Info Security

Subscribe to Info Security  feed
Updated: 1 hour 27 min ago

CISOs Reveal Biggest Challenges for Security Teams

Thu, 02/10/2022 - 11:30
The evolution of cyber threats and the confluence of new systems and legacy systems are biggest challenges, according to a panel of CISOs
Categories: Cyber Risk News

FBI: SIM Swapping Attacks Have Surged Five-Fold

Thu, 02/10/2022 - 09:30
Feds warn crypto investors not to boast of assets online
Categories: Cyber Risk News

New Ransomware Warning for Critical Infrastructure Providers

Thu, 02/10/2022 - 09:00
US, UK and Australian agencies claim mid-sized firms are increasingly targeted
Categories: Cyber Risk News

Maryland Cyber Nonprofit to Create Centers of Excellence

Wed, 02/09/2022 - 18:00
Cybersecurity Association of Maryland to establish new centers for cyber talent, cyber resilience and business growth
Categories: Cyber Risk News

Fifth of Young Women in UK Were Cyber-Flashed in Past Year

Wed, 02/09/2022 - 17:15
Charity behind cyber-flashing study says virtual abuse is having “devastating impact”
Categories: Cyber Risk News

Rapper and Husband Allegedly Laundered Stolen Bitcoin Worth $4.5bn

Wed, 02/09/2022 - 17:00
New York couple charged in biggest-ever cryptocurrency theft case
Categories: Cyber Risk News

Romance Fraud Losses Increased by 91% During COVID-19

Wed, 02/09/2022 - 12:07
Women made up two-thirds of victims of romance fraud during the pandemic, according to the figures
Categories: Cyber Risk News

UK Foreign Office Subjected to "Serious Cybersecurity Incident"

Wed, 02/09/2022 - 10:45
Document published on government website revealed unidentified hackers infiltrated Foreign Office systems
Categories: Cyber Risk News

Home Workers More Likely to Be Concerned About Security

Wed, 02/09/2022 - 10:15
Time for reflection may also increase anxiety and improve awareness
Categories: Cyber Risk News

No Critical CVEs Fixed in February Patch Tuesday

Wed, 02/09/2022 - 10:00
All vulnerabilities rated “important” with one publicly disclosed
Categories: Cyber Risk News

School-Aged Students Urged to Consider New Cyber Qualification

Wed, 02/09/2022 - 09:43
CIISec’s Extended Project Qualification is open to anyone over 14
Categories: Cyber Risk News

Top Pentagon Cybersecurity Official Resigns

Tue, 02/08/2022 - 18:00
Katie Arrington steps down in protest over movement of CMMC Program to DOD CIO’s office
Categories: Cyber Risk News

Microsoft 365 Phishing Attack Makes Comeback

Tue, 02/08/2022 - 17:30
Vintage cyber-attack tactic revived to phish Microsoft 365 users
Categories: Cyber Risk News

PRC Firm Allegedly Stole Motorola's Secrets

Tue, 02/08/2022 - 17:00
Hytera Communications Corp accused of hiring Motorola employees to steal DMR technology
Categories: Cyber Risk News

New Research Reveals Large Salary Rises for Cybersecurity Workers

Tue, 02/08/2022 - 14:06
The salary guide provided the median salaries across 10 major job roles in cybersecurity
Categories: Cyber Risk News

#SaferInternetDay: Porn Sites Face Legal Duty to Verify Age of UK Users

Tue, 02/08/2022 - 10:45
#SaferInternetDay: Porn Sites Face Legal Duty to Verify Age of UK Users

Pornographic websites will be legally obliged to introduce robust checks to verify the age of users under new plans published by the UK government. The measure is designed to protect children from accessing pornography from commercial providers.

Announced on Safer Internet Day, the standalone provision has been added to the UK’s Online Safety Bill. The obligation will apply to commercial providers of pornography as well as the sites that allow user-generated content.

Currently, there are little or no protections to prevent those under 18 from accessing large quantities of pornography online. This has led to concerns over the way young people understand relationships, sex and consent.

The companies can choose how to comply with their new legal duty, but the UK regulator, Ofcom, is likely to recommend using age verification technologies that minimize the handling of users’ data. Options include checking a user’s age against details that their mobile provider holds, verifying via a credit card check and other database checks such as government-held data like passport information. However, no specific solutions have been mandated to enable more effective technology to be adopted in the future.

The government added that measures these firms put in place should not process or store data that is irrelevant to checking age, while any verification technologies used must be secure, effective and adhere to privacy legislation.

Companies that fail to comply could be hit by a fine of up to 10% of their annual worldwide turnover or have their website blocked in the UK. Additionally, the website owners may be held criminally liable if they fail to cooperate with Ofcom.

Digital Minister Chris Philp commented: “It is too easy for children to access pornography online. Parents deserve peace of mind that their children are protected online from seeing things no child should see.

“We are now strengthening the Online Safety Bill so it applies to all porn sites to ensure we achieve our aim of making the internet a safer place for children.”

Previous proposals by the UK government to introduce a national online pornography age verification system were dropped because implementing it would be too difficult.

Yesterday, the government announced new measures to strengthen the Online Safety Bill, including the creation of three new offenses relating to abusive and offensive online communications. It is now working with Ofcom to ensure the provisions can come into force shortly after the bill’s passage.

Categories: Cyber Risk News

Microsoft Takes Aim at Malicious Office Macros

Tue, 02/08/2022 - 09:55
Microsoft Takes Aim at Malicious Office Macros

Microsoft has finally taken action against a common threat vector, blocking by default Office macros downloaded from the internet.

A vast range of threat actors sent users phishing emails containing innocuous-looking attachments. However, they often contain embedded Visual Basic for Applications (VBA) macros obtained from the internet.

Once enabled by users with a single click, these initiate a download of a malicious payload to support information theft, ransomware and other attacks.

Microsoft’s latest action is intended to enable the continued use of legitimate macros while making it harder for threat actors to socially engineer users into enabling malicious content.

“For macros in files obtained from the internet, users will no longer be able to enable content with a click of a button. A message bar will appear for users notifying them with a button to learn more. The default is more secure and is expected to keep more users safe including home users and information workers in managed organizations,” it explained.

“Organizations can use the ‘Block macros from running in Office files from the internet’ policy to prevent users from inadvertently opening files from the internet that contain macros. Microsoft recommends enabling this policy, and if you do enable it, your organization won’t be affected by this default change.”

The new rules will apply to the five most common Office apps: Access, Excel, PowerPoint, Visio, and Word. It will impact only Office running on Windows devices, with the changes rolled out from version 2203, starting with Current Channel (Preview) in early April 2022.

Later, the change will be available in the other update channels, such as Current Channel, Monthly Enterprise Channel and Semi-Annual Enterprise Channel.

Oliver Tavakoli, CTO at Vectra, argued that default settings matter in cybersecurity.

“Seemingly 50-50 decisions made by product managers at application and platform providers can expose their customers to extraordinary risk. As the example of VBA macros demonstrates, once such a choice has been made it’s a difficult and lengthy process to change the default to something more secure as the fear of breaking things creates a form of institutional paralysis,” he added.

“The security lesson is simple: leave features which may have security implications off by default and let customers choose whether the benefit of the feature outweighs the security risk of having it on.”

Categories: Cyber Risk News

A Quarter of New Online Accounts Are Fake - Report

Tue, 02/08/2022 - 09:29
A Quarter of New Online Accounts Are Fake - Report

There was an 85% year-on-year increase in attacks targeting logins or account creation in 2021 as bot-driven fraud attempts soared, according to Arkose Labs.

The fraud prevention firm analyzed over 150 billion transaction requests across 254 countries across the 12-month period to compile its latest report, The 2022 State of Fraud and Account Security.

It found one in four newly created accounts were fake, one in five logins was an account takeover (ATO) attempt and a fifth (21%) of all traffic was linked to fraud.

ATOs are commonly used to steal personal and financial data or launch phishing attacks. Fraudulent new accounts could be used for “inventory hoarding, content scraping and sending spam and phishing messages,” according to Arkose Labs CEO and founder, Kevin Gosschalk.

“As expected, businesses that hit high-growth periods in 2021 saw an increase in attack. For example, gaming saw sky-high attacks in 2020 but leveled off in 2021, which led to attacks dispersing across other industries,” he told Infosecurity.

