Guest Post: Russia And China-Sponsored Hackers Threaten The World With Cyberattacks

Posted in Commentary with tags on August 10, 2022 by itnerd

State-sponsored cyberattacks are carried out to espionage secret government data, disrupt services or identify and exploit national infrastructure vulnerabilities. According to the data collected by the Atlas VPN team, Russia and China sponsored over 50 cyberattacks in 2022, with Ukraine being the most targeted country.

Russian-backed hackers carried out 27 cyberattacks in 2022. The attacks mainly targeted Ukraine due to the war started by Russia. Ukrainian government websites, organizations, and broadcasting companies suffered a total of 23 espionage, data destruction, or denial of service attacks.

China has sponsored 24 cyberattacks this year so far. State-backed hackers attacked the United States, Indian and Taiwanese governments and organizations. With the growing tensions between China, Taiwan, and the US, such cyberattacks could happen even more often in the year’s second half.

North Korea-sponsored hackers engaged in 9 cyberattacks. Their main targets were the US and South Korea. Iran sponsored 8 cyberattacks in 2022. Most of their attacks were against countries in the Middle East or the US.

Besides Ukraine as the most attacked country, the US was the second most targeted with 10 attacks. Russia and India followed next, as both suffered 7 state-sponsored cyberattacks.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on state-sponsored cyberattacks:

“As geopolitical tensions rise, so does the possibility of state-sponsored cyberattacks. It is hardly a surprise that mainly China and Russia are responsible for many of the threats that governments and businesses face. Their hackers are well-funded and persistent, which makes them capable of extremely damaging cyberattacks.”

Government espionage

Cyberattacks carried out with the support of governments are typically well-resourced and highly sophisticated, allowing them to inflict tremendous harm on their victims.

State-sponsored hackers carried out 44 cyberattacks against government entities in 2022. Some hackers use malware, which destroys sensitive government information, causing unrepairable damages.

The private sector suffered from 37 state-sponsored cyberattacks. Hackers targeted civil society in 29 state-sponsored cyberattacks. Civil society refers to activists, journalists, and politicians from the opposition party. State-sponsored threat actors carried out 6 cyberattacks on military officials.

Espionage on government, private sector, civil society, and military accounted for 66 cyberattacks.

To read the full article, head over to: https://atlasvpn.com/blog/russia-and-china-sponsored-hackers-threaten-the-world-with-cyberattacks

Dramatic Uptick In Threat Activity With Exploits Growing Nearly 150%: Nuspire

Posted in Commentary with tags on August 9, 2022 by itnerd

Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q2 2022 Quarterly Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs).

Nuspire’s data reveals a significant increase in overall threat activity across malware, botnet and exploits. Malware events increased over 25%, botnets doubled over the first quarter and exploit activity grew by nearly 150%, buoyed by the Log4j vulnerability.

Additional notable findings from Nuspire’s Q2 2022 Threat Report include:

  • VBA agent activity, which has been one of the top offenders over the past year in Nuspire’s Quarterly Threat Reports, has significantly decreased as predicted last quarter, due to Microsoft’s announcement of blocking them by default.
  • A substantial increase in botnet activity near the end of Q2, attributed to Torpig Mebroot botnet, which is a banking trojan designed to scrape and collect credit card and payment information from infected devices. Torpig Mebroot is particularly difficult to detect and remove, as it infects the victim machine’s master boot record.
  • Manufacturing is the world’s most attacked industry vertical. Our data shows the LockBit ransomware gang and Dynamite Panda (APT18) as two of the most prevalent threats to the manufacturing industry in the second quarter.  

Learn more about protecting your organization from increasing cyber threats and download Nuspire’s Q2 2022 Quarterly Threat Report. Register here to see the findings tomorrow.

Beware The Darkverse And The Cyber-Physical Threats It Will Enable: Trend Micro

Posted in Commentary with tags on August 9, 2022 by itnerd

 Trend Micro Incorporated, today released a new report warning of a “darkverse” of criminality hidden from law enforcement, which could quickly evolve to fuel a new industry of metaverse-related cybercrime.

The top five metaverse threats outlined in the report are:

  • NFTs will be hit by phishing, ransom, fraud and other attacks, which will be increasingly targeted as they become an important metaverse commodity to regulate ownership.
  • The darkverse will become the go-to place for conducting illegal/criminal activities because it will be difficult to trace, monitor and infiltrate by law enforcement. In fact, it may be years before police catch up.
  • Money laundering using overpriced metaverse real estate and NFTs will provide a new outlet for criminals to clean cash.
  • Social engineering, propaganda and fake news will have a profound impact in a cyber-physical world. Influential narratives will be employed by criminals and state actors targeting vulnerable groups who are sensitive to certain topics.
  • Privacy will be redefined, as metaverse-like space operators will have unprecedented visibility into user actions – essentially when using their worlds, there will be zero privacy as we know it.

