Symantec Warns of Increasingly Sophisticated Tech Support Scams

Symantec issued a report on Aug. 3 revealing that technical support fraud scammers are using call optimization services to improve their results. The new techniques come as the volume of tech support scams blocked by Symantec continues to grow.

Tech support scams come in multiple forms, including malware advertising where an ad shows up on a user’s screen warning that they have been infected with malware and need to call a certain number to get help. Symantec researchers found that scammers are making use of call optimization services to inject local numbers into malware alerts, as well providing additional features to improve call delivery.

Complete Article

The Year Targeted Phishing Went Mainstream

A story published  on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack).

But beneath the lurid allure of both stories lies a more unsettling reality: It has never been easier for scam artists to launch convincing, targeted phishing and extortion scams that are automated on a global scale. And given the sheer volume of hacked and stolen personal data now available online, it seems almost certain we will soon witness many variations on these phishing campaigns that leverage customized data elements to enhance their effectiveness.

Complete Article

Report: 99.7% of web apps have at least one vulnerability

Nearly every web application has at least one vulnerability, according to the 2017 Trustwave Global Security Report, released Tuesday. Of the apps scanned by Trustwave for the report, 99.7% included at least one vulnerability, with the mean number of vulnerabilities in web apps being 11.

In addition to looking at application security, the Trustwave report also includes information on data breaches as well. The median number of days it took to detect an intrusion dropped to 49 in 2016 from 80.5 days in 2015. However, internally-detected breaches were typically found in about 16 days, a much shorter time period.

 

Complete Article

Business Email Compromise Losses Top $12B, FBI Warns

The FBI has revised its figure for the total amount of financial losses from business email compromise attacks, as real estate-related scams grow.

Among the most impactful cyber-attacks is business email compromise (BEC), where criminals trick unsuspecting organizations into paying fraudulent invoices.

The FBI has calculated the estimated impact of BEC attacks that it is aware of and has determined that between October 2013 and May 2018, there has been $12.5 billion in global losses. During that period, the FBI has estimated that approximately $2.9 billion has been stolen from U.S victims.

Complete Article

Crypto-Mining Malware Rising Fast, Hackers Increasingly Targeting Cloud

Check Point’s mid-year cyber-attack report reveals that 42 percent of organizations globally have been hit by crypto-mining intrusions and that sophisticated attacks on cloud infrastructures are growing.

During the last couple of years, cyber-security has been largely about the huge influx of malware flowing through the veins of the internet. The problem hasn’t gone away by any means, but now in 2018 there’s an even larger threat: crypto-mining-specific malware.

Complete Article

Plant Your Flag, Mark Your Territory

Many people, particularly older folks, proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data — including everything from utilities and mobile phones to retirement benefits and online banking services. The reasoning behind this strategy is as simple as it is alluring: What’s not put online can’t be hacked. But increasingly, adherents to this mantra are finding out the hard way that if you don’t plant your flag online, fraudsters and identity thieves may do it for you.

The crux of the problem is that while most types of customer accounts these days can be managed online, the process of tying one’s account number to a specific email address and/or mobile device typically involves supplying personal data that can easily be found or purchased online — such as Social Security numbers, birthdays and addresses.

Complete Article

Loose .zips sink chips: How poisoned archives can hack your computer

Booby-trapped archive files can exploit vulnerabilities in a swath of software to overwrite documents and data elsewhere on a computer’s file system – and potentially execute malicious code.

Specifically, the flaws, dubbed “Zip Slip” by its discoverers at security outfit Snyk, is a path traversal flaw that can potentially be exploited to perform arbitrary code execution attacks. It affects certain tools that handle .zip, .tar, .war, .cpio, and .7z formats.

Complete Article

Intel, Microsoft to use GPU to scan memory for malware

Since the news of the Meltdown and Spectre attacks earlier this year, Intel has been working to reassure the computer industry that it takes security issues very seriously and that, in spite of the Meltdown issue, the Intel platform is a sound choice for the security conscious.

To that end, the company is announcing some new initiatives that use features specific to the Intel hardware platform to boost security. First up is Intel Threat Detection Technology (TDT), which uses features in silicon to better find malware.

Complete Article

Tenable Research Discovers Vulnerability in Critical Infrastructure

Tenable®, Inc., the Cyber Exposure company, recently discovered a critical remote code execution vulnerability in two Schneider Electric applications used in manufacturing, oil and gas, water, automation and wind and solar power facilities. If exploited, the vulnerability could give cybercriminals complete control of the underlying system. Attackers would also be able to use the compromised system to move laterally through the network, exposing additional systems to attack, including human-machine interface (HMI) clients. In a worst case scenario, attackers could use the vulnerability to disrupt or even cripple plant operations.

Complete Article

The AI cybersecurity arms-race: The bad guys are way ahead

For its recently released 2018 State of Cyber Resilience study, Accenture surveyed 4,600 enterprise security practitioners representing companies with annual revenues of $1 billion or more in 15 countries. 83% of respondents to the survey agree that advanced technologies are essential and they would commit funding to them if they could. But only 40% are investing in AI, machine learning, and automation technologies to improve their security defenses.

Complete Article