Mac OS X is still secure 16 years after its creation, but increasingly being targeted by cybercriminals. No operating system is 100% malware-proof.
The post 16 years of Mac OS X: Secure but not invincible to malware appeared first on WeLiveSecurity
Tag Archives: cyberattack
ABTA experiences data breach
The Association of British Travel Agents discovered the data breach on March 1st, but failed to notify customers until March 16th.
The post ABTA experiences data breach appeared first on WeLiveSecurity
Lloyds Banking Group hit with distributed denial of service attack
Lloyds Banking Group fell victim to an attempted cyberattack earlier this month, which saw cybercriminals attempt to crash the online banking service over a two day period.
The post Lloyds Banking Group hit with distributed denial of service attack appeared first on WeLiveSecurity
“Eye Pyramidâ€, the Cyber-Espionage Malware that has Italy Reeling
This Tuesday, the Italian state police dismantled a cyber-espionage ring spearheaded by a brother and sister that sought to exert control over public institutions and administrations, professional studios, employers, and politicians. The network was able to access confidential information by installing a virus on victims’ computers, stealing information sensitive to financial institutions and state security.
Among those affected are former Prime Ministers Matteo Renzi and Mario Monti, as well as the president of the Central European Bank, Mario Draghi, as well as other individuals in possession of confidential information. Mayors, cardinals, regional presidents, economists, employers, and law enforcement officials are also on the list.
How Eye Pyramid Works
The investigation has been dubbed “Eye Pyramid”, after the particularly invasive malware that the suspects used to infiltrate the systems of the people they spied on.
These intrusions appear to have first surfaced in 2012, reaching 18,327 users with the theft of 1,793 passwords using a keylogger. This comes out to be around 87GB data. The method of infiltration was simple given the serious nature of the attack: the cybercriminal sent an email, the recipient opened it, and upon opening the email a software was installed on the device, giving access to its secret files.
Older versions of the malware with unknown origins (although possibly linked to Sauron) were probably used in 2008, 2010, 2011, and 2014 in various spear phishing campaigns.
In a hyperconnected world, with mounting tension between cybersecurity and cyber-espionage — we’ve recently seen a crossfire of accusations exchanged between major powers like the US, China, and Russia — these attacks appear to have special relevance to state security and the dangers it faces in the cyber world.
Advanced Persistent Threat, or How to Avoid a Cybernetic Nightmare
This attack, unprecedented in Italy, will continue to be under investigation and, according to authorities, may end up revealing connections to other cyberattacks carried out in other countries.
Protecting your confidential and sensitive data from cybercriminal networks and attacks such as ATPs is crucial in combatting the growing professionalization of cybercrime.
Advanced threats are no longer an issue when you’ve got an advanced cybersecurity solution like Adaptive Defense 360, the platform that connects contextual intelligence with defense operations to stay ahead of malicious behaviors and data theft. Protection systems are triggered and jump into action before the malware even has a chance to run.
Thwarting potential threats before they become a real problem is the only way to rest easy knowing that your information has not ended up falling into the wrong hands.
The post “Eye Pyramid”, the Cyber-Espionage Malware that has Italy Reeling appeared first on Panda Security Mediacenter.
Is the UK’s Trident nuclear program at risk from cyberattack?
Former British defence secretary Des Brown called on the British Prime Minister to hold an ‘end-to-end assessment’ of the Trident nuclear program’s cybersecurity, or risk potential weaknesses in the system.
The post Is the UK’s Trident nuclear program at risk from cyberattack? appeared first on We Live Security.
TalkTalk cyberattack: The story so far
The TalkTalk cyberattack has attracted a lot of media attention since it was first reported that a serious incident had taken place. We cut through the noise and offer a concise summary of what has transpired.
The post TalkTalk cyberattack: The story so far appeared first on We Live Security.
Dridex malware crippled by the FBI
On Tuesday, October 13, The United States Department of Justice announced that they had taken down and seized multiple command-and-control (C&C) servers that were part of a network used by the Dridex trojan to upload stolen information and distribute malware.
U.S. Attorney Hickton said, “Through a technical disruption and criminal indictment we have struck a blow to one of the most pernicious malware threats in the world.”
Dridex, also known as ‘Bugat’ and ‘Cridex’, is a malicious trojan used by criminals to steal bank login credentials from an infected PC, in order to gain access to a victim’s bank account—it’s been quite successful too, with losses in the UK estimated at £20 million and in the US at $10 million.
Dridex is commonly distributed in the form of a phishing email, and often contains an infected Word doc attachment. When a victim opens the Word document they unknowingly infect their PC, thereby allowing attackers to eavesdrop on their computer’s activity and automate the theft of data.
Head of Operations at the National Crime Agency’s National Cyber Crime Unit (NCCU), Mike Hulett, said: “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to be made.”
While the FBI and other international agencies continue their investigations, UK’s National Crime Agency (NCA) is still warning UK internet users to be aware of and protect themselves against Dridex.
Even though the distribution network has been crippled, the actual malware still exists and can be used by other criminals.
Mike Hulett goes on to provide sound advice for everyone, “We urge all internet users to take action and update your operating system. Ensure you have up to date security software and think twice before clicking on links or attachments in unsolicited emails”.
If you don’t already have a suitable antivirus solution in place, we recommend you install one today. Download our award-winning AVG Protection for your PC to help prevent malware and viruses.
If you or anybody you know has been affected by cybercrime fraud you can report it to:
US
Federal Bureau of Investigation, Internet Crime Complaints Center
http://www.ic3.gov/default.aspx
UK
ActionFruad – National Fraud & Cyber Crime Reporting Centre
http://www.actionfraud.police.uk
AUS
ACORN – Australian Cybercrime Online Reporting Network
https://report.acorn.gov.au
3 recommendations that can make your applications safer
Are you working on a new application? If so, consider these three recommendations that highlight the importance of thinking about information security.
The post 3 recommendations that can make your applications safer appeared first on We Live Security.
Global cost of cybercrime ‘continues to rise’
A new report from the Ponemon Institute reveals that the global cost of cybercrime to businesses shows no signs of slowing down.
The post Global cost of cybercrime ‘continues to rise’ appeared first on We Live Security.
Attack at LOT leaves 1,400 passengers stranded
The hack happened in the afternoon and targeted the Polish flag carrier LOT. According to a report from Reuters “hackers attacked the airline ground computer systems used to issue flight plans”. The whole situation was resolved a few hours later. Nonetheless 10 national and international flights had to be canceled and even more were delayed. Luckily none of the planes or the airport itself were affected and no one got hurt. LOT took extra care to mention “that it has no influence on plane systems. Aircrafts, that are already airborne will continue their flights. Planes with flight plans already filed will return to Warsaw normally.”
The airline also made it clear that the airport itself was not affected. Once the ‘problem’ was fixed LOT issued the following press release. “The situation after the IT attack on our ground operation system is already under control. We are working on restoring the regularity as soon as possible. Our operating center is already preparing flight plans. We will try to ensure that the largest number of passengers are informed and continue commenced journeys.”
Spokesman Kubicki said that LOT is using state-of-the-art computer systems, so this could potentially be a threat to others in the industry as well.
The post Attack at LOT leaves 1,400 passengers stranded appeared first on Avira Blog.