Attacks traced to the same campaign that uses North Korean hacking infrastructure make use of a deceptively named component called "__preloader" (Source: Sansec)

North Korean Hacking Infrastructure Tied to Magecart Hits

Mathew J. Schwartz • July 6, 2020

Hackers with apparent ties to North Korea have extended their bag of online attack tricks beyond cryptocurrency mining, online bank heists and ransomware. Now, they're also hitting e-commerce merchants in the U.S. and Europe with Magecart attacks to steal payment card data, security firm Sansec reports.

Cybercrime

US Now Accuses Assange of Conspiring With Hacking Groups

Latest

Cybercrime

Just How Lucrative Are BEC Scams?

Doug Olenick • July 6, 2020

A Nigerian national who has been extradited to the United States allegedly laundered millions of dollars stolen in business email compromise scams, according to the Justice Department. He flaunted his lavish lifestyle on social media, prosecutors say.

Cybercrime

Patching Urged as F5 BIG-IP Vulnerability Exploited

Ishita Chigilli Palli • July 6, 2020

Security researchers warn that the number of exploit attempts targeting a critical vulnerability in F5 Networks' BIG-IP networking products has steadily increased since the company first announced the flaw late last week. They urge users to immediately apply patches.

Identity & Access Management

Progress Report: FIDO's Effort to Eliminate Passwords

Anna Delaney • July 6, 2020

Andrew Shikiar, executive director at the FIDO Alliance, offers an update on the group's efforts to reduce reliance on passwords and discusses how to overcome barriers.

Account Takeover

Hey Alexa. Is This My Voice Or a Recording?

Jeremy Kirk • July 6, 2020

Voice-controlled assistants can be fooled by replaying a recording of someone's voice. But researchers with Australia's Commonwealth Scientific and Industrial Research Organization and Samsung Research say they've developed a lightweight software tool to detect such attempts, which are difficult to defend against.

Fraud Management & Cybercrime

How Ekans Ransomware Targets Industrial Control Systems

Akshaya Asokan • July 4, 2020

Researchers with FortiGuard Labs have uncovered two samples of the Ekans ransomware strain that offer some additional insight into how the crypto-locking malware targets industrial control systems, according to a new report. Ekans, also known as Snake, was first spotted earlier this year.

Cyberwarfare / Nation-State Attacks

NASA Still Struggling With Agency-Wide Cybersecurity Program

Prajeet Nair • July 4, 2020

A recent inspector general's report finds that NASA still struggles with implementing an agency-wide cybersecurity policy despite spending approximately $2.3 billion on IT, networking and security technology in 2019. The oversite report lists a series of improvements that NASA should make.

Cybercrime

Operators Behind Valak Malware Expand Malicious Campaign

Ishita Chigilli Palli • July 3, 2020

The operators behind the Valak malware strain have expanded their malicious campaigns to other parts of the world, targeting financial, manufacturing, healthcare and insurance firms, according to Cisco Talos. Attackers are now using existing email threads and ZIP files to spread the information stealer.

Application Security

Apache Guacamole Vulnerable to Reverse RDP Vulnerabilities

Akshaya Asokan • July 3, 2020

Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could enable attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.

Account Takeover

Digital IDs: A Progress Report

Nick Holland • July 3, 2020

The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.

Electronic Healthcare Records

HHS Hopes to Tackle Long-Stalled Regulatory Tasks

Marianne Kolbasuk McGee • July 2, 2020

The Department of Health and Human Services' privacy and security regulatory priorities for the rest of this year include tackling some long-stalled projects. Here's a rundown of the to-do list.

Account Takeover

POS Malware Using DNS to Steal Payment Card Data

Ishita Chigilli Palli • July 2, 2020

Fraudsters are using a revamped version of the Alina Trojan to target Windows-based POS devices to steal payment card data, according to Century Link's Black Lotus Labs. The malware operators are using unsecured DNS protocols to exfiltrate the data.

Fraud Management & Cybercrime

Ex-Fraudster Brett Johnson: 'There Are Going to Be a Lot of Victims'

Tom Field • July 2, 2020

Tens of millions of Americans have lost jobs because of COVID-19. As a result, former 'most wanted" fraudster Brett Johnson predicts a surge in fraud, saying bluntly: "There are going to be a lot of victims."