Subscribe to:

Subscribe to :: TheGuruReview.net ::

Are Hackers From North Korea Stealing Bitcoins

September 21, 2017 by  
Filed under Around The Net

North Korea’s hackers may be stealing bitcoin and other virtual currencies in a bid to evade sanctions and obtain hard currencies to fund the regime.

That’s according to a blog post by security firm FireEye. While state-sponsored North Korean cyber-criminals have been targeting banks and the global financial system for some time in order to fund the isolated state, FireEye believes that hackers are now attempting to steal virtual currencies too.

Since May 2017, FireEye says it has observed North Korean actors target at least three South Korean cryptocurrency exchanges with the suspected intent of stealing funds.

“The spearphishing we have observed in these cases often targets personal email accounts of employees at digital currency exchanges, frequently using tax-themed lures and deploying malware (PEACHPIT and similar variants) linked to North Korean actors suspected to be responsible for intrusions into global banks in 2016,” it said.

FireEye suggested that the attacks were not the only link between North Korea and cryptocurrencies. It said there were also “ties between North Korean operators and a watering hole compromise of a bitcoin news site in 2016, as well as at least one instance of usage of a surreptitious cryptocurrency miner” – which references Kaspersky Lab’s finding of a direct link between the Lazarus group banking heist hackers, whereby hackers installed Monero cryptocurrency mining software, and North Korea.

According to FireEye, spearphishing attempts against one South Korean exchange began early in May, and later that month another exchange in South Korea was compromised. In early June, more suspected North Korean activity targeting ‘unknown victims’  – which FireEye believes are cryptocurrency service providers in South Korea – was reported, and in July a third South Korean exchange was targeted, once again through spearphishing a personal account.

Prior to this activity, four wallets on Yapizon, a South Korean cryptocurrency exchange were compromised on 22 April, although FireEye says there is no indication of North Korea involvement with this.

The cyber security firm believes that the 26 April announcement by the US of increased economic sanctions against North Korea may have played a part in driving North Korean interest in cryptocurrency. By focusing on cryptocurrencies, attackers may benefit from lax anti-money laundering controls as the regulatory environment around these currencies is still emerging.

“While at present North Korea is somewhat distinctive in both their willingness to engage in financial crime and their possession of cyber espionage capabilities, the uniqueness of this combination will likely not last long-term as rising cyber powers may see similar potential,” FireEye said.

“Cyber criminals may no longer be the only nefarious actors in this space,” it concluded.

Courtesy-TheInq

European Court Rules On Worker’s Email Privacy

September 6, 2017 by  
Filed under Around The Net

Companies must inform employees in advance if their work email accounts are being monitored and such checks must not unduly infringe workers’ privacy, the European Court of Human Rights ruled on Tuesday.

In a judgment in the case of a man fired 10 years ago for using a work messaging account to communicate with his family, the judges found that Romanian courts failed to protect Bogdan Barbulescu’s private correspondence because his employer had not given him prior notice it was monitoring his communications.

Email privacy has become a hotly contested issue as more people use work addresses for personal correspondence even as employers demand the right to monitor email and computer usage to ensure staff use work email appropriately.

Courts in general have sided with employers on this issue.

 The company had presented him with printouts of his private messages to his brother and fiancée on Yahoo Messenger as evidence of his breach of a company ban on such personal use.

Barbulescu had previously told his employer in writing that he had only used the service for professional purposes.

The European court in Strasbourg ruled by an 11-6 majority that Romanian judges, in backing the employer, had failed to protect Barbulescu’s right to private life and correspondence.

The court concluded that Barbulescu had not been informed in advance of the extent and nature of his employer’s monitoring or the possibility that it might gain access to the contents of his messages. The company was not named in the ruling.

The court also said there had not been a sufficient assessment of whether there were legitimate reasons to monitor Barbulescu’s communications. There was no suggestion he had exposed the company to risks such as damage to its IT systems or liability in the case of illegal activities online.

“This set of requirements will restrict to an important extent the employers’ possibilities to monitor the workers’ electronic communications,” said Esther Lynch, confederal secretary of the European Trade Union Confederation.

The ruling could lead to more clarity on the scope of corporate discipline, said James Froud, partner at law firm Bird & Bird.

“We may see a shift in emphasis, with courts requiring employers to clearly demonstrate the steps they have taken to address the issue of privacy in workplace, both in terms of granting employees ‘space’ to have a private life whilst clearly delineating the boundaries,” he said.

Millions Of Users Info Left Exposed By Time Warner Cable

September 5, 2017 by  
Filed under Around The Net

More than four million records of users of Time Warner Cable’s MyTWC app were discovered unsecured on an Amazon server last month, according to digital security research center Kromtech Security Center.

The files — more than 600 gigabytes in size containing sensitive information such as transaction ID, user names, Mac addresses, serial numbers, account numbers — were discovered on Aug. 24 without a password by researchers of Kromtech.

“A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the MyTWC app became potentially visible by external sources,” Charter Communications Inc,  Time Warner Cable’s parent, said in an email.

The information was removed immediately after the discovery and the incident is being investigated, Charter said.

The breach was eventually linked to BroadSoft Inc, a communications company, whose unit developed the MyTWC app.

Broadsoft did not immediately respond to a request for comment.

Has The Playstation Network Suffered Another Breach

August 28, 2017 by  
Filed under Gaming

The hacker group known as OurMine has reportedly cracked into Sony and made off with a collection of PlayStation Network (PSN) logins.

Legitimately, OurMine offers to protect your online accounts and presence and keep it secure on a monthly paid for basis. It also busts its way into systems, picks them apart and exposes their weaknesses all while wearing a lovely white hat.

We have already seen it at work this month when it took on HBO and Game of Thrones and managed to come out of it with Twitter control and a couple of script treatments. 

The benevolent group is not planning on leaking any of the information that it took from PSN and got quite indignant at the suggestion in one of its own tweets, suggesting that Sony just needed to get in touch and avail itself of the OurMine services and this would all be over.

“No, we aren’t going to share it, we are a security group, if you works at PlayStation then please go to our website ourmine . org,” it said on Twitter.

Reports claim that the hack of Sony’s social media accounts was achieved using its Sprout Social management account, which also gave OurMine access to user registration information such as names and email addresses.

It is tough to imagine that Sony’s PlayStation people would welcome this third-party intervention. The firm has had to deal with hackers before in 2001 when it went after the cracker known as Geohot. Then, the firm was taken offline for almost three weeks and had tens of millions of PSN user details pinched.

Sony’s Facebook account also got taken over for a short while this weekend putting users off the service and sparing other people from cat pictures and happy couples. Unfortunately, though, this only had a brief impact.

Courtesy-TheInq

Did NotPetya Cost Maersk Cost Over 100 Million In Lost Revenue

August 24, 2017 by  
Filed under Around The Net

Maersk has warned that the NotPetya malware that struck the company in June will cost it between $200m and $300m in lost revenues.

In a statement released on Wednesday, Maersk CEO Søren Skou said: “In the last week of the [second] quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco.

“Business volumes were negatively affected for a couple of weeks in July and, as a consequence, our third quarter results will be impacted. We expect that the cyber-attack will impact results negatively by [between] $200 and $300m.”

However, while the malware depressed the company’s revenues, it was still able to report revenue up by $1bn compared to the same quarter a year earlier, and profits up by $490m.

The sum is the first time that the company has been able to publicly release a figure on the cost of NotPetya and dealing with the aftermath of the malware. 

At the beginning of July, the shipping company admitted that NotPetya had affected a number of ports around the world that it operates, causing a large backlog of shipments to build up. Back then, it admitted that it had suffered cancellations as a result, but couldn’t quantify them, or put a figure on the cost.

Maersk was one of a handful of global companies affected by NotPetya via operations in Ukraine, which appeared to be the primary target of the malware.

Other companies affected include fast-moving consumer goods company Reckitt Benckiser, which has said that the outbreak would cost the company around $100m or more in lost revenues in the second quarter; and confectionery firm Cadbury’s, which admitted that factories and warehouse systems had been affected by NotPetya, delaying shipments.

