise (LSE: Wise), the global technology company building the best way to move money around the world, today introduced the INTERAC e-Transfer Request Money feature, a new, more convenient way Canadians can move money into their Wise accounts. In collaboration with Peoples Payment Solutions, part of People’s Group, Wise customers can securely move Canadian Dollars between Wise and other financial institutions in Canada using their email address or mobile number with money typically available within 30 minutes.

As Canadians continue to seek out faster and more convenient payment options, Wise will continue to deepen its offering and build new features that meet the local needs of consumers and businesses in Canada. 

In fact, Wise has already launched several offerings tailored to Canadians, including the following:

  • Launched the Wise card: In November, Canadians were introduced to the Wise card. A card that is up to 4x cheaper than banks for spending abroad, giving consumers and businesses the ability to spend in USD and foreign currencies without foreign transaction fees and the usual bad exchange rates that banks may charge.
  • Introduced Auto Conversions: In March, Canadians were introduced to a new way to save on a more favourable exchange rate through Auto Conversions. Set your desired exchange rate and Wise will convert your money for you when your desired rate is met in the market.
  • Enabled INTERAC e-Transfer Payouts: As part of Wise’s commitment to meeting the local needs of Canadians, Wise has already allowed customers who receive money into their Wise account to move funds out of Wise to another Canadian account using INTERAC.

To learn more about Wise and its universal account visit https://wise.com/ca.

Guest Post: Beware of Back-to-School Shopping Scams

Posted in Commentary with tags on August 9, 2022 by itnerd

By Hank Schless, Senior Manager of Security Solutions at Lookout

Technology has transformed the hustle and bustle of back-to-school season. According to a recent survey, 35% of school shopping is done online and 65% of those purchases are done from a smartphone. But what is convenient for some is also an opportunity for scammers to exploit consumers during a very busy time of year. The Better Business Bureau has issued a warning about back-to-school shoppers being targeted by online scams. 

In honor of National Back to School Prep Day on Monday, August 15, Lookout, the leader in delivering integrated Security, Privacy, and Identity Theft Protection solutions, has provided immediate steps consumers can take to ensure a safe online shopping experience. 

  • Stop Before You Click
    If you are not certain that a message is from a legitimate source, avoid clicking on links or attachments in emails, on websites, or on social media. Beware of deals that seem too good to be true. 
  • Only Use Unique & Strong Passwords 
    Immediately update any old passwords that have been compromised online. Enable two-factor authentication. 
  • Install Security Software On Your Devices
    Security protection, like Lookout, will automatically monitor and identify scam URLs in email, text messages, and on the web and block you from threats that can do harm.