As imagined by Trend Micro, the darkverse will resemble a metaverse version of the dark web, enabling threat actors to coordinate and carry out illegal activities with impunity. 

Underground marketplaces operating in the darkverse would be impossible for police to infiltrate without the correct authentication tokens. Because users can only access a darkverse world if they’re inside a designated physical location, there’s an additional level of protection for closed criminal communities.

This could provide a haven for multiple threats to flourish—from financial fraud and e-commerce scams to NFT theft, ransomware and more. The cyber-physical nature of the metaverse will also open new doors to threat actors.

Cybercriminals might look to compromise the “digital twin” spaces run by critical infrastructure operators, for sabotage or extortion of industrial systems. Or they could deploy malware to metaverse users’ full body actuator suits to cause physical harm. Assault of avatars has already been reported on several occasions. 

Although a fully-fledged metaverse is still some years away, metaverse-like spaces will be commonplace much sooner. Trend Micro’s report seeks to start an urgent dialog about what cyber threats to expect and how they could be mitigated.

Questions to start asking include:

  • How will we moderate user activity and speech in the metaverse? And who will be responsible?
  • How will copyright infringements be policed and enforced?
  • How will users know whether they’re interacting with a real person or a bot? Will there be a Turing Test to validate AI/humans?
  • Is there a way to safeguard privacy by preventing the metaverse from becoming dominated by a few large tech companies?
  • How can law enforcement overcome the high costs of intercepting metaverse crimes at scale, and solve issues around jurisdiction?

To read a full copy of the report, Metaverse or MetaWorse? Cyber Security Threats Against the Internet of Experiences, please visit: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/metaworse-the-trouble-with-the-metaverse.

Guest Post: Over 80% Of Malware Attacks Target Education Sector As Back-To-School Season Nears

Posted in Commentary with tags on August 9, 2022 by itnerd

With the school season approaching, parents hurry to get their children supplies while students enjoy their last days of summer. 

However, barely anyone realizes that enterprises in the education sector are currently under a barrage of malware attacks. Data presented by Atlas VPN reveals that the education industry has been the primary target for cyberattacks in the last 30 days. 

Over 80% of malware attacks globally were aimed at companies in the education sector, totaling 5.13 million attacks for the period, which comes out to an average of 171 thousand attacks daily.  

The data for the analysis was extracted via Microsoft’s Security Intelligence platform. 

One of the reasons why the education industry became the main target is the shift towards digitalization. The pandemic forced e-institutions to employ technologies that enable students to complete the curricula and exams. 

In turn, a lot of new companies sprang up as they saw the opportunity in the market.

However, video conferencing programs, e-learning software, and other digital tools expanded the cyberattack surface exponentially. 

It is worth noting that the aforementioned attacks are directed toward enterprises, not institutions. In other words, the data provided shows the number of attacks on businesses in the educational sector, not on schools, colleges, and universities.

To read the full article, head over to: https://atlasvpn.com/blog/over-80-of-malware-attacks-target-education-sector-as-back-to-school-season-nears

#Fail : Slack Exposes Hashed Passwords

Posted in Commentary with tags on August 9, 2022 by itnerd

If you’re a Slack user, you might have received a request to change your password in the last day or two. I’m here to tell you that this email isn’t a phishing attempt. It’s actually real and you should pay attention to it.

Here’s why.

Slack has admitted to accidentally exposing the hashed passwords of at least 50,000 users, roughly .5% of total Slack users. The workspace application began sending password reset links to affected users last week. While the passwords were not in plaintext and were not visible to any Slack clients, it appears that this issue has been going since 2017.

#Fail.

Sharon Nachshony, Security Researcher, Silverfort had this to say:

     “Hashes of salted passwords being leaked is not as dangerous as exposing them in plain-text, as an attacker would have to use brute-force methods – essentially automating a script to guess passwords – which takes some time.

While this makes exploitation less likely, a threat actor may still be motivated to do this because Slack is used by so many companies. Incidents like these are once again a clear argument for users to enable MFA. If implemented correctly, this would alert the legitimate user to any authentication attempt on their behalf, denying any malicious access attempt.”

MFA (Multi Factor Authentication) or even the new hot technology which is passwordless authentication is the way to go to reduce your attack surface. Companies should look at technologies like these to avoid being pwned because of a password exploit.

