Security News
Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks. According to researchers at Binary Defense, the newly discovered Emotet sample leverages a "Wi-Fