Attackers use stolen banking data as phishing lure to deploy BitRAT

Read Time:50 Second

In a case that highlights how attackers can leverage information from data breaches to enhance their attacks, a group of attackers is using customer information stolen from a Colombian bank in phishing attacks with malicious documents, researchers report. The group, which might have been responsible for the data breach in the first place, is distributing an off-the-shelf Trojan program called ​​BitRAT that has been sold on the underground market since February 2021.

Stolen data used to add credibility to future attacks

Researchers from security firm Qualys spotted the phishing lures that involved Excel documents with malicious documents but appeared to contain information about real people. Looking more into the information, it appeared the data was taken from a Colombian cooperative bank. After looking at the bank’s public web infrastructure, researchers found logs that suggested the sqlmap tool was used to perform an SQL injection attack. They also found database dump files that attackers created.

To read this article in full, please click here

Read More

Your Guide to Protecting Your Credit

Read Time:4 Minute, 17 Second

It has a way of sneaking up on you. Credit theft and fraud.  

Maybe it’s happened to you. Maybe it’s happened to a friend or family member. There’s a call from the bank, a notification in your financial app, or a charge on the statement that’s beyond explanation. Someone else has tapped into your funds. Or worse yet, someone stole your identity and took out a loan in your name. You find out only after it’s happened. 

That’s the trick with credit theft and fraud. People typically discover it after the damage is done. Then they’re left picking up the pieces, which can cost both time and money. Not to mention a potential knock to their credit score. 

However, you can help keep it from happening to you. Our recently published Credit Protection Security Guide breaks down several ways. Here we’ll get into a quick introduction on the topic and show how you can prevent against credit theft and fraud better than ever before. 

Protecting yourself from credit theft and fraud 

It’s an unfortunate reality in the world we live in today. Credit theft and fraud are something we all need to look out for, particularly as we increasingly shop and conduct our finances online, potentially exposing that information to thieves. Some figures estimate that for nearly every $100 in purchases made with debit and credit cards worldwide, somewhere around 7 cents can be stolen or fraudulent. As you can imagine, that figure adds up quickly, to the tune of more than $28 billion globally each year. 

The flipside is this: today we have plenty of tools that make protecting our credit far easier than they ever were before. Up until now, that called for a time-consuming and sometimes rather manual process. You had to check credit separately with the different bureaus, place locks and freezes the same way, scan each credit report closely for suspicious activity, and so forth. 

Now, online protection software can take much of that work off your hands. Comprehensive protection like McAfee+ has plans that offer credit monitoring, identity monitoring, and even identity theft protection & restoration—all quickly spotting any changes, notifying you if your personal information pops up on the dark web, and providing $1 of coverage toward restoring your credit along with the help of a licensed recovery pro if the unexpected happens to you. 

Leaving less of a trail for thieves to follow 

Another thing online protection can do for you removes your personal information from those “people finder” and data broker sites. Identity thieves lean on those sites because they contain valuable information that they can piece together to commit theft and fraud in someone else’s name. If you think about your identity as a big jigsaw puzzle, these sites contain valuable pieces that can help complete the picture—or just enough to take a crack at your credit. 

In fact, personal information fuels a global data trading economy estimated at $200 billion U.S. dollars a year. Run by data brokers that keep hundreds and even thousands of data points on billions of people, these sites gather, analyze, buy, and sell this information to other companies as well as to advertisers. Likewise, these data brokers may sell this information to bad actors, such as hackers, spammers, and identity thieves who would twist this information for their own purposes. In short, data brokers don’t discriminate. They’ll sell personal information to anyone. 

Getting your info removed from these sites can seem like a daunting task. (Where do I start, and just how many of these sites are out there?) Our Personal Data Cleanup can help by regularly scanning these high-risk data broker sites for you and info associated with you like your home address, date of birth, and names of relatives—along with other detailed information about you that could include marriage licenses, voter registration and motor vehicle records, even real estate records too. It identifies which sites are selling your data, and depending on your plan, automatically requests removal. 

Take control of your credit 

How things have changed. Even as thieves have gotten savvier in the digital age, so have we. Collectively, we have a growing arsenal of ways that we can keep on top of our credit and protect ourselves from credit theft and fraud.  

Our Credit Protection Security Guide breaks it all down in detail. In it, you’ll learn more about how thieves work, ways you can secure your credit online and off, how to monitor and lock it down, plus protect your mobile wallets too. It’s thorough. Yet you’ll find how straightforward the solution is. A few changes in habits and a few extra protections at your side will go a long way toward prevention—helping you avoid that call, text, or notification that your credit has been compromised. 

In all, you can take control of your credit and make sure you’re the only one putting it to good use. 

The post Your Guide to Protecting Your Credit appeared first on McAfee Blog.

Read More

Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says

Read Time:39 Second

The number of attacks targeting the government sector increased by 95% worldwide in the second half of 2022 compared to the same period in 2021, according to a new report by AI-based cybersecurity company CloudSek. 

The increase in attacks can be attributed to rapid digitization and the shift to remote work during the pandemic, which broadened the attack surface of government entities and paved the way for an increase in cyberwarfare waged by nation-state actors, according to the report.

Government agencies collect and store huge amounts of data, which include information about individual citizens that can be sold on the dark web. There is also a risk that national security and military data can be used by terrorist organizations. 

To read this article in full, please click here

Read More

How To Recognise An Online Scam

Read Time:4 Minute, 14 Second

It’s been a particularly busy and colourful week, scam-wise in our household. Between 4 family members, we’ve received almost 20 texts or emails that we’ve identified as scams. And the range was vast: from poorly written emails offering ‘must have’ shopping deals to terse text messages reprimanding us for overdue tolls plus the classic ‘Dear mum, I’ve smashed my phone’ and everything in between. 

There’s no doubt that scammers are dedicated opportunists who can pivot fast. They can pose as health authorities during a pandemic, charities after a flood or even your next big love on an online dating platform. And it’s this chameleon ability that means we need to always be on red alert! 

How Big An Issue Are Scams in Australia? 

According to the Australian Competition and Consumer Commission (ACCC), Aussies lost a record amount of more than $2 billion in scams in 2021. And that was with record levels of intervention from the government, law enforcement agencies and the private sector. The most lucrative scams were investment scams ($701 million) followed by payment redirection scams ($227 million) and then romance scams which netted a whopping $142 million. 

But the psychological trauma that is often experienced by victims can be equally as devastating. Many individuals will require extensive counselling and support in order to move on from the emotional scarring from being a victim of hacking. 

So, with scammers putting so much energy into trying to lure us into their web, how can we stay one step ahead of these online schemers and ensure we don’t become a victim? 

What You Can Do To Stay Ahead Of The Scammers 

While there are no guarantees in life, there are a few steps you can take so that you can quickly recognise an online scam. 

1. Slow Down 

If you’ve received a text message, email or call that you think is a scam, don’t respond. Take your time. Slow down and pause. If it’s a call, and you’re not sure – hang up! Or if it’s a text or email – delete it! But if you are concerned that it might be legitimate, call the company directly using the contact information from their official website or through their secure apps.  

2. Think First 

If you are being asked to share your personal information or pay money either via a text or phone call, take some time to think. Does it feel legitimate? Do you have a relationship with this organisation? Remember, scammers are very talented at pretending they are from organisations you know and trust. If in doubt, contact the company directly via their official communication channels. Or ask a trusted friend or family member for their input. But remember, NEVER click on any links in messages from people or organisations you don’t know – no exceptions!! 

3. If Concerned, Act Fast!  

Do not hesitate to take action if something feels wrong. If there are any transactions on your credit card or bank statements that don’t look right, call your bank immediately. If you think you may have given personal information to scammers, then act fast. I recommend calling ID Care – Australia and New Zealand’s national identity and cyber support service. They are a not-for-profit charity that provides support to individuals affected by identity and cyber security issues. 

ReportCyber is another way of notifying authorities of a scam. An initiative of the Australian Government and the Australian Cyber Security Centre, it helps authorities investigate and shut down scams. It’s also a good idea to report the scam to Scamwatch – the dedicated scam arm of the Australian Competition and Consumer Commission (ACCC). 

4. Get Ahead Of The Scammers 

We’ve all heard that ‘prevention is better than a cure’ so taking some time to protect yourself before a scammer comes your way is a no-brainer. Here are my top 5 things to do: 

Ensure all your online accounts have an individual complex password. Use a password manager – they’ll create and remember your passwords. 
Add multi-factor authentication whenever possible. This could be a code sent to your phone, a token or a secret question. 
Ensure you have security software on all your devices 
Close any online accounts you don’t use. It will reduce the probability of being caught in a data breach. 
Software updates are an important way of protecting your devices (and private info) from security vulnerabilities. So, ensure these are automated.  

Please don’t think smart people don’t get caught up in scams because they do!! Scammers are very adept at looking legitimate and creating a sense of urgency. With many of us living busy lives and not taking the time to think critically, it’s inevitable that some of us will become victims. And remember if you’re offered a deal that just seems too good to be true, then it’s likely a scam! Hang up or press delete!! 

The post How To Recognise An Online Scam appeared first on McAfee Blog.

Read More

A Vulnerability in Brocade Fabric OS Could Allow for Arbitrary Command Injection

Read Time:25 Second

A vulnerability has been discovered in Brocade Fabric OS, which could allow an attacker to execute arbitrary commands on the targeted system. Brocade Fabric OS software is used by IBM b-type SAN directors and switches. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on a Brocade Fabric OS switch. Depending on the setup of the device, an attacker would then be capable of modifying zoning, disabling the switch, disabling ports, and modifying the switch’s IP address.

Read More

php-8.1.14-1.fc37

Read Time:1 Minute, 42 Second

FEDORA-2023-5732365005

Packages in this update:

php-8.1.14-1.fc37

Update description:

PHP version 8.1.14 (05 Jan 2023)

Core:

Fixed bug GH-9905 (constant() behaves inconsistent when class is undefined). (cmb)
Fixed bug GH-9918 (License information for xxHash is not included in README.REDIST.BINS file). (Akama Hitoshi)
Fixed bug GH-9650 (Can’t initialize heap: [0x000001e7]). (Michael Voříšek)
Fixed potentially undefined behavior in Windows ftok(3) emulation. (cmb)

Date:

Fixed bug GH-9699 (DateTimeImmutable::diff differences in 8.1.10 onwards – timezone related). (Derick)
Fixed bug GH-9700 (DateTime::createFromFormat: Parsing TZID string is too greedy). (Derick)
Fixed bug GH-9866 (Time zone bug with DateTimeInterface::diff()). (Derick)
Fixed bug GH-9880 (DateTime diff returns wrong sign on day count when using a timezone). (Derick)

FPM:

Fixed bug GH-9959 (Solaris port event mechanism is still broken after bug php#66694). (Petr Sumbera)
Fixed bug php#68207 (Setting fastcgi.error_header can result in a WARNING). (Jakub Zelenka)
Fixed bug GH-8517 (Random crash of FPM master process in fpm_stdio_child_said). (Jakub Zelenka)

MBString:

Fixed bug GH-9535 (The behavior of mb_strcut in mbstring has been changed in PHP8.1). (Nathan Freeman)

Opcache:

Fixed bug GH-9968 (Segmentation Fault during OPCache Preload). (Arnaud, michdingpayc)

OpenSSL:

Fixed bug GH-9064 (PHP fails to build if openssl was built with –no-ec). (Jakub Zelenka)
Fixed bug GH-10000 (OpenSSL test failures when OpenSSL compiled with no-dsa). (Jakub Zelenka)

Pcntl:

Fixed bug GH-9298 (Signal handler called after rshutdown leads to crash). (Erki Aring)

PDO_Firebird:

Fixed bug GH-9971 (Incorrect NUMERIC value returned from PDO_Firebird). (cmb)

PDO/SQLite:

Fixed bug php#81740 (PDO::quote() may return unquoted string). (CVE-2022-31631) (cmb)

Session:

Fixed GH-9932 (session name silently fails with . and [). (David Carlier)

SPL:

Fixed GH-9883 (SplFileObject::__toString() reads next line). (Girgias)
Fixed GH-10011 (Trampoline autoloader will get reregistered and cannot be unregistered). (Girgias)

SQLite3:

Fixed bug php#81742 (open_basedir bypass in SQLite3 by using file URI). (cmb)

Read More