Showing posts with label cyber security. Show all posts
Showing posts with label cyber security. Show all posts

Wednesday, December 9, 2015

FireEye Finds Complex Malware FIN1 Created in Russia - http://clapway.com/2015/12/09/fireeye-finds-complex-malware-fin1-created-in-russia123/

A US-based cyber security firm called FireEye has discovered a kind of malware that is designed to steal payment card data, and it’s very hard to detect and remove it. The group behind the malware has been nicknamed FIN1, and they’re suspected to be based in Russia.


FireEye - Complex Malware


FIN1’s Main Target Are Financial Institutions


Credit and debit card data is among the most wanted pieces of information of any individual. Security of these items has been increasing during recent years, but cyber attacks have gotten more clever. Giant companies like Target and Home Depot have suffered data breaches that compromises client information, and some payment processors have also been targeted.


The malware uses a bootkit functionality, which can be bypassed by any antivirus software. It allows for raw disk access to look for malware, and once it latches on to it, it’s almost impossible to remove. System administrators should have to wipe the devices completely clean of all data and then reload the operating systems.


One Up for the Russians


There hasn’t been a solution found for this kind of malware. Cyber security threats have been really popular in 2015, and it’s possible that they get even stronger as more businesses and enterprises follow cloud systems, which may be safer in the physical world but less than in the cybernetic world.


But cyber security firms are stepping up to the plate to fight back. Hopefully even entire governments turn to reliable cyber security firms to strengthen all platforms so that they’re not sensitive to threats. Attacks are possible from all directions, both remotely and internationally, and individual people as well as entire organizations must remain safe from all threats. Firms like FireEye have become increasingly popular, and hopefully firms like these will become stronger to fight back against threats to persons and enterprises.



FireEye Finds Complex Malware FIN1 Created in Russia
Posted by at No comments:
Labels: , , , ,

Tuesday, December 8, 2015

Dropbox Could Be Helping ISIS Spread Malware - http://clapway.com/2015/12/08/dropbox-could-be-helping-isis123/

FireEye, a security firm based in the US, has found a new kind of malware that targets mass media. The malware was first spotted in Hong Kong, where it had been targeting smaller media agencies. The main targets were newspapers, radio stations, and TV studios.


The Malware Comes from Dropbox Accounts


The firm was able to trace the malware back to a series of Dropbox accounts. Particularly, a group of hackers under the name admin@338 is rumored to have ties to the Chinese government. They’ve been targeting international organizations in the financial, economic and trade policy sectors. They have employed spear-phishing campaigns before, in order to infect users with RATs, or Remote Access Trojans. Their latest attack, as observed by FireEye, is against media agencies that supported the protests that happened in Hong Kong last year.


admin@338 often sends word documents in emails sent to targets. These emails discuss anti-Chinese and pro-democracy topics, and they contain the CVE-2012-0158 Microsoft Office bug that lets hackers install LOWBALL malware onto the targets’ computers. The latest attack had an added bonus, as the C&C server was inside a Dropbox account and not elsewhere on the net. FireEye and Dropbox then joined hands to get behind the series of cyber security threats. There are over 50 accounts currently in danger of these attacks.


What Does this Mean for Terrorist Groups?


Terrorist factions like ISIS might take advantage of this information, spreading anti-jihadist propaganda to lure users into the trap and then infect their machines with malware. While it is not ISIS’s usual approach, the world is zeroing in on the group. It’s possible that the organization does everything it can to spread their extremist messages and put those that don’t share their faith in danger. Hopefully, FireEye, Dropbox, and other firms can come together against these cyber security threats.


Dropbox Malware ISIS



Dropbox Could Be Helping ISIS Spread Malware
Posted by at No comments:
Labels: , ,

Thursday, December 3, 2015

Children Need to be Protected from VTech and Google - http://clapway.com/2015/12/04/children-need-to-be-protected-from-vtech-and-google123/

US authorities have asked VTech Holdings and Google for the data that it retains of children using digital toys. VTech suffered a cyberattack this week, where the data of 6.4 million children were exposed.


Children Privacy Google VTech


The Breach Raised Concerns on How VTech Stores Data


The letter stated that authorities held suspicions about how the company was using children’s data, as well as whether or not it shares or sells it. The authorities demand VTech reveal how they protect the data and if it is in accordance with the Children’s Online Privacy Protection Act, which enables parents to control their children’s data.


VTech Had Not Protected Their Database Well Enough


After announcing that the data of 4.9 million adults had been stolen from their database, and now they’ve added that the data of 6.4 million children is also at risk. The company has stated that they are entirely at fault.


The majority of the information, they revealed, belonged to people in the United States. The company could be facing private lawsuits from customers all over the world, and their shares have fallen 2.73% since the cyberattack was announced. Authorities have requested answers to their concerns by January 8.


Cyber Attacks Are Becoming More and More Common


The last quarter of this year has seen a lot of breaches on the web, which means cyber security must be strengthened. All companies should seek to protect their databases to the best of their ability.



Children Need to be Protected from VTech and Google
Posted by at No comments:
Labels: , ,

Monday, November 9, 2015

Hackers Take Full Control of SAP HANA - http://clapway.com/2015/11/09/hackers-take-full-control-of-sap-hana123/

Onapsis reveals 21 weaknesses in the SAP HANA platform, among them flaws that allow potential attackers to control machines remotely. The Boston-based cyber security firm revealed a full list of vulnerabilities, eight of which pose a serious threat to clients.


The SAP HANA platform manages databases and runs analytics systems for remote or cloud use. There are over 10,000 businesses registered to the platform, and with the threat of data theft and remote code execution, it is pivotal that all clients access this document and protect their data as well as their own personal information.


Sab san - Clapway


Among the threats discovered impact all SAP HANA applications, and with some flaws at critical level and others hard coded by design, it’s possible SAP HANA will have to bring in changes immediately and swiftly directly from their servers.


Hackers could take full control of systems if changes aren’t implemented. A security breach could result in a collapse with SAP, and it could cost organizations up to $22 million every minute. According to Onapsis, it’s a threat to global economy, as for every minute of lost information is extremely valuable. SAP HANA is encouraged to commence changes internally as soon as possible as to prevent any incidents while they still can.


 


 



Hackers Take Full Control of SAP HANA
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)