Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
CozyDuke Operators Masterminded White House, State Department Attacks: Kaspersky PDF Print E-mail
Written by Administrator   
Tuesday, 28 April 2015 07:00

A sophisticated threat group christened "CozyDuke", also infamously nicknamed 'CozyBear' and 'CozyCar', is probably the mastermind of last year's cyber attacks against the US White House and the its State Department, according to security firm Kaspersky.

In October last year, news of first cyber attack made breaking headlines as it was alleged that the White House is supposedly probing an internal security breach, allegedly sponsored by a rival nation. Then in November 2014, Department of State officials downed the email network after infiltration in parts of a machine used for managing unclassified email emerged.

Kaspersky security experts disclosed that the APT threat actors exploited numerous high-end businesses in the latter half of 2014.

Interestingly, the malware CozyDuke is very much alike to components intercepted in previously analyzed APTs like MiniDuke, OnionDuke and CosmicDuke.

Similar to other APTs, the malware (CozyDuke) is kicked off with the help of a usual spear phishing campaign. Emails contain URLs to a hijacked version of an authentic site that's engineered for hosting a ZIP file, which involves a RAR SFX that after installing the malware goes on to display a blank PDF.

In another example, criminals dispatch an email with an attachment supposedly a 'flash video'. Once clicked open a flash video started playing, which as the title proposes, shows chimpanzees sporting ties.

These videos are enthusiastically shared around offices with systems becoming infected silently in the background, explained Security Researchers Kurt Baumgartner and Costin Raiu of Kaspersky Lab, as published by threatpost.com on April 22, 2015.

Kaspersky noted that the crooks made use of anti-detection abilities.

And while Kaspersky researchers with-held the probable origin of CozyDuke's operators, security firms that have formerly analyzed MiniDuke, OnionDuke and CosmicDuke, have a strong perception that its controlled by the Russian government.

The probable connection between last year's State Department breach and Russian cybercriminals has been brought out before too. In February this year, the WSJ (Wall Street Journal) carried a report that said five anonymous individuals familiar to the infiltration scandal had witnessed or had been informed about connections between the malware employed in the breach and the Russians.

Read more... - CozyDuke Operators M...
 
Cyber Scammers ‘Phishing’ More for Corporates - ProofPoint PDF Print E-mail
Written by Administrator   
Tuesday, 28 April 2015 07:00

Cybercriminals are progressively targeting business houses in their attacks than mere consumers, said security firm ProofPoint in a study recently.

The most favored approach of late is to exploit the tiredness of middle managers whose email inboxes are frequently clogged with emails, while criminals are on the lookout for trading off attack volume with additionally advanced attacks.

Unfortunately, it was discovered that the likelihood of middle managers clicking on maligned emails was double than that of executives. Workers of finance, sales and procurement were the most probable to click open tainted attached files, with such personnel clicking 50-80% more often than workers belonging to other departments, it was highlighted.

Proofpoint noted that on some particular days in 2014, it witnessed a 1,000% boost in the usual volume of emails laced with malicious content. The survey disclosed that, usually, workers clicked 1 of every 25 maligned messages that they received last year, which was twofold of the amount clicked in 2013.

The email lures that were readily clicked were notifications regarding e-fax and voicemail alerts. Invitations to social media and order confirming lures, which are extremely renowned and effective - plummeted dramatically last year. Email baits with attachments and not URLs, like invoice and account report lures, surged increasingly as a vector of hacking operations.

The bulk of maligned messages are served during working hours, touching the crest on the mornings of Tuesday & Thursday, and maximum clicking takes place on Tuesday, registering 17% additional clicks than other weekdays, the study says.

EMEA Director of Proofpoint, Mark Sparshott, argued the study shows IT panels must presume that phishing emails have circumvented their security gateways, reported by Infosecurity on April 22, 2015.

They should acknowledge this as the new standard and that even the finest user alert guidance is sending a thinning reduction on URL and attachment opening rates as the criminals amplify their rate of innovation in message body and distribution infrastructure, Sparshott added.

The only sustainable move is to install supplementary technology layers and warning feeds that boost the discovery of phishing emails and pointers of a breach together with tools and procedures that automate and accelerate incident response, Sparshott recommended.

Read more... - Cyber Scammers ‘Ph...
 
Sony Hackers Employed Apple ID Phishing Campaign, Claims New Study PDF Print E-mail
Written by Administrator   
Tuesday, 28 April 2015 07:00

North Korean cybercriminals probably employed phony Apple email IDs delivered to Information Technology administrators at SPE (Sony Pictures Entertainment) to embezzle passwords and logins, thus, overtaking its computer network in the entire process, a newly released study says, as accords to news reported by politico.com on April 21, 2015.

The threat actors trespassed Sony's network last fall just few days prior to Thanksgiving. The attacks left the networks crippled with large amounts of stolen company insights being dumped onto the Internet.

Stuart McClure, Chief Executive Officer of Cylance, a known security firm, claimed in a statement that he examined a database of Sony emails for leads to understand as to how hackers trespassed the computer network and stumbled upon a sample of phishing emails, exclusively drafted to embezzle passwords, as per news reported politico.com on April 21, 2015.

