Today’s Reading(27 Nov 2019)

Ransomware: ‘Tis the Season for Retailers to be Prepared

‘Tis the season!  Winter holidays are upon us, and with it brings the yearly high-volume online shopping season we all know as Black Friday/Cyber Monday (BFCM). With the total US consumer spending estimated at over $717 billion in the 2018 BFCM season, retailers know that the next few weeks are a critical time for their infrastructure. Unfortunately, so do ransomware attackers. Reads more in

Over 12,000 Google Users Hit by Government Hackers in 3rd Quarter of 2019

According to a report published by Google’s Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with “credential phishing emails” that tried to trick victims into handing over access to their Google account.

Google’s TAG tracks over 270 government-backed hacking groups from over 50 countries that are involved in intelligence collection, stealing intellectual property, destructive cyber attacks, targeting dissidents, journalists, and activists, or spreading coordinated disinformation

Facebook and Twitter warn some users’ private data was accessed via third-party app SDK

Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts.

According to a report by CNBC, users of Android apps that made use of a software development kit (SDK) named oneAudience may have unwittingly shared information such as their email addresses, usernames and recent tweets.CNBC says that amongst the offending Android apps are the photo-editing tools Giant Square and Photofy. Presently there is no indication that iOS users are affected by the issue.

Who needs malware? IBM says most hackers just PowerShell through boxes now, leaving little in the way of footprints

This according to researchers with IBM’s X-Force, who found that in 2018 just 43 per cent of the attacks it analyzed utilized any sort of locally installed files. Rather, the hackers utilized PowerShell scripts to execute their dirty deeds in memory without significantly touching file systems, if at all.

This finding is important because it is another reminder that admins can no longer solely rely on detecting malicious executables and similar data on hard drives and other storage, to identify cyber-intrusions.



Categories: dailyread

Tags: , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.