An inside look at hybrid Office 365 phishing attacks | Salted Hash Ep 41
In this episode, Steve Ragan shows what a hybrid phishing attack looks like as it starts off on one service, and quickly moves to another.
Computer Security Articles
RSS Reader for Computer Security Articles
Independent
Florida Man Arrested in SIM Swap Conspiracy
Credit to Author: BrianKrebs| Date: Tue, 07 Aug 2018 19:27:23 +0000
Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher, an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering. Investigators allege Handschumacher was part of a group of at least nine individuals scattered across multiple states who for the past two years have drained bank accounts via an increasingly common scheme involving mobile phone “SIM swaps.”
Read MoreGrand Theft IT? Not quite
Credit to Author: Sharky| Date: Tue, 07 Aug 2018 03:00:00 -0700
The time has come for the sales team at this financial services company to get new top-of-the-line laptops — and they’re being upgraded 80 at a time, reports an IT pilot fish there.
“Late one night, the guy in charge of the upgrade got a call from Security saying that a break-in had occurred,” fish says. “They told him that on the security cameras they saw the thieves making off with a lot of laptops.
“The upgrade project manager arrived at the scene to meet the police — who were very puzzled when he started laughing.
“Turns out the thieves stole 80 decommissioned laptops with no hard drives, while ignoring the 80 new laptops sitting in boxes beside the decommissioned ones.”
What is a phishing kit? Watch this in-depth explainer | Salted Hash Ep 39
What is a phishing kit? In this video, Steve Ragan offers an answer and a look at some of the kits Salted Hash has collected.
TSMC's iPhone chip attack is a wake-up call for enterprise security
Credit to Author: Jonny Evans| Date: Mon, 06 Aug 2018 05:21:00 -0700
Apple chipmaker TSMC suffered a serious WannaCry-related ransomware infection that closed down production at some of its factories. The incident should be a wake-up call for manufacturers across every industry.
Manufacturing is under attack
TSMC has said the incident was not the result of a direct attack. Instead it says its systems were exposed to the malware “when a supplier installed tainted software without a virus scan.”
The malware spread fast and impacted some of the company’s most advanced facilities used to build Apple’s A-series chips.
TSMC's iPhone chip attack is a wake up call for enterprise security
Credit to Author: Jonny Evans| Date: Mon, 06 Aug 2018 05:21:00 -0700
Apple chipmaker TSMC suffered a serious WannaCry-related ransomware infection that closed down production at some of its factories. The incident should be a wake-up call for manufacturers across every industry.
Manufacturing is under attack
TSMC has said the incident was not the result of a direct attack. Instead it says its systems were exposed to the malware. “When a supplier installed tainted software without a virus scan,” it said.
The malware spread fast and impacted some of the company’s most advanced facilities used to build Apple’s A-series chips.
How Microsoft became tech’s good guy
Credit to Author: Preston Gralla| Date: Mon, 06 Aug 2018 03:00:00 -0700
Once upon a time, Microsoft symbolized all that was wrong with the tech world: greedy, monopolistic, single-mindedly focused on profits while caring little about the public good. In the heyday of Bill Gates and Steve Ballmer, the company ran roughshod over competitors in its attempt to corral the worldwide market for both operating systems and application software.
But today, Microsoft has embraced the role of the tech world’s better angel. And as events show in recent weeks, that’s not hype. The company has, to some extent, tried to act as the industry’s conscience as well as taking actions for the greater good.
One case in point: Microsoft’s recent revelation that it had uncovered evidence that the Russian government had targeted three congressional campaigns in the upcoming midterm elections — and that it had helped thwart the plot. Microsoft discovered the attempts as part of its long-running battle against the Russian government–backed hacking cyber-espionage group called Fancy Bear. Microsoft, which has been playing whack-a-mole with the group for well over a year, targets the command-and-control servers that control malware that Fancy Bear plants on victims’ computers, as well as associated websites that install malware on targets’ computers when the victims visit them as a result of a spearphishing attack.
An introduction to Kit Hunter, a phishing kit detector | Salted Hash Ep 40
Kit Hunter, a basic Python script written by host Steve Ragan, searches on common tag elements to find hidden phishing kits on a web server.