News from 'Help Net Security'

Syndicate content
Daily information security news with a focus on enterprise security.
Updated: 5 hours 48 min ago

MoneyTaker’s stealthy hacking spree spread from US to Russia

5 hours 29 min ago
A stealthy group of Russian-speaking hackers has been targeting financial organizations (banks, credit unions, lenders) in the US and Russia, stealing money and documentation that could be used for new attacks. The targets The group’s operations have been detailed in a report by Russian cyber attack investigators Group-IB, who investigated over 20 attacks that have been traced back to MoneyTaker (as they’ve dubbed the hacking outfit). MoneyTaker hackers seem to have a preference for small … More →
Categories: Cyber India

Keylogger found in Synaptics driver on HP laptops

8 hours 27 min ago
For the second time this year, a security researcher unearthed a keylogger in a driver used on a number of HP laptops. The first time was earlier this year, when Swiss security firm modzero AG discovered a keylogger in Conexant HP audio drivers that stored records of keystrokes in a file in the public folder, unencrypted. This time, the keylogger was spotted by security researcher Michael Myng (aka “ZwClose”) while rifling through the Synaptics Touchpad … More →
Categories: Cyber India

Worldwide server revenue grew 16% in Q3 2017

10 hours 10 min ago
In the third quarter of 2017, worldwide server revenue increased 16 percent year over year, while shipments grew 5.1 percent from the second quarter of 2016, according to Gartner. “The third quarter of 2017 produced continued growth on a global level with varying regional results,” said Jeffrey Hewitt, research vice president at Gartner. “A build-out of infrastructure to support cloud and hybrid-cloud implementations was the main driver for growth in the server market for the … More →
Categories: Cyber India

Android vulnerability allows attackers to modify apps without affecting their signatures

10 hours 32 min ago
Among the many Android vulnerabilities patched by Google this December is one that allows attackers to modify apps without affecting their signatures. The danger “Although Android applications are self-signed, signature verification is important when updating Android applications. When the user downloads an update of an application, the Android runtime compares its signature with the signature of the original version. If the signatures match, the Android runtime proceeds to install the update,” Guard Square researchers explained. … More →
Categories: Cyber India

Will IoT botnets catapult the industry toward security regulation in 2018?

13 hours 25 min ago
Attackers demonstrated the power of an IoT-fueled botnet in 2016 when the Mirai botnet took down major websites like Reddit, Twitter and GitHub. Despite the damages, no significant changes to the IoT industry occurred. As a matter of fact, consumers continue to purchase and deploy IoT devices with little care outside the guarantee that the device works and the price tag is cheap. Manufacturers continue to pump out new IoT devices at a rapid pace, … More →
Categories: Cyber India

A layered approach to modern identity

14 hours 1 min ago
The way we work is evolving. Traditional desktop computers and laptops are slowly giving way to the mobile device. From smartphones to tablets, a growing number of employees are embracing the flexibility that accompanies such devices. In fact, 55 percent of all email was opened on mobile devices from May 2017 to April 2017 – up from just 29 percent in 2012. In addition to keeping tabs on the office, consumers have come to rely … More →
Categories: Cyber India

Week in review: Ransomware’s next stop, NiceHash hack, and why phishers love HTTPS

Mon, 11/Dec/2017 - 04:57
Here’s an overview of some of last week’s most interesting news and articles: Bitcoin traders beware: Fake trading bot offer delivers RAT The malicious offer comes via email: a free trial of Gunbot, a new bitcoin trading bot developed by Gunthy. Global security spending to reach $96 billion in 2018 Organizations are spending more on security as a result of regulations, shifting buyer mindset, awareness of emerging threats and the evolution to a digital business … More →
Categories: Cyber India

Bitcoin traders beware: Fake trading bot offer delivers RAT

Sat, 09/Dec/2017 - 00:29
As the price of Bitcoin keeps hitting surprising heights, more and more cyber crooks are turning their sights on anything and anyone who trades or uses the popular cryptocurrency. The latest attempt to deliver malware to a specific group of Bitcoin users was spotted by Fortinet researchers. A RAT is delivered The malicious offer comes via email: a free trial of Gunbot, a new bitcoin trading bot developed by Gunthy: The email carries an attachement … More →
Categories: Cyber India

Chrome site isolation option offers more security

Fri, 08/Dec/2017 - 21:42
Chrome 63, which was promoted to the stable release channel on Wednesday, comes with many security fixes and improvements, especially for the enterprise audience. Site Isolation The biggest news is Site Isolation. Enterprise IT administrators can now make it so that Chrome renders content for each open website in a separate process, isolated from other websites. Site isolation can be turned on for all websites, or for a list of specific websites (e.g. sites that … More →
Categories: Cyber India

Keep unexpected holiday security surprises to a minimum

Fri, 08/Dec/2017 - 17:30
The chilly weather is setting in here in the northern hemisphere, and as we get ready for the holidays many of us are gathering round a cheery fire. But not everyone is enjoying the warmth of this experience. It’s only a matter of time before we see more legislation around all types of data protection, company breach disclosures, and associated fines. The Equifax incidents started the fire and there is plenty of fuel to continue … More →
Categories: Cyber India