“Online media and entertainment continued to grow in popularity, bringing more in-platform spam and scam attacks. Attackers flocked to the travel industry to take advantage of scraping and inventory hoarding opportunities as the world shifted more toward post-pandemic normalcy.”

Driving most of these attacks is the use of intelligent, automated bots. Arkose Labs claimed that today’s bot signatures are three times more complex than those of previous years, making it even harder to discern real human behavior imposters.

Some 86% of attacks in 2021 were linked to bots, while bot-driven credential stuffing attempts peaked at 76 million per week. The Black Friday/Thanksgiving month of November was the worst hit.

The worst attacked sectors in the UK in 2021 were online gaming, accounting for 46% of all attacks, then social networks and online streaming sites, which comprised a third of malicious activity

Categories: Cyber Risk News

Russia Arrests Third Cybercrime Group

Tue, 02/08/2022 - 09:03
Russia Arrests Third Cybercrime Group

The Russian authorities are claiming to have arrested a third cybercrime group following previous high-profile detentions.

The six individuals were detained in different regions of the country and have “special knowledge in the field of international payment systems,” a source told the state-run TASS news agency.

They are suspected of committing vaguely worded technology and online-related crimes. However, the report claimed that the Ministry of Internal Affairs is asking Moscow’s Tverskoy Court to detain the six under part two of article 187 of the Criminal Code of the Russian Federation.

This relates to making counterfeit cards and other payment “documents” by an organized crime group. That makes it likely they are involved in payment fraud or other parts of the cybercrime supply chain, like carding forums.

According to the report, the detained are Denis Pachevsky, general director of Saratovfilm Film Company; ‘entrepreneur’ Alexander Kovalev; Transtechcom employee, Artem Bystrykh; Get-net employee, Artem Zaitsev; and two people described as unemployed, Vladislav Gilev and Yaroslav Solovyov.

The news follows two major cybercrime busts since the start of the year in a country known for turning a blind eye to law enforcement in this area.

The first involved 14 alleged members of the REvil group, or at least its affiliates. The second, just over a week later, was of four suspected members of the infamous InFraud group, including its alleged founder Andrey Novak.

During its seven-year reign, the latter group reportedly made as much as $568m by running a popular marketplace for carders.

Although there are no signs Russia is planning to extradite any of these individuals if found guilty, the REvil raid, in particular, appears to have been conducted with intelligence and cooperation from US law enforcers, which is a rarity.

However, some commentators have suggested the arrests are more of a propaganda stunt by the Russian state and that its basic strategy remains the same: allowing cybercrime to flourish in the country as long as it’s directed at foreign victims.

Categories: Cyber Risk News

Meta May Quit Europe Over Data Regulations

Mon, 02/07/2022 - 18:15
Meta May Quit Europe Over Data Regulations

Meta has said that it “will likely” stop Facebook and Instagram from operating in Europe unless the company is allowed to transfer, store and process Europeans’ data on servers based in the United States.

The possibility of the social media networks being withdrawn from the continent was included in Meta Platforms, Inc.’s annual report to the US Securities and Exchange Commission on Thursday.

Meta claimed that processing user data transnationally was vital for its business and targeted advertising. 

The company said: “​If we are unable to transfer data between and among countries and regions in which we operate, or if we are restricted from sharing data among our products and services, it could affect our ability to provide our services, the manner in which we provide our services or our ability to target ads.”

Previously, Meta operated under an EU-US data transfer framework named the Privacy Shield, but the European Court of Justice invalidated the treaty in July 2020 over data protection violations. While a successor arrangement to the Privacy Shield remains under negotiation, companies in the United States have had to execute standard contractual clauses (SCCs) to send or receive data to the EU. 

In August 2020, a draft decision from the Irish Data Protection Commission (IDPC) preliminarily concluded that Meta Platforms Ireland’s reliance on SCCs in respect of European user data does not achieve compliance with the General Data Protection Regulation (GDPR). 

In light of this finding, the IDPC proposed that such transfers of user data from the EU to the US should be suspended. A final decision in this inquiry is due to be issued in the first six months of 2022. 

Meta stated in its report that: “If a new transatlantic data transfer framework is not adopted and we are unable to continue to rely on SCCs or rely upon other alternative means of data transfers from Europe to the United States, we will likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe, which would materially and adversely affect our business, financial condition, and results of operations.”

Categories: Cyber Risk News