The most badly affected major organisation, though, would appear to be global parcel delivery company TNT Express, which has warned of permanent data loss as a result of NotPetya. Even three weeks after the outbreak, the company was still struggling to operate effectively, with paperwork lost in the company’s borked IT systems and staff forced to resort to manual processes.

Courtesy-TheInq

Shipping Companies Go Low Tech To Avoid Cyber Attacks

August 8, 2017 by  
Filed under Around The Net

The risk of cyber attacks targeting ships’ satellite navigation is sparking some countries to reach back through history and develop back-up systems with roots in World War Two radio technology.

Ships use GPS (Global Positioning System) and other similar devices that rely on sending and receiving satellite signals, which many experts say are vulnerable to jamming by hackers.

About 90 percent of world trade is transported by sea and the stakes are high in increasingly crowded shipping lanes. Unlike aircraft, ships lack a back-up navigation system and if their GPS ceases to function, they risk running aground or colliding with other vessels.

South Korea is developing an alternative system using an earth-based navigation technology known as eLoran, while the United States is planning to follow suit. Britain and Russia have also explored adopting versions of the technology, which works on radio signals.

The drive follows a series of disruptions to shipping navigation systems in recent months and years. It was not clear if they involved deliberate attacks; navigation specialists say solar weather effects can also lead to satellite signal loss.

Last year, South Korea said hundreds of fishing vessels had returned early to port after their GPS signals were jammed by hackers from North Korea, which denied responsibility.

In June this year, a ship in the Black Sea reported to the U.S. Coast Guard Navigation Center that its GPS system had been disrupted and that over 20 ships in the same area had been similarly affected.

U.S. Coast Guard officials also said interference with ships’ GPS disrupted operations at a port for several hours in 2014 and at another terminal in 2015. It did not name the ports.

A cyber attack that hit A.P. Moller-Maersk’s IT systems in June 2017 and made global headlines did not involve navigation but underscored the threat hackers pose to the technology dependent and inter-connected shipping industry. It disrupted port operations across the world.

The eLoran push is being led by governments who see it as a means of protecting their national security. Significant investments would be needed to build a network of transmitter stations to give signal coverage, or to upgrade existing ones dating back decades when radio navigation was standard.

U.S. engineer Brad Parkinson, known as the “father of GPS” and its chief developer, is among those who have supported the deployment of eLoran as a back-up.

“ELoran is only two-dimensional, regional, and not as accurate, but it offers a powerful signal at an entirely different frequency,” Parkinson told Reuters. “It is a deterrent to deliberate jamming or spoofing (giving wrong positions), since such hostile activities can be rendered ineffective,” said Parkinson, a retired U.S. airforce colonel.

Def Con Hackers Focus On Voting Machines, Databases

July 31, 2017 by  
Filed under Around The Net

Hackers attending the Def Con hacking convention in Las Vegas were encouraged breach voting machines and voter databases in a bid to uncover vulnerabilities that could be exploited to sway election results.

The 25-year-old conference’s first “hacker voting village” opened on Friday as part of an effort to raise awareness about the threat of election results being altered through hacking.

Hackers crammed into a crowded conference room for the rare opportunity to examine and attempt to hack some 30 pieces of election equipment, much of it purchased over eBay, including some voting machines and digital voter registries that are currently in use.

“We encourage you to do stuff that if you did on election day they would probably arrest you,” said Johns Hopkins computer scientist Matt Blaze, who organized the segment in a conference room at the Caesar’s Palace convention center.

The exercise featured a “cyber range” simulator where blue teams were tasked with defending a mock local election system from red team hackers.

Concerns about election hacking have surged since U.S. intelligence agencies claimed that Russian President Vladimir Putin ordered the hacking of Democratic Party emails to help Republican Donald Trump win the 2016 U.S. presidential election.

A Department of Homeland Security official told Congress in June that Russian hackers had targeted 21 U.S. state election systems in the 2016 presidential race and a small number were breached, but there was no evidence that any votes had been manipulated.

Russia has denied the accusations.