Apple users, it’s time for new security updates

Fri, 08/Dec/2017 - 01:51
Apple usually pushes out security updates for its various devices and software on the same day, but not this time. The iOS update was rushed out on Saturday because of a critical need to fix a bug in iOS 11 that caused some iPhones to crash when the calendar changed to December 2. The update also fixed: Five kernel vulnerabilities, some of which can be exploited by a malicious application to execute arbitrary code with … More →
Categories: Cyber India

Global security spending to reach $96 billion in 2018

Thu, 07/Dec/2017 - 20:59
Gartner forecasts worldwide enterprise security spending to total $96.3 billion in 2018, an increase of 8 percent from 2017. Organizations are spending more on security as a result of regulations, shifting buyer mindset, awareness of emerging threats and the evolution to a digital business strategy. Security spending drivers “Overall, a large portion of security spending is driven by an organization’s reaction toward security breaches as more high profile cyberattacks and data breaches affect organizations worldwide,” … More →
Categories: Cyber India

NiceHash suffers security breach, around $70 million in Bitcoin stolen

Thu, 07/Dec/2017 - 20:46
NiceHash, one of the most popular crypto-mining marketplaces, has apparently suffered a breach that resulted in the theft of the entire contents of the NiceHash Bitcoin wallet. “We are currently investigating the nature of the incident and, as a result, we are stopping all operations for the next 24 hours. We are working to verify the precise number of BTC taken,” the outfit noted. “Clearly, this is a matter of deep concern and we are … More →
Categories: Cyber India

What’s on the horizon for security and risk management leaders?

Thu, 07/Dec/2017 - 18:30
By 2022, cybersecurity ratings will become as important as credit ratings when assessing the risk of business relationships, Gartner analysts believe. They also predict that, by 2020, 60% of organizations engaging in M&A (mergers and acquisitions) activity will consider cybersecurity posture as a critical factor in their due diligence process. Cybersecurity posture With the mess that the Yahoo acquisition ended up to be due to previously unknown/undisclosed data breaches, it’s easy to see how that … More →
Categories: Cyber India

Why phishers love HTTPS

Thu, 07/Dec/2017 - 00:42
As more and more sites switch to HTTPS, the number of phishing sites hosted on HTTPS domains is also increasing. “In the third quarter of 2017, we observed nearly a quarter of all phishing sites hosted on HTTPS domains, nearly double the percentage we saw in the second quarter. A year ago, less than three percent of phish were hosted on websites using SSL certificates. Two years ago, this figure was less than one percent,” … More →
Categories: Cyber India

Chief Data Officers are increasingly enabling digital transformation

Wed, 06/Dec/2017 - 23:50
As the role of chief data officer (CDO) continues to gain traction within organizations, a recent survey by Gartner found that these data and analytics leaders are proving to be a linchpin of digital business transformation. The third annual Gartner Chief Data Officer survey was conducted July through September 2017 with 287 CDOs, chief analytics officers and other high-level data and analytics leaders from across the world. Respondents were required to have the title of … More →
Categories: Cyber India

DDoS attackers increasingly targeting cryptocurrency exchanges

Wed, 06/Dec/2017 - 21:52
The extraordinary volatility of the price of bitcoin has spurred speculators to employ a wide variety of tricks to make it swing between extremes, so that they can take advantage of it. The unregulated nature of the cryptocurrency ecosystem makes it possible for things like statements by widely esteemed financial executives to have a sizeable impact on the currency’s price. Another way to influence the price is through DDoS attacks against bitcoin exchange sites. There’s … More →
Categories: Cyber India

Majority would trust organisations more if they were to use biometrics for authentication

Wed, 06/Dec/2017 - 17:36
Nearly seven in 10 Europeans (68 percent) said they would trust organisations more if they were to use biometrics for authentication, according to a new Unisys survey. The survey also found that tech-savvy consumers are ready for biometric authentication, such as fingerprint readers or iris scanning, in replacement of passwords or PINs – with half of respondents saying not having to remember passwords is a major benefit of the technology. With responses from more than … More →
Categories: Cyber India

Hacker who tried to spring friend from jail will end up in prison himself

Wed, 06/Dec/2017 - 00:25
A Michigan man by the name of Konrads Voits pleaded guilty to hacking Washtenaw County’s computer network and changing the Washtenaw County Jail records, with the intent to help a friend get released early from jail. Unfortunately for him, his fiddling with the inmate electronic records was spotted, an FBI investigation was mounted, and it led back to him. He was arrested on March 10, 2017, in his apartment. According to MLive, Voits was sitting … More →
Categories: Cyber India

Security and costs holding back those looking to implement IoT projects

Wed, 06/Dec/2017 - 00:04
While 94% of IT professionals from organisations that are undertaking Internet of Things (IoT) initiatives say they need to invest in IoT over the next 12 months in order to stay competitive, most admit they have encountered barriers to adoption. These mainly include security concerns, the cost of implementation and commitment from the company’s leadership. The research carried out by Vanson Bourne, looking at attitudes to IoT, including the drivers, barriers, challenges and benefits, surveyed … More →
Categories: Cyber India