« Is it Spam? This week in Amazon Credit Card Rewards Scams | Main | Top 5 #infosec reads: March 24-28, 2014 »

Friday, 21 March 2014

Top 5 #InfoSec Reads March 17 - March 21

by Matt Piscitello

Anonymous DDoS’s Russia, Target’s IT learns not to ignore intrusion alerts the hard way, ESET discovers a Linux backdoor in the wild,  Phisher’s cancer scare sets all time low and cybergang KVM gets convicted are this week’s #infosec top reads.

Anonymous group in DDoS Kremlin attack

After a cyber attack took Russian government websites offline briefly, hacktivists among Anonymous came forward on Facebook to claimi they had masterminded the attack and crudely inferring that there's more to come. Is this and a trending sequence of events following Russia's forced takeover of Crimeathat an indication that the Russia-Ukraine conflict has gone cyber? Is this how future wars will be fought in cyberspace? 

Target failed to act on malware alerts and signs of breach

A more thorough check on the alerts reported from a malware detection tool deployed by Target’s IT could have prevented the breach that put millions of customers at risk of identity theft at the start of 2014. The highly sophisticated and highly expensive technology was deployed last year, but when the breach was first detected, IT teams in India and Minneapolis failed to take action.

Linux Backdoor Discovered

There's no technology on this earth that is entirely immune to a breach in security, and despite opinions otherwise, Linux is no exception. Operation Windigo is a Linux-capable backdoor Trojan that has infected several hundred thousand computers worldwide. Claims that the sky is falling are, like claims that Linux OS was totally secure, silly.

Phishing email says you have cancer

An attack launched on March 13 distributed emails telling people that a blood sample suggests they might have cancer. Masquerading as a message from the National Institute for Health and Care Excellence, the phishing attack launches a Trojan once the understandably distressed recipients click the phony test results attached to the email. 

Cyber gang behind £1.25m 'KVM' bank fraud convicted

Three men were tried and two were found guilty of cyber crime, making for a combined total of thirteen men who have all been convicted. Called 'KVM' for using a keyboard, video, mouse switch device to remotely access bank accounts, they stole millions from several different banks until they were caught in September of last year. Security experts noted that the convictions are a lesson in taking measures against, "the social engineering aspect of cyber attacks that many organizations ignore."

Posted at 04:20 PM in All matters security, Top Infosec Reads |

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.

Find me on Mastodon and Facebook

Spotlight Posts

  • Interisle Study Reveals Alarming Rise in Online Abuse and Identifies Exploitable Links in Cybercriminal Supply Chains
    My Interisle colleagues and I today published our 2024 Cybercrime Suppy Chain study. We analyzed 16 million cybercrime events to expose a dramatic rise in criminal exploitation of name, address, hosting, and financial supply chains. Our year-over-year findings show that cybercriminals exploit lax policies to easily and cheaply obtain resources for phishing, malware, and spam campaigns. In our report, we provide actionable insights for those aiming to curb cybercrime. Among the major findings in the study, Interisle reports that: The total number of malware, phishing, and spam attacks grew year-over-year by nearly 54%, to nearly 16.3 million attacks. Spam doubled,...
  • Malware quarterly reports for July-September
    Malware quarterly reports for July-September 2024 is now posted at the Cybercrime Information Center. For the period... Malware identified as targeting endpoint devices increased 277% over the prior period. WordPress blog sites used for malware accounted for nearly all the malicious documents reported for this period. We continue to see an uptick in malicious scripts. IPv4 addresses reported for exhibiting characteristics of attackware and traffic injectors increased 38% to just under 1 million. ASNs in China and India again have the most IPv4 addresses reported for hosting malware. More malware trends for the period at https://www.cybercrimeinfocenter.org/malware-trends-july-september-2024. For historical reporting of...
  • Interisle's Phishing Landscape 2024 is here
    Our Interisle team today announced the publication of an industry report, Phishing Landscape 2024, A Study of the Scope and Distribution of Phishing. Interisle’s fourth annual study examines nearly four million phishing reports collected from May 2023 to April 2024 and provides historical measurements using over 15 million phishing reports collected at the Cybercrime Information Center over a four year period. Findings from the study: • The total number of phishing attacks grew to ~1.9 million incidents worldwide. • Phishing attacks hosted at subdomain providers increased by 450,000+ reported names, representing 24% of all phishing attacks. • The use of...
  • Malware Trends, January - March, 2024 posted at the Cybercrime Information Center
    2024 began with a rise in domain names reported for hosting malware unlike any we have seen since we began measuring malware attacks in 2021. The 1Q2024 Top 20 TLDs included 10 new gTLDs, 6 ccTLDs, and 4 legacy gTLDs. Only three TLDs remained in the top 5 TLDs (COM, NET, INFO) from the prior quarter. The ORG and BR TLDs were replaced by SHOP (over 3,000% increase) and TOP (over 700% increase). All but one registrar in 1Q2024’s Top 20 registrar ranking showed increases of 100% or more. Several registrars had 4- and 5-figure percentage increases in domains reported....
  • Malware Trends, January - March, 2024 posted at the Cybercrime Information Center
    2024 began with a rise in domain names reported for hosting malware unlike any we have seen since we began measuring malware attacks in 2021. The 1Q2024 Top 20 TLDs included 10 new gTLDs, 6 ccTLDs, and 4 legacy gTLDs. Only three TLDs remained in the top 5 TLDs (COM, NET, INFO) from the prior quarter. The ORG and BR TLDs were replaced by SHOP (over 3,000% increase) and TOP (over 700% increase). All but one registrar in 1Q2024’s Top 20 registrar ranking showed increases of 100% or more. Several registrars had 4- and 5-figure percentage increases in domains reported....

Search

My Photo

Categories