Jake Braun, another organizer, said he believed the hacker voting village would convince participants that hacking could be used to sway an election.

“There’s been a lot of claims that our election system is unhackable. That’s BS,” said Braun. “Only a fool or liar would try to claim that their database or machine was unhackable.”

Barbara Simons, president of advocacy group Verified Voting, said she expects Russia to try to influence the U.S. 2018 midterm election and 2020 elections. To counter such threats, she called for requiring use of paper ballots and mandatory auditing computers to count them.

More than 20,000 people were expected to attend the three-day Def Con convention.

The hacker voting village was one of about a dozen interactive areas where participants could study and practice hacking in fields such as automobiles, cryptology and healthcare.

Lloyd’s Of London Sounds The Alarm On Impacts Of Cyber Attacks

July 18, 2017 by  
Filed under Around The Net

A major, global cyber attack could lead to an average of $53 billion of economic losses, a figure on par with a catastrophic natural disaster such as U.S. Superstorm Sandy in 2012, Lloyd’s of London said in a report on Monday.

The report, co-written with risk-modeling firm Cyence, examined potential economic losses from the hypothetical hacking of a cloud service provider and cyber attacks on computer operating systems run by businesses worldwide.

Insurers are struggling to estimate their potential exposure to cyber-related losses amid mounting cyber risks and interest in cyber insurance. A lack of historical data on which insurers can base assumptions is a key challenge.

“Because cyber is virtual, it is such a difficult task to understand how it will accumulate in a big event,” Lloyd’s of London Chief Executive Inga Beale told Reuters.

Economic costs in the hypothetical cloud provider attack dwarf the $8 billion global cost of the “WannaCry” ransomware attack in May, which spread to more than 100 countries, according to Cyence.

Economic costs typically include business interruptions and computer repairs.

The Lloyd’s report follows a U.S. government warning to industrial firms about a hacking campaign targeting the nuclear and energy sectors.

In June, an attack of a virus dubbed “NotPetya” spread from infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupted activity at ports, law firms and factories.

“NotPetya” caused $850 million in economic costs, Cyence said.

In the hypothetical cloud service attack in the Lloyd’s-Cyence scenario, hackers inserted malicious code into a cloud provider’s software that was designed to trigger system crashes among users a year later.

By then, the malware would have spread among the provider’s customers, from financial services companies to hotels, causing all to lose income and incur other expenses.

Average economic losses caused by such a disruption could range from $4.6 billion to $53 billion for large to extreme events. But actual losses could be as high as $121 billion, the report said.

As much as $45 billion of that sum may not be covered by cyber policies due to companies underinsuring, the report said.

Average losses for a scenario involving a hacking of operating systems ranged from $9.7 billion to $28.7 billion.

Lloyd’s has a 20 percent to 25 percent share of the $2.5 billion cyber insurance market, Beale said in June.

Will NotPetya Victim Get The Files Vack

July 12, 2017 by  
Filed under Computing

The so-called ‘NotPetya’ ransomware, which was first identified in Ukraine and quickly spread worldwide, is reportedly designed to destroy data with the ransomware element intended as little more than a cover.

Security software company Kaspersky has warned that there is “little hope for victims to recover their data” if they fall victim to the ransomware bastard because the installation ID displayed in the ransomware note, sent with the ransom so that the appropriate decryption key can be sent back, is entirely randomly generated.

As a result, victims that pay the estimated £300 ransom in Bitcoin won’t be able to get their files back.

“We have analysed the high-level code of the encryption routine and we have figured Kaspersky Company in a statement.

“To decrypt a victim’s disk threat actors need the installation ID. In previous versions of ‘similar’ ransomware, like Petya/Mischa/GoldenEye, this installation ID contained the information necessary for key recovery. 

“ExPetr [Kaspersky’s name for the malware] does not have that, which means that the threat actor could not extract the necessary information needed for decryption. In short, victims could not recover their data.”

Kaspersky’s warning comes as a number of security software and services companies publish their initial analyses of the NotPetya/ExPetr malware – all coming to similar conclusions.