Wise Deepens Roots In Canada With New INTERAC e-Transfer Request Money Feature

Posted in Commentary with tags on August 9, 2022 by itnerd

 Wise (LSE: Wise), the global technology company building the best way to move money around the world, today introduced the INTERAC e-Transfer Request Money feature, a new, more convenient way Canadians can move money into their Wise accounts. In collaboration with Peoples Payment Solutions, part of People’s Group, Wise customers can securely move Canadian Dollars between Wise and other financial institutions in Canada using their email address or mobile number with money typically available within 30 minutes.

As Canadians continue to seek out faster and more convenient payment options, Wise will continue to deepen its offering and build new features that meet the local needs of consumers and businesses in Canada. 

In fact, Wise has already launched several offerings tailored to Canadians, including the following:

  • Launched the Wise card: In November, Canadians were introduced to the Wise card. A card that is up to 4x cheaper than banks for spending abroad, giving consumers and businesses the ability to spend in USD and foreign currencies without foreign transaction fees and the usual bad exchange rates that banks may charge.
  • Introduced Auto Conversions: In March, Canadians were introduced to a new way to save on a more favourable exchange rate through Auto Conversions. Set your desired exchange rate and Wise will convert your money for you when your desired rate is met in the market.
  • Enabled INTERAC e-Transfer Payouts: As part of Wise’s commitment to meeting the local needs of Canadians, Wise has already allowed customers who receive money into their Wise account to move funds out of Wise to another Canadian account using INTERAC.

To learn more about Wise and its universal account visit https://wise.com/ca.

Guest Post: Beware of Back-to-School Shopping Scams

Posted in Commentary with tags on August 9, 2022 by itnerd

By Hank Schless, Senior Manager of Security Solutions at Lookout

Technology has transformed the hustle and bustle of back-to-school season. According to a recent survey, 35% of school shopping is done online and 65% of those purchases are done from a smartphone. But what is convenient for some is also an opportunity for scammers to exploit consumers during a very busy time of year. The Better Business Bureau has issued a warning about back-to-school shoppers being targeted by online scams. 

In honor of National Back to School Prep Day on Monday, August 15, Lookout, the leader in delivering integrated Security, Privacy, and Identity Theft Protection solutions, has provided immediate steps consumers can take to ensure a safe online shopping experience. 

  • Stop Before You Click
    If you are not certain that a message is from a legitimate source, avoid clicking on links or attachments in emails, on websites, or on social media. Beware of deals that seem too good to be true. 
  • Only Use Unique & Strong Passwords 
    Immediately update any old passwords that have been compromised online. Enable two-factor authentication. 
  • Install Security Software On Your Devices
    Security protection, like Lookout, will automatically monitor and identify scam URLs in email, text messages, and on the web and block you from threats that can do harm.

Darktrace & HackerOne Partner To Add AI To Attack Resistance

Posted in Commentary with tags on August 8, 2022 by itnerd

Darktrace, a global leader in cyber security artificial intelligence (AI), and HackerOne, the leader in Attack Resistance Management, have partnered to combine Darktrace PREVENT/Attack Surface Management™ technology with the continuous security assessment capabilities of the HackerOne platform. The partnership expands HackerOne’s OpenASM initiative and delivers on a shared vision with Darktrace to help organizations secure their digital estate through leading technology and a community of ethical hackers. 

HackerOne recognized the need for an ASM partner that could enhance the asset discovery and reconnaissance efforts of HackerOne’s community of hackers. After an extensive technology evaluation, it selected PREVENT/ASM™, a set of AI-powered capabilities that perform reconnaissance on a target attack surface simply by knowing the name of an organization or brand and identifying threats external to that target. The combination of AI and security expertise will deliver continuous insight and help organizations find and eliminate blind spots across their digital landscape before attackers can exploit them. To assure ongoing security improvement, Darktrace and HackerOne will collaborate to train hackers on ASM best practices as they find, enrich, and risk rank assets. 

The Darktrace and HackerOne partnership helps organizations close their security gap. Organizations face challenges with an attack resistance gap between known digital assets and those they need to protect. According to The 2022 Attack Resistance Management Report, one-third of organizations said they monitor less than 75% of their attack surface, and almost 20% believe that over half of their attack surface is unknown or not observable. In June, HackerOne launched OpenASM, an initiative that empowers organizations to combine external scan data from ASM products with HackerOne’s proactive security testing capabilities to gain a comprehensive understanding of attack surface risks. As an early champion of OpenASM, Darktrace assures that customers can quickly gain visibility of their external assets, while hacker expertise provides targeted testing and data enrichment to address the most critical risks to their organization. 

