Cynet Offers Free Threat Assessment for Mid-Sized and Large Organizations

Posted on April 6th, 2019 by Responsible Cyber

Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making.However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive.Cynet changes the rules of the game with a free threat assessment offering based on more than 72 hours of data collection and enabling […]

Read More

Recovering Smartphone Typing from Microphone Sounds

Posted on April 6th, 2019 by Responsible Cyber

Yet another side-channel attack on smartphones: “Hearing your touch: A new acoustic side channel on smartphones,” by Ilia Shumailov, Laurent Simon, Jeff Yan, and Ross Anderson. Abstract: We present the first acoustic side-channel attack that recovers what users type on the virtual keyboard of their touch-screen smartphone or tablet. When a user taps the screen […]

Read More

Phishing Campaign Targeting Verizon Mobile Users

Posted on April 6th, 2019 by Responsible Cyber

Lookout Phishing AI, which discovered the attack, says it has been going on since late November. Verizon is warning customers about a phishing campaign that is going specifically after mobile users. Mobile devices have emerged as an effective attack vector, according to Jeremy Richards, principal security researcher at Lookout Phishing AI, which discovered the phishing […]

Read More

Ongoing DNS Hijack Attack Hits Consumer Modems and Routers

Posted on April 6th, 2019 by Responsible Cyber

The attack campaigns have re-routed DNS requests through illicit servers in Canada and Russia. An ongoing DNS hijacking campaign has taken aim at consumer modems and routers. Multiple waves of the campaign have changed settings in the residential devices, sending traffic through any of a series of addresses hosted on services known to be welcoming […]

Read More

Here’s the List of ~600 MAC Addresses Targeted in Recent ASUS Hack

Posted on March 30th, 2019 by Responsible Cyber

EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn’t release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users.Instead, Kaspersky released a dedicated offline tool and launched an online web page […]

Read More

Malware Installed in Asus Computers through Hacked Update Process

Posted on March 30th, 2019 by Responsible Cyber

Kaspersky Labs is reporting on a new supply chain attack they call “Shadowhammer.” In January 2019, we discovered a sophisticated supply chain attack involving the ASUS Live Update Utility. The attack took place between June and November 2018 and according to our telemetry, it affected a large number of users. […] The goal of the […]

Read More

Police Federation of England and Wales Suffers Apparent Ransomware Attack

Posted on March 24th, 2019 by Responsible Cyber

National Cyber Security Centre and National Crime Agency investigate random attack that locked down the association’s data and deleted backups. An apparent ransomware attack hit databases and other systems earlier this week at the headquarters of the Police Federation of England and Wales (PFEW), a law enforcement association that represents some 119,000 police officers across […]

Read More

Ransomware’s New Normal

Posted on March 15th, 2019 by Responsible Cyber

GandCrab’s evolution underscores a shift in ransomware attack methods. Don’t be fooled by the drop in overall ransomware attacks this past year: Fewer but more targeted and lucrative campaigns against larger organizations are the new MO for holding data hostage. While the number of ransomware attacks dropped 91% in the past year, according to data […]

Read More

Qbot malware resurfaces in new attack against businesses

Posted on March 14th, 2019 by Responsible Cyber

The decade-old Qbot financial malware has resurfaced with an improved version in a new attack against businesses that has infected thousands of systems so far. Researchers from data security solutions provider Varonis have uncovered the attack after a customer alerted them about suspicious activity on a computer. The culprit turned out to be an infection […]

Read More

How to protect against poor Windows password practices

Posted on March 14th, 2019 by Responsible Cyber

Hardly a day that goes by before some website reports a credential-stuffing attack where harvested usernames and passwords are used to gain access to sensitive information. Lately it was tax software site TurboTax where attackers accessed users’ tax information. This underscores the risk of password reuse. Organizations need a strong password policy to encourage good […]

Read More