Kaspersky itself claims that around 2,000 organisations have fallen victim to it so far, with firms in Russia and Ukraine worst affected, although Norwegian shipping company Maesk also fell victim. The company also confirmed the use of two US National Security Agency (NSA) exploits, exposed by the Shadow Brokers group, called EternalBlue and EternalRomance, which have helped automatically propagate the malware.

People and organisations with their Windows operating systems patched up-to-date and running equally up-to-date antivirus software ought to be protected, Kaspersky added.

However, organisations that aren’t properly patched can see the malware use flaws in Microsoft’s SMB networking protocol, via the EternalBlue exploit, to infect multiple machines.

According to Kasperksy, researchers Anton Ivanov and Orkhan Mamedov, the “installation key” supposedly presented to users in the NotPetya ransom note is simply a random string.

“That means that the attacker cannot extract any decryption information from such a randomly generated string displayed on the victim and, as a result, the victims will not be able to decrypt any of the encrypted disks using the installation ID,” they warned.

That means, even paying the ransom won’t result in a decryption key being sent. “This reinforces the theory that the main goal of the ExPetr attack was not financially motivated, but destructive,” they added.

Likewise, Matt Suiche, founder of cloud security company Comae Technologies, agreed. “The ransomware was a lure for the media. This variant of Petya is a disguised wiper,” he warned. 

He added: “The goal of a wiper is to destroy and damage. The goal of a ransomware is to make money. Different intent. Different motive. Different narrative.

“Ransomware has the ability to restore its modification such as (restoring the MBR like in the 2016 Petya, or decrypting files if the victim pays) – a wiper would simply destroy and exclude possibilities of restoration.”

The key presented in the ransomware note, he also confirmed, is “fake and randomly generated”.

He added that the ransomware element was probably intended to distract attention from the idea that a nation-state attacker of some sort was behind it, citing the Shamoon malware in 2012, while the attacker simply repacked existing ransomware. 

Not everyone is convinced that the NotPetya malware is state sponsored, however, with software engineer and malware analyst @hasherezade on Twitter suggesting that the author of the original Petya might be behind it. ‘

Courtesy-TheInq

Ransomware-as-a-Service Now Targeting Macs

June 22, 2017 by  
Filed under Computing

Security researchers have found the first evidence of ransomware-as-a-service (RaaS) affecting Apple machines, dubbed ‘MacRansom.’

Fortinet’s security research team, FortiGuard Labs, uncovered the tool, which uses a web portal hosted in a TOR network (an anonymous network that bounces the signal around a relay of volunteer computers, to conceal the source); an increasingly-popular form of attack. The variant is not readily available through the portal, and instead, buyers must contact the author(s) directly to build the ransomware.

MacRansom uses a basic delivery vector, in that the owner of the machine must agree to run a programme from an unidentified developer before the infection takes place, or have it physically installed from an external drive. If they do so, the ransomware will check two things: if it is being run in a non-Mac environment, and if it is being debugged. If either condition is not met, it will terminate.

The next step is to create a launch point (the file name purposefully mimics a legitimate file). The ransomware will run on every start up and encrypts on a specified trigger time. When that time comes, the ransomware begins to encrypt files on the computer – in what FortiGuard notes is a slightly unusual but still effective method. A maximum of 128 files will be locked.

FortiGuard was looking for any RSA-crypto routines; however, like the delivery vector, the ransomware itself is not very sophisticated and instead uses a symmetric encryption with a hardcoded key. Two sets of keys are used: ReadmeKey (0x3127DE5F0F9BA796), which decrypts the ransom notes and instructions, and TargetFileKey (0x39A622DDB50B49E9), which performs the encrypt/decrypt on the user’s files.

TargetFileKey is altered with a random number generator: the encrypted files cannot be decrypted once the malware has terminated, in other words. It also has no function to communicate with the command and control server, so there is no readily-available copy of the key to use. While recovery of the TargetFileKey is still technically possible using a brute force attack, FortiGuard is ‘sceptical’ of the author’s claim to be able to decrypt the hijacked files.

