Saturday, March 21, 2020

Work From Home Hackers Make $130,000 In 48 Hours From Windows 10 Exploits

The work from home hackers from Team Fluoroacetate certainly succeeded, winning the Master of Pwn title once again, along with that $130,000 bounty. While the full details of how they exploited Windows 10 and Adobe Reader will not be made public for 90 days to allow the vendors to produce security patches, I can tell you what they did in broad terms.

Two attacks against Windows 10 itself, leveraging two different UAF vulnerabilities, the master hackers managed to escalate permissions to SYSTEM on both occasions, winning another $40,000 (£34,000) for each.

Publisher: Forbes
Date: 2020-03-21
Author: Davey Winder
Twitter: @forbes
Reference: (Read more) Visit Source



In case you are keeping track:

Coronavirus Sets the Stage for Hacking Mayhem | WIRED

More people than ever are working from home , often with fewer security defenses on their home networks than they would have in the office. Even in critical infrastructure and other high-sensitivity environments where it would be impossible to securely work from home , skeleton crews at the office and general distraction can create windows of vulnerability. And in times of stress or distraction, people are more likely to fall for malicious scams and tricks.

And then there are the nation state hackers, who know full well that home networks simply aren't as secure as those in offices. Remote connections in particular make it more difficult, if not impossible, for most threat detection tools to differentiate legitimate work from something suspicious.

Publisher: Wired
Author: Lily Hay Newman
Twitter: @wired
Reference: (Read more) Visit Source



Hackers hit NutriBullet website with credit card-stealing malware – TechCrunch

According to new research by security firm RiskIQ, hackers broke into the blender maker’s website several times over the past two months, injected malicious credit card-skimming malware on its payment pages and siphoned off the credit card numbers and other personal data — like names, billing addresses, expiry dates and card verification values — of unsuspecting blender buyers.

The data was scraped and sent to a third-party server operated by the attackers. The stolen credit card data is then sold to buyers on dark web marketplaces.

logo
Publisher: TechCrunch
Date: 2020-03-18 00:00:30
Author: Zack Whittaker
Twitter: @techcrunch
Reference: (Read more) Visit Source



Putin's Secret Intelligence Agency Hacked: Dangerous New 'Cyber Weapons' Now Exposed

" Why is our own government spying on us through the IoT?" the hackers ask on Twitter. "In fact, spies on the whole world. How do they do it?" In an earlier tweet, they say "we can prove Kremlin henchmen crack our computers and spy on us."

The intent of the program is not to access the owners of those devices, but rather to herd them together into a botnet that can be used to attack much larger targets—think major U.S. and European internet platforms, or the infrastructure within entire countries, such as those bordering Russia.

Publisher: Forbes
Date: 2020-03-21
Author: Zak Doffman
Twitter: @forbes
Reference: (Read more) Visit Source



Not to change the topic here:

As coronavirus crisis worsens, hacking is increasing, security experts say - CNET

You can also help prevent malware from damaging your devices by keeping your software updated at all times. That helps patch up known vulnerabilities that hackers often try to exploit.

"They're going to come out in droves," Velazquez said of scammers, "because they see an opportunity."

logo
Publisher: CNET
Author: Laura Hautala
Twitter: @CNET
Reference: (Read more) Visit Source



How at avoid internet hackers and scammers when working from home.

As COVID-19 takes the world by storm, employers and institutions are urging their workers to stay home. Social distance has proven to reduce the number of infections. In the era of Slack, FaceTime, and G-Suite, telecommuting is a viable alternative.

The pandemic won't stop online crime. Hackers, thieves, and scammers are still out in full force. Large organizations routinely train their team members in cybersecurity tactics, and company laptops and software may have built-in firewalls, VPNs, and two-factor authentication. At home, you may end up being the IT department so, be on top of your game.

Publisher: USA TODAY
Author: Kim Komando
Reference: (Read more) Visit Source



More teleworking means more hackers, how to protect yourself

BIRMINGHAM, Ala. (WBRC) - With more people working from home because of the coronavirus, experts say it can be a hacker's dream. Cybersecurity experts say hackers are working harder than ever to get your information and your company's information.

They know many companies had to move quickly to make the transition to teleworking for employees, so most didn't have time to make sure all security measures were in place. They also know many people are using their personal computers to log into their company's network and most personal devices don't have enhanced security measures.

Publisher: https://www.wbrc.com
Date: 2020-03-21T00:08:01.767Z
Author: Randi Hildreth
Twitter: @WBRCnews
Reference: (Read more) Visit Source



Hackers breach FSB contractor and leak details about IoT hacking project | ZDNet

Today's security threats have expanded in scope and seriousness. There can now be millions -- or even billions -- of dollars at risk when information security isn't handled properly.

Russian hacker group Digital Revolution claims to have breached a contractor for the FSB -- Russia's national intelligence service -- and discovered details about a project intended for hacking Internet of Things (IoT) devices.

The group published this week 12 technical documents, diagrams, and code fragments for a project called "Fronton."

Publisher: ZDNet
Author: Catalin Cimpanu
Twitter: @ZDNet
Reference: (Read more) Visit Source



Happening on Twitter

No comments:

Post a Comment