Are you heading to the Black Hat USA conference on August 10-11 at the Mandalay Bay Hotel, Las Vegas? Stop by Darktrace’s Booth #1132 or HackerOne’s Booth #2520 to see a demonstration of Darktrace and HackerOne’s products working together. 

Infosec Institute Launches Free Resources to Help Organizations Level Up Their Cybersecurity

Posted in Commentary with tags on August 8, 2022 by itnerd

Infosec Institute, a leading cybersecurity education provider, today announced free cyber education resources to help organizations and employees level up their cybersecurity during National Cybersecurity Awareness Month (NCSAM) and beyond. Hosted every October by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), NCSAM aims to raise awareness about the importance of cybersecurity and provide resources for individuals to be secure online.

In support of this initiative, Infosec is providing a comprehensive security awareness and training toolkit, featuring: 

  • A training module for employees of all levels
  • An employee assessment to help identify security awareness training needs
  • Four posters, newsletter and email templates focused on key security behaviors
  • An NCSAM-themed screensaver to educate learners on data breaches that happened this year
  • An employee presentation about the program and targeted behaviors

As National Cybersecurity Awareness Month approaches, Infosec will release additional complementary resources for use by organizations, including a hands-on skills challenge, a training webinar for security awareness administrators, and discounts on instructor-led boot camps. All Infosec NCSAM resources are powered by the award-winning Infosec IQ and Infosec Skills security education platforms. Infosec IQ security awareness and training empowers employees with the knowledge and skills to stay cyber-secure at work and home with over 2,000 awareness and training resources.Infosec Skills helps cyber professionals upskill and get certified with unlimited access to 1,200+ hands-on cybersecurity courses, labs and cyber ranges.

Access Infosec’s Cybersecurity Awareness Month toolkit here.

TELUS Launches National Awards Program For Canadian Youth

Posted in Commentary with tags on August 8, 2022 by itnerd

TELUS is celebrating youth across Canada by launching the Friendly Future Makers Awards, inviting Canadians to nominate the Friendly Future Maker in their life who is creating long-lasting change in their community. Canadians can nominate a Friendly Future Maker aged 13-19 at telus.com/YouthAwards. Nominees will be entered to win one of six prize packs worth $7,000, which includes $5,000 for an RESP or to help fund their initiative, a $1,000 TELUS gift card, and a $1,000 donation to the registered charity of their choice. Inspired by TELUS’ long standing promise, Let’s make the future friendly, this nationwide callout continues that momentum and helps empower Canadian youth who are helping make the world a better place. The Friendly Future Makers Awards are open for nominations until September 26, and winners will be announced online October 24. 

As the global leader in social purpose, TELUS is using its technology to address some of today’s most pressing challenges, including building the local health and well-being of communities, bridging digital divides and actively addressing climate change. To continue to drive meaningful, innovative change, one winner will be chosen, by a panel of judges, from each of the TELUS’ social purpose focused categories:

  • Connection Enabler  – helping build human connections through being a mentor or volunteering at a local seniors home
  • Community Builder  – giving back to those who need it most by volunteering in your neighbourhood or through small acts of kindness
  • Health & Wellness Helper  – caring for the mental and/or physical health of your community through care packages or checking in on your neigbours 
  • Hunger Hero – helping to feed communities through neighbourhood gardens or food drives
  • Planet Protector – giving back to protect the planet through picking up litter or recycling
  • Future Friendly Maker –  creating change in your community to make the future friendly, outside of the five categories or across multiple categories

The Friendly Future Makers Awards are just one of many ways TELUS is continuing to invest in youth. Helping create meaningful change by bridging digital divides, TELUS’ Connecting for Good programs provide subsidized or free Internet and mobility services, helping ensure that youth from care, as well as children from low-income households can stay safely and reliably connected to the people, resources and tools that matter most. TELUS Wise, a free digital literacy program, offers informative workshops and resources helping more than 525,000 Canadians – including youth from across the country – stay safe in our digital world, while TELUS Friendly Future Foundation and TELUS Community Boards also fund more than 500 charities annually focused on helping Canadian youth thrive in a digital world.

Since 2000, TELUS has been a global leader in social capitalism, committing $1.4 billion to support charities and grassroots community organizations around the world, while also volunteering 1.8 million days of  service. Each year, TELUS supports more than 4,000 charities and community organizations worldwide.

To learn more about the Friendly Future Makers Awards and to nominate an inspiring youth giving back in your community, visit telus.com/YouthAwards