Users are instructed to contact a specific email address and send some of their encrypted files, which will be decrypted as proof. The author asks for 0.25 Bitcoin (about £540) to unlock all of the files.

Ransomware is still not common on Mac computers, and most found there today is significantly less advanced than that targeting Windows. However, MacRansom can still capably encrypt files.

FortiGuard believes that MacRansom is being developed by copycats, as it contains code and ideas that appear to have been taken from previous ransomware targeting OS X.

Courtesy-TheInq

Spread Of ‘WannaCry’ Ransomware Halted For Now

May 15, 2017 by  
Filed under Computing

Friday’s unprecedented ransomware attack may have temporarily halted spreading to new machines thanks to a “kill switch” that a security researcher has activated.

The ransomware, called Wana Decryptor or WannaCry, has been found infecting machines across the globe. It works by exploiting a Windows vulnerability that the U.S. National Security Agency may have used for spying.

The malware encrypts data on a PC and shows users a note demanding $300 in bitcoin to have their data decrypted. Images of the ransom note have been circulating on Twitter. Security experts have detected tens of thousands of attacks, apparently spreading over LANs and the internet like a computer worm.

However, the ransomware also contains a kill switch that may have backfired on its developers, according to security researchers.

Wana Decryptor infects systems through a malicious program that first tries to connect to an unregistered web domain. The kill switch appears to work like this: If the malicious program can’t connect to the domain, it’ll proceed with the infection. If the connection succeeds, the program will stop the attack.

A security researcher who goes by the name MalwareTech found that he could activate the kill switch by registering the web domain and posting a page on it.

MalwareTech’s original intention was to track the ransomware’s spread through the domain it was contacting. “It came to light that a side effect of us registering the domain stopped the spread of the infection,” he said in an email.

Security firm Malwarebytes and Cisco’s Talos security group reported the same findings and said new ransomware infections appear to have slowed since the kill switch was activated.

However, Malwarebytes researcher Jerome Segura said it’s too early to tell whether the kill switch will stop the Wana Decryptor attack for good. He warned that other versions of the same ransomware strain may be out there that have fixed the kill-switch problem or are configured to contact another web domain.

Unfortunately, computers already infected with Wana Decryptor will remain infected, he said.

Friday’s ransomware attack first spread through a massive email phishing campaign. At least some of those emails appeared to be messages from a bank about a money transfer, according to Cisco’s Talos group.

Victims who opened the attachment in the email were served with the ransomware, which takes over the computer, security researchers said.

The Wana Decryptor itself is no different from other typical ransomware strains. Once it infects the PC, it’ll encrypt all the files on the machine, and then demand the victim pay a ransom to free them.

But unlike other ransomware, Wana Decryptor has been built to spread quickly. It does so by incorporating a hacking tool that security researchers suspect came from the NSA and was leaked online last month.

European Union Anticipates More E-commerce Anti-trust Violation Investigations

May 11, 2017 by  
Filed under Around The Net

The European Union plans to initiate more antitrust investigations into e-commerce companies after a two-year inquiry uncovered practices that restrict competition, the European Commission said on Wednesday.

In its report following the initial inquiry, the European Commission said there was an increased use of contractual restrictions to control product distribution, which could be in breach of EU antitrust rules.

“Certain practices by companies in e-commerce markets may restrict competition by unduly limiting how products are distributed throughout the EU,” Competition Commissioner Margrethe Vestager said in a statement.

The e-commerce sector inquiry is part of the European Commission’s campaign to overhaul the bloc’s digital market in a bid to boost growth and catch up with the United States and Asia.

“The insight gained from the sector inquiry will enable the Commission to target EU antitrust enforcement in European e-commerce markets, which will include opening further antitrust investigations,” the Commission said.

The EU executive also found that manufacturers increasingly use selective distribution systems where products can only be sold by pre-authorized sellers, giving them more control over distribution and price.

The report showed that almost 60 percent of digital content providers have agreed with the copyright holders for music, films and TV shows, for example, to geoblock, namely restricting consumers’ access to products and services based on where they are located.

Some licensing practices may also make it more difficult for new online business models and services to emerge, the Commission said.

