Tag Archives: Cybersecurity

Для тех, кто интересуется безопасным доступом к онлайн-играм, наш партнер предлагает зеркало Вавады, которое позволяет обходить любые блокировки и сохранять доступ ко всем функциям казино.

Miller and Valasek Show the Real-World Impact Hackers Can Have

Posted on by

Charlie Miller and Chris Valasek at Black Hat USA 2015Photo: Black Hat USA 2015

LAS VEGAS—At Black Hat 2015, Charlie Miller and Chris Valasek gave one of the most highly anticipated and best-attended presentations, even far beyond the elite infosecurity experts gathered here this week. The already notable duo of hackers made international headlines two weeks ago when they demonstrated more than a year’s worth of work figuring out how to hack into and remotely control unaltered cars—and used Wired reporter Andy Greenberg as their test driver.

Greenberg’s article and video of the test paint a compelling portrait of just what Miller and Valasek’s hack means in practice. “As the two hackers remotely toyed with the air-conditioning, radio, and windshield wipers, I mentally congratulated myself on my courage under pressure. That’s when they cut the transmission,” Greenberg wrote. “Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed down to a crawl.

buy xtandi online www.phamatech.com/wp-content/uploads/2023/10/jpg/xtandi.html no prescription pharmacy

This occurred just as I reached a long overpass, with no shoulder to offer an escape. The experiment had ceased to be fun.”

From a couch in Miller’s basement 10 miles away, they were able to seize control of the Jeep, and their methods could be applied to any car operating the same technology: Uconnect, an internet-connected computer feature in hundreds of thousands of cars that controls the entertainment and navigation systems, enables phone calls and, with a subscription purchase, offers a Wi-Fi hotspot. The hackers’ exploit can also be used for surveillance, using the Jeep’s GPS to track location to measure speed, and even drops pins on a map at regular intervals to trace its route. And, because of the system’s cellular connection, this can be done on any car from anywhere with access to the same cellular network (Sprint) as long as hackers know the car’s IP address.

In the wake of the Wired article, Sprint has blocked the kind of phone to car traffic and car to car traffic that facilitates remote hacking. What’s more, Fiat Chrysler announced the recall of 1.

buy elavil online www.phamatech.com/wp-content/uploads/2023/10/jpg/elavil.html no prescription pharmacy

4 million cars and trucks that could be vulnerable to hacking—more than three times as many as the pair originally estimated may be at risk.

buy phenergan online www.phamatech.com/wp-content/uploads/2023/10/jpg/phenergan.html no prescription pharmacy

Miller and Valasek approached the company with their findings as early as 2014, and said the automaker was responsive to their report. Unauthorized remote access was blocked with a network-level improvement, the company announced shortly after Greenberg’s article went to print. In addition to the recall to update software in the infotainment system, affected customers will receive a USB device to upgrade vehicles’ software with internal safety features.

And lest anyone still question the impact hackers can have on a business’s bottom line, as they were only too happy to point out, here’s a look at Chrysler’s stock from a week before to a week after the Wired story:

chrysler stock

Part of their aim was to increase consumer awareness and provoke greater scrutiny of technology they are being told is safe. “If consumers don’t realize this is an issue, they should, and they should start complaining to carmakers,” Miller told Wired. “This might be the kind of software bug most likely to kill someone.” Their research has already effected concrete change beyond the cars recalled. Partially spurred by the team’s earlier demonstrations in the arena, Senators Edward Markey of Massachusetts and Richard Blumenthal of Connecticut introduced legislation on July 21 that would direct the National Highway Traffic Safety Administration and the Federal Trade Commission to establish rules to secure cars and protect consumer privacy. The bill would also establish a rating system to inform owners about how secure their vehicles are beyond any minimum federal requirements, Bloomberg reported. “Controlled demonstrations show how frightening it would be to have a hacker take over controls of a car,” Markey said in a statement to Wired. “Drivers shouldn’t have to choose between being connected and being protected…We need clear rules of the road that protect cars from hackers and American families from data trackers.”

Miller and Valasek have done a lot more than present a frightening demonstration of just how vulnerable so many cars are, and it involves everyone here at Black Hat. In their presentation, Valasek opened with a blunt public service announcement: Please stop saying anything is “unhackable,” because you are wrong and you are just going to look silly. Proving that took more than a year of meticulous work, much of which could not be easily reproduced and applied any time soon, but they did prove it, and in doing so, they prompted the first formal safety campaign in response to a cybersecurity threat. That may be the biggest impact, he told the audience: “Hackers did something, fiscal change happened and it wasn’t in infosec—it was in the real world.”

The Rise of Malvertising

Posted on by

malvertising cyber security

LAS VEGAS—One of the hottest topics in cyberthreat detection right now is the rise of malvertising, online advertising with hidden malware that is distributed through legitimate ad networks and websites. On Monday, Yahoo! acknowledged that one of these attacks had been abusing their ad network since July 28—potentially the biggest single attacks, given the site’s 6.9 billion monthly visits, security software firm Malwarebytes reported.

In the first half of this year the number of malvertisements has jumped 260% compared to the same period in 2014, according a new study released at the Black Hat USA conference here today by enterprise digital footprint security company RiskIQ. The sheer number of unique malvertisements has climbed 60% year over year.

“The major increase we have seen in the number of malvertisements over the past 48 months confirms that digital ads have become the preferred method for distributing malware,” said James Pleger, RiskIQ’s director of research. “There are a number of reasons for this development, including the fact that malvertisements are difficult to detect and take down since they are delivered through ad networks and are not resident on websites. They also allow attackers to exploit the powerful profiling capabilities of these networks to precisely target specific populations of users.”

How does malvertising work—and why is it taking off right now? “The rise of programmatic advertising, which relies on software instead of humans to purchase digital ads, has generated unprecedented growth and introduced sophisticated targeting into digital ad networks,” the company explained. “This machine-to-machine ecosystem has also created opportunities for cyber criminals to exploit display advertising to distribute malware. For example, malicious code can be hidden within an ad, executables can be embedded on a webpage, or bundled within software downloads.”

The study also noted that, in 2014, there was significantly more exploit kit activity (which silently installs malware without end user intervention) than fake software updates that require user consent. In 2015, however, fake software updates have surpassed exploit kits as the most common technique for installing malware. Fake Flash updates have replaced fake antivirus and fake Java updates as the most common method used to lure victims into installing various forms of malware including ransomware, spyware and adware.

buy zyprexa online familyvoicesal.org/resources/images/jpg/zyprexa.html no prescription pharmacy

Last week, enterprise security firm Bromium also released a new study focused on the rising threat of malvertising, finding that these Flash exploits have increased 60% in the past six months and the growth of ransomware families has doubled every year since 2013.

“For the last couple of years, Internet Explorer was the source of the most exploits, but before that it was Java, and now it is Flash; what we are witnessing is that security risk is a constant, but it is only the name that changes,” said Rahul Kashyup, senior vice president and chief security architect at Bromium. “Hackers continue to innovate new exploits, new evasion techniques and even new forms of malware—recently ransomware—preying on the most popular websites and commonly used software.”

One of the riskiest aspects of these exploits is that users do not have to be accessing sites that seem remotely suspect to be exposed. According to Bromium’s research, more than 58% of malvertisments were delivered through news websites (32%) and entertainment websites (26%). Notable websites unknowingly hosting malvertising included cbsnews.com, nbcsports.com, weather.com, boston.com and viralnova.com, the firm reported.

With that in mind, IT and cybersecurity teams have to adapt to meet these new threats, which are evolving far faster than detection tools, including antivirus, behavioral analysis, network intrusion detection, and the basic safe browsing guidelines issued to employees regarding their use of work devices.

“The key takeaway from this report is that, at large, the Internet is increasingly becoming ‘untrustworthy.’ Attackers are now using popular websites to launch malware via online ads, which makes things difficult for IT security teams,” explained Rahul Kashyup, SVP and chief security architect at Bromium. “This risk should be well understood and factored in for any organization while building a ‘defense-in-depth’ security stack. Regular patching and updates definitely help to limit the exposure to potential attacks, but that might not be feasible for large organizations.

buy prevacid online familyvoicesal.org/resources/images/jpg/prevacid.html no prescription pharmacy

It is advisable to evaluate non-signature based technologies that can thwart such attacks in a reliable way and prevent infections on end-user devices.

buy singulair online familyvoicesal.org/resources/images/jpg/singulair.html no prescription pharmacy

According to Bromium, the websites that most frequently serve as malvertising attack sources are:

malvertising attack sources

Should You Track Down Your Cyberattacker?

Posted on by

By and large, organizations tend to invest in preventative cybersecurity measures and they also concentrate their resources on detecting and stopping cyberattacks, rather than on painstaking “who did it?” investigations. They want to close the gap, manage the public opinion fallout, learn from the episode and move on.

From an enterprise perspective, this makes sense, as resources dealing with cybersecurity are usually overstretched and the organization does not stand to gain much from determining, with a certain degree of certainty, who was behind a cyberattack. The incentive equation, of course, is different if the target of the attack is a government or a large organization that is part of a country’s critical national infrastructure.

Attack attribution has traditionally been approached from the perspective of enabling the target or victim entity to pursue the attacker either for damages in a court of law; or from a national, military or intelligence “strike back” perspective.

While dishing out some form of retribution has always been instinctual, however, only governments and very large corporations have historically had the technical toolbox, the economical means and the long-term view to pursue a cyber retribution strategy.

online pharmacy albenza with best prices today in the USA

But should commercial and non-commercial organizations also care about cyberattack attribution?

online pharmacy amoxil with best prices today in the USA

Yes, within measure.

The first question ought to be: why? What does the target organization stand to gain from investing in cyber-attack attribution? The answer is that, the better it understands the attackers tools and techniques, the more likely the organization is to direct its limited resources to the right areas of defense.

As we know, each attacker or attacker group has certain preferred tooling and attacking methods. Also, they have their own motivation, speed, operational capability and discipline.

Assuming that an organization can safely concentrate only on patching, employee awareness programs, scanning, pen testing, log monitoring and other traditional defensive security measures, would be a mistake. These measures are, of course, necessary but they can no longer be the entire apparatus of cyber defense. Organizations need to invest a certain proportion of their resources in understanding their cyber adversaries, and their motivations, modus-operandi, credibility and capabilities, in order to better tailor their defensive resources.

What would be the “adequate” amount of time and effort for an organization to spend on seeking to attribute a cyberattack, successful or not, to a malicious actor or group? The effort should be proportionate with what is at risk and what resources the company has, either in house or via its suppliers and industry. Knowing at least how some of their enemies attack, however, can help companies to better leverage their resources when defending.

online pharmacy abilify with best prices today in the USA

Morpho Hacker Group Targets Intellectual Property

Posted on by

With the highly-publicized rise in cyberbreaches, we have seen hackers break into systems for a variety of reasons: criminal enterprises simply stealing money, thieves gathering Social Security or credit card numbers to sell on the black market, state-sponsored groups taking confidential information, and malicious actors taking passwords or personal data to use to hit more valuable targets. Now, another group of financially-motivated hackers has emerged with a different agenda that may have even riskier implications for businesses.

According to a new report from computer security company Symantec, a group it calls Morpho has attacked multiple multibillion-dollar companies across an array of industries in pursuit of one thing: intellectual property. While it is not entirely clear what they do with this information, they may aim to sell it to competitors or nation states, the firm reports. “The group may be operating as ‘hackers for hire,’ targeting corporations on request,” Symantec reported. “Alternatively, it may select its own targets and either sell stolen information to the highest bidder or use it for insider trading purposes.”

Victimized businesses have spanned the Internet, software, pharmaceutical, legal and commodities fields, and the researchers believe the Morpho group is the same one that breached Facebook, Twitter, Apple and Microsoft in 2013.

Symantec does not believe the group is affiliated with or acting on behalf of any particular country as they have attacked businesses without regard for the nationality of its targets. But, as the New York Times reported, ” the researchers said there were clues that the hackers might be English speakers — their malicious code is written in fluent English — and they named their encryption keys after memes in American pop culture and gaming. Researchers also said the attackers worked during United States working hours, though they conceded that might just be because that is when their targets are most active.”

The researchers have tied Morpho to attacks against 49 different organizations in more than 20 countries, deploying custom hacking tools that are able to break into both Windows and Apple computers, suggesting it has plenty of resources and expertise. The group has been active since at least March 2012, the report said, and their attacks have not only continued to the present day, but have increased in number. “Over time, a picture has emerged of a cybercrime gang systematically targeting large corporations in order to steal confidential data,” Symantec said.

Morpho hacking victims by industry

Morpho hackers have also been exceptionally careful, from preliminary reconnaissance to cleaning up evidence.

In some cases, to help best determine the valuable trade secrets they would steal, the group intercepted company emails as well as business databases containing legal and policy documents, financial records, product descriptions and training documents. In one case, they were able to compromise a physical security system that monitors employee and visitor movements in corporate buildings. After getting the data they wanted, they scrubbed their tracks, even making sure the servers they used to orchestrate the attacks were rented using the anonymous digital currency Bitcoin.

In short, the hackers are really good, according to Vikram Thakur, a senior manager of the attack investigations team at Symantec. “Who they are? We don’t know. They are virtually impossible to track,” he said.