The Russian hacker group has shifted tactics and tools with an aim to continue profiting from its nefarious activity
Daily Archives: June 7, 2022
KrebsOnSecurity in New Netflix Series on Cybercrime
Netflix has a new documentary series airing next week — “Web of Make Believe: Death, Lies & the Internet” — in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of “swatting” — wherein fake bomb threats or hostage situations are phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.
The producers of the Netflix show said footage from an interview I sat for in early 2020 on swatting and other threats should appear in the first episode. They didn’t specify what additional topics the series would scrutinize, but Netflix’s teaser for the show suggests it concerns cybercrimes that result in deadly, real-world kinetic attacks.
“Conspiracy. Fraud. Violence. Murder,” reads the Netflix short description for the series. “What starts out virtual can get real all too quickly — and when the web is worldwide, so are the consequences.”
Our family has been victimized by multiple swatting attacks over the past decade. Our first swatting, in March 2013, resulted in Fairfax County, Va. police surrounding our home and forcing me into handcuffs at gunpoint. For an excruciating two minutes, I had multiple police officers pointing rifles, shotguns and pistols directly at me.
More recently, our family was subjected to swatting attacks by a neo-Nazi group that targeted journalists, judges and corporate executives. We’ve been fortunate that none of our swatting events ended in physical harm, and that our assailants have all faced justice.
But these dangerous hoaxes can quickly turn deadly: In March 2019, 26-year-old serial swatter Tyler Barriss was sentenced to 20 years in prison for making a phony emergency call to police in late 2017 that resulted in the shooting death of an innocent Kansas resident.
In 2021, an 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that led to the death of a 60-year-old grandfather in was sentenced to five years in prison.
The first season of the new documentary series will be available on Netflix starting June 15. See you on TV!
halibut-1.3-3.el7
FEDORA-EPEL-2022-ce8d5824ad
Packages in this update:
halibut-1.3-3.el7
Update description:
This is an update fixing CVE-2021-42612, CVE-2021-42613, CVE-2021-42614.
How the Colonial Pipeline attack has changed cybersecurity
It’s been just over a year since the American public got a taste of what a cyberattack could do to their way of life. A ransomware sortie on Colonial Pipeline forced its owners to shut down operations and leave half the country’s East Coast in a lurch for refined oil. Since that time, efforts have aimed at making the nation’s critical infrastructure more resilient and to counter the scourge of ransomware. The question is whether enough is being done fast enough.
“The attack on Colonial Pipeline was an eye-opener—not so much because of the risks about ransomware, but because of the threat landscape moving dangerously close to the critical infrastructure that underpins societies,” says Gartner Vice President, Analyst Katell Thielemann . “On that front, it was a wake-up call that spurred all kinds of activities, from cybersecurity sprints in the electric utility sector led by the Department of Energy to security directives from the TSA to pipeline, rail, and airport operators, to a new law establishing upcoming mandates for incident reporting.”
USN-5463-1: NTFS-3G vulnerabilities
It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a
user or automated system were tricked into using ntfsck on a specially
crafted disk image, a remote attacker could possibly use this issue to
execute arbitrary code. (CVE-2021-46790)
Roman Fiedler discovered that NTFS-3G incorrectly handled certain return
codes. A local attacker could possibly use this issue to intercept
protocol traffic between FUSE and the kernel. (CVE-2022-30783)
It was discovered that NTFS-3G incorrectly handled certain NTFS disk
images. If a user or automated system were tricked into mounting a
specially crafted disk image, a remote attacker could use this issue to
cause a denial of service, or possibly execute arbitrary code.
(CVE-2022-30784, CVE-2022-30786, CVE-2022-30788, CVE-2022-30789)
Roman Fiedler discovered that NTFS-3G incorrectly handled certain file
handles. A local attacker could possibly use this issue to read and write
arbitrary memory. (CVE-2022-30785, CVE-2022-30787)
halibut-1.3-3.el8
FEDORA-EPEL-2022-287b3b64f6
Packages in this update:
halibut-1.3-3.el8
Update description:
This is an update fixing CVE-2021-42612, CVE-2021-42613, CVE-2021-42614.
halibut-1.3-3.fc35
FEDORA-2022-9a9abd295b
Packages in this update:
halibut-1.3-3.fc35
Update description:
This is an update fixing CVE-2021-42612, CVE-2021-42613, CVE-2021-42614.
Types of Online Banking Scams and How to Avoid Them
Online banking puts the ability to pay bills, check your balance, or transfer money at your fingertips. Unfortunately, it can also make you vulnerable to scammers who may try to trick you into giving them access to your account.
By remaining vigilant, though, you can avoid common scams. This article discusses mobile banking scams and how to avoid them.
Most common online banking scams
Online banking can be super convenient — for both you and cybercriminals. And hackers may use a variety of tactics to gain access to your accounts. Most of these involve tricking you into giving them your account information.
Phishing scams
With this type of online scam, fraudsters may send a text message or email that looks like it’s from your bank. Often, the message will ask for immediate action, such as confirming your information to keep the account from being closed.
The message might even include a link to the bank, but it actually goes to a fraudulent website designed to look like the bank’s website. When you enter your account information, the scammers record it.
Sometimes, the email asks you to call a fake customer service number. If you do, you’ll speak to someone who tries to get you to give over sensitive information, like your date of birth or Social Security number (SSN).
Occasionally, scammers already have some of your personal information. To gain your trust, they might mention personal details like your date of birth or the last four digits of your SSN. They may have learned this information from your social media posts or accessed it in a data breach.
Cracking passwords
Another way hackers may try to access your bank account is to steal or guess your password. If they can log into your account, they can use your sensitive information for personal gain, otherwise known as identity theft. They can then open credit card accounts in your name, purchase merchandise, or transfer money out of your account.
Cybercriminals use technology to guess billions of passwords per second. However, it’s more difficult to guess long passwords with a combination of letters and numbers.
For example, a computer can instantly guess a password consisting of eight letters. Adding one uppercase letter extends the time it takes to crack a password to 22 minutes. In contrast, a 12-character password with an uppercase letter, a number, and a symbol would take the computer 34,000 years to crack.
Computer viruses
When you click a link or attachment in an email or download fake antivirus software, your device can become infected with malicious software or malware. A virus can let hackers view data from your device and use it to access your financial information or bank accounts.
Consider getting antivirus software to help protect your devices, like what’s offered through McAfee Total Protection. Our award-winning antivirus software provides 24/7 real-time threat protection against online threats like malware, viruses, ransomware, and phishing, across Apple and Android systems.
Targeting computers on public Wi-Fi networks
Public Wi-Fi gives you convenient, free access to the internet in restaurants, airports, and department stores. But it can also be easy for hackers to see your private information on an open network that doesn’t require a password.
If you log into your online bank account, your login information could be exposed, making you vulnerable to bank fraud. Shopping online with public Wi-Fi could also expose your credit card information.
How to avoid online banking scams
Fortunately, you can protect yourself from cybercriminals with sensible precautions and a healthy dose of suspicion. Use the tips below to help safeguard your accounts from online banking scams.
Secure your devices with McAfee
McAfee Total Protection provides all-in-one protection for your personal information and privacy. You’ll have coverage for all of your laptops, tablets, and smartphones on most operating systems — Windows, macOS, Android, or iOS. In addition to premium antivirus software, you get identity monitoring and a secure VPN that shields your data when using public Wi-Fi.
Carefully assess any messages claiming to be your bank
You can better recognize phishing emails once you understand how banks communicate with customers. There are certain things legitimate banks never do. If you get a message like that, assume it’s fraudulent. Some other tips include:
Calling: Banks or other financial institutions don’t call for your PIN or checking account number. Never provide this over the phone. Call your bank directly using the phone number on your credit card or bank statement if you want to confirm.
Email: Your bank has no reason to email you for account information it already has. If you receive an email asking you to click a link or provide account information, assume it’s fraudulent. Don’t click any links and mark the email as spam.
Text messages: If a message appears to be from your bank asking you to sign in or enter your PIN, it’s a scam. Banks never ask customers for this information by text.
Urgent action: A common theme in phishing emails is the urgent call to action. Cybercriminals want to scare you into acting immediately without thinking. The email says there was suspicious activity on your account, and you should log in immediately to avoid having it frozen or closed. No legitimate business would close a customer’s account without giving reasonable notice. Contact your bank through your normal channels to check your balance and account activity if you aren’t sure.
Typos: Misspelled words and grammatical errors are another red flag. Major corporations have professional editors to make sure the content is correct.
Create strong passwords and update regularly
At some point, almost everyone has used the same password for different websites. But this is one of the simplest ways for hackers to get into your accounts. If they figure out the password for one, they can sometimes access your other accounts.
The most common passwords are:
QWERTY
Password
12345678
Use unique passwords for each website. They should be 12 characters long and include numbers, lowercase letters, uppercase letters, and symbols. McAfee Total Protection includes a password manager to help generate and store your passwords in a single location.
Always make sure you’re on the bank’s official website/app
If you get an email about an issue with your bank account, you can always go directly to your bank’s website. Don’t click any links in a text or email — just go directly to your bank’s website to check your account. Similarly, if you get a phone call, dial your bank directly using the official telephone number.
Use two-factor authentication when logging into websites for your financial institutions. You’ll get a one-time code by text or email to use each time you log into your account.
Be cautious of accessing your bank via public Wi-Fi
When you log onto public Wi-Fi, anyone can see your internet activity. For that reason, you shouldn’t log into your bank account with public Wi-Fi unless you’re using a virtual private network (VPN).
McAfee Secure VPN protects your privacy by turning on automatically for unsecured networks. Your data is encrypted so it can’t be read by prying eyes. The VPN also keeps your online activity and physical location private and secure from advertisers.
Check your bank statements regularly
Review your bank statements carefully each month to ensure there are no unauthorized transactions. Contact your bank immediately if you see any payments or withdrawals that you don’t recognize.
See how McAfee keeps you and your data secure online
Being vigilant and understanding how scammers work can help you avoid online banking scams. For an additional layer of security, use McAfee Total Protection. Our comprehensive cybersecurity services protect all of your devices with award-winning antivirus, a secure VPN for safe Wi-Fi connections, and advanced identity monitoring. There’s even a team of security experts available to assist you around the clock.
With McAfee, you can bank online with ease knowing your personal data is secure.
The post Types of Online Banking Scams and How to Avoid Them appeared first on McAfee Blog.
Qualys upgrades vulnerability management solution
An upgrade to the Qualys Vulnerability Management, Detection, and Response (VMDR) solution announced Monday promises to give security teams better insights into the risks posed to organizations from vulnerabilities and a more efficient way to fix them. Cloud-based VMDR 2.0 provides a means for cutting through the noise created by an ever-expanding vulnerability landscape so the most critical risks can be identified and remedied.
“Cyber risk is becoming part of the business risk equation,” IDC Research Director Michelle Abraham said in a statement. “Even the most advanced organizations can’t patch all the threats they uncover, which increasingly includes poorly misconfigured services.”
Dragos launches info portal to fill security gaps in critical infrastructure
Critical infrastructure companies strapped for cash to spend on cybersecurity will have a new free resource to tap into starting Tuesday. Dragos, a leader in cybersecurity for industrial control systems, has launched a new portal designed to help industrial asset owners build operational technology (OT) cybersecurity programs, improve their security postures, and reduce OT risk.
The Dragos OT-CERT (Cybersecurity Emergency Readiness Team) portal offers its users access to OT cybersecurity best practices, cybersecurity maturity assessments, training, workshops, tabletop exercises, webinars, and more. OT-CERT will also coordinate with supply chain OEMs in releasing information about vulnerabilities discovered by Dragos, as well as specific threats to an OEM’s products.