He claimed that during analysis, they recognized a continuous email referring to Apple ID email confirmation that genuinely emulated an official email. This email instructed users to confirm their Apple login credentials within 2-days or get locked out, he added.

When victims entered their Apple's username and password, a phishing webpage popped up that reported an error...it said that the password had not being entertained. Simultaneously, all user details were being harvested by cyber crooks who exploited them to connect with LinkedIn professional profiles of Sony employees. Following this, a victim's Sony username was successfully hatched by the criminal crooks. As soon as they infiltrated Sony's network, their own malware was distributed with the aid of software distribution mechanism.

The actuality that the threat actors employed an Apple username phishing campaign to abuse users does not mean that those exploited were using an Apple OS (Operating System) as they clicked open the phished email.

A large number of iOS patrons run Windows as well, claimed McClure.

To avert the incidence of a Sony-like hack anywhere in future, McClure suggested some simple security guidelines to business houses, which include monitoring of user credentials on a regular basis and mitigating the practice of password reuse, as per news published by eweek.com on April 21, 2015.

Read more... - Sony Hackers Employe...
 
Phishing Email Emulating Tesco Bank Targets Customers PDF Print E-mail
Written by Administrator   
Monday, 27 April 2015 09:00

A new phishing email bearing the subject 'Tesco Bank Changes to Interest rate' is currently targeting Tesco Bank's customers. The email tells its recipients that can have a look at the most recent interest-rates and modifications from the Bank by simply opening an attachment, reported hoax-slayer.com on April 21, 2015.

But, the email has no link with Tesco Bank, based in UK. It's a phishing email campaign orchestrated to embezzle users' login credentials.

The attached file within the fake email if opened loads a fake webpage on the user's default browser. It (fake webpage) comprises the logo of Tesco Bank. It also recommends the user to click on a login link so as to view his net-banking services and the latest changes made to his account.

The link directs the user to a hoax website that very closely emulates the real website of Tesco website. Landing on the bogus website, instructs the user to give his username, password and security number.

Identical to Tesco's actual login process, the fake webpage asserts that the user has been texted an access code on his registered mobile number. But, as the scammers are clueless of the user's mobile number no text arrives.

Consequently, out of mere curiosity the user may end up clicking 'Didn't get our text message'. Clicking on this link leads to the opening of another phony Tesco webpage that instructs the user to give his personal as well as financial details along with his security Q&A.

Subsequently, the user automatically gets redirected to the actual Tesco website.

In the meantime, fraudsters can gather all the submitted details by the user and equipped with it can easily hijack his bank account or embezzle his identity.

Cybercriminals frequently target net-banking users with the help of phishing emails, fake texts messages and fake voice calls pretending to be from their banks. While online scamming is becoming increasingly advanced a large number of users still fall prey to these rudimentary ways of conning innocent people, hence, users need to be cautious of them, security experts comment.

Hence, if you suspect of being scammed, report the incident immediately to your Bank and cancel all types of payments or transactions.

Read more... - Phishing Email Emula...
 
RBI Governor Targeted by Fake Email Impersonating ISIS PDF Print E-mail
Written by Administrator   
Monday, 27 April 2015 09:00

The crime branch of Mumbai Police recently filed a complaint after Raghuram Rajan, the Governor of India's top bank RBI (Reserve Bank of India) received a threat email claiming to be from the Islamist hardcore militia franchise popularly known as ISIS or Islamic State in Iraq and Syria. The email contained the initials of the extremist group 'isis' thus creating panic all over, reported asianage.com on April 17, 2015.

But, Police officials are of the opinion that it was a usual cyber scam masterminded by Nigerian cyber actors who unsuspectingly entice innocents with scam emails that ultimately lead to victims disclosing their bank details or depositing huge amount of money into somebody else's account. Having no "anti-minority antecedent" linked to Mr. Rajan, Police believes he is just being targeted by scammers in the name of the dreaded extremists (ISIS).

Meanwhile, a case under various sections of the Information Technology Act has been registered with the Cyber crime cell of Police.

DCP (Crime Branch), Dhananjay Kulkarni commented that the Cyber Crime Investigation Cell (CCIC) has started probing the case and is awaiting Google's answer for the complete details of the email address, as reported asianage.com on April 17, 2015.

Police and RBI following this incident have stepped up the security of the RBI Governor at all the programs attended by him which includes press conferences as well.

Unfortunately, it is not the sole incident that used the name of the extremist group (ISIS) ever since the beginning of April 2015.

Another scary email was received by the Press Club in Chennai which reportedly warned of bomb explosions in Chennai, and threatening to attack Hindu leaders.

Investigating officers claim that it was a locally sent scam email that attempted to garner some inexpensive publicity. Blasts in Chennai and vandalizing Hindu leaders are a stratagem of Al-Ummah, an Islamic militant organization, and is not on the priority cards of ISIS right now, they add.

Individuals masterminding such scam emails are well-aware that they lead to tension and panic and their mere intent was to terrorize innocents. They often test the preparedness of Police before launching such massive attacks, officials add.

Read more... - RBI Governor Targete...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1263
Polls
The Spamproblem is
 
Who's online
We have 38 guests and 1 member online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us