EU antitrust scrutiny of the pharmaceutical, energy and financial services industries over the past decade prompted investigations into companies in all three sectors.

Are Macs Virus Free

April 19, 2017 by  
Filed under Computing

The myth that Macs are somehow more secure than other operating systems appears to be a myth according to a Threat Report by McAfee Labs.

Attacks on Macs have risen by 744 percent in 2016 and there are more than 460,000 malware samples on Mac machines found. Although this is not a particularly high number you have to acknowledge that this is one security company and on a single machine.

It appears that after years of leaving Macs alone, virus writers are suddenly taking an interest in knocking them over and the security by obscurity measures, along with faith-based defences are not working.

The Tame Apple Press has rushed to say that “despite the dramatic increase in macOS malware attacks, Mac owners need not be too alarmed”.

One newspaper even said that the attacks were just irritating and not like the “true malware attacks” that Windows users have to suffer.

Most of the attacks were just adware which automatically generates and displays advertising material, including banners or pop-ups, whenever a user is online, the Tame Apple Press  tried to reassure Apple fanboys.

Last summer, Mac owners were warned about a new malware dubbed Backdoor.MAC.Elanor – a nasty piece of code that infects the OS X operating system and gives hackers complete access to the files on the computer.

Courtesy-Fud

Study Reveals Cyber Attacks Have Cost Company Shareholders Billions

April 13, 2017 by  
Filed under Computing

Cyber security breaches diminish businesses share prices permanently, with financials the worst hit, a study issued by IT consultant CGI and Oxford Economics has revealed.

Severe cyber security breaches, such as those having legal or regulatory consequences, involve the loss of hundreds of thousands of records and hurt the firm’s brand, caused share prices to fall on average 1.8 percent on a permanent basis, the analysis of 65 companies affected since 2013 globally has found.

Investors in a typical FTSE 100 firm would be worse off by an average of £120 million after such a breach, the report said. Overall the cost to shareholders of these 65 companies would be in excess of 42 billion pounds ($52.40 billion).

CGI’s analysis compared each company’s share price against a cohort of similar companies to isolate the impact of cyber breaches from other market movements, during incidents detailed in a breach index compiled by Dutch security firm Gemalto.

Two-thirds of firms had their share price adversely impacted after suffering a cyber breach. Financial firms were the worst affected, followed closely by communications firms.

“Financial services experience the greatest burden in terms of impact, reflecting the high levels of regulation, the importance of customer confidence and the potential for financial fraud to be a facet of the breach,” the report said.

hose least affected were retail, hospitality and travel companies.

Hacking attacks and other cyber security breaches have impacted companies across the world in recent years, from retailer Target in the United States in 2013 to British communications firm TalkTalk in 2015.

Dallas Emergency Sirens Set Off By Hacker

April 11, 2017 by  
Filed under Around The Net

A computer hack triggered all the emergency sirens in Dallas for about 90 minutes overnight in one of the largest known breaches of a siren warning system, officials in the Texas city said on Saturday.

Dallas’ 156 sirens, normally used to warn of tornadoes and other dangerous weather, were triggered at 11:42 p.m. CDT on Friday. The wailing did not end until 1:17 a.m. CDT on Saturday when engineers manually shut down the sirens’ radio system and repeaters, city Emergency Management Director Rocky Vaz said.

“At this point, we can tell you with a good deal of confidence that this was somebody outside of our system that got in there and activated our sirens,” he told reporters.

The breach in the city of 1.6 million people was believed to have originated in the area, city spokeswoman Sana Syed said in an emailed statement.

Vaz cited industry experts as saying the hack was among the largest ever to affect emergency sirens, with most breaches triggering one or two. “This is a very, very rare event,” he said.

Engineers are working to restart the system and should have it restored by late on Sunday, he said. Until the sirens are running, Dallas will rely on local media, emergency 911 phone calls, and a federal radio alert system, Vaz said.

The hack is being investigated by system engineers and the Federal Communications Commission has been contacted, but police have not been involved, he said.

The sirens went through 15 cycles of a 90-second activation before they were shut down, he said.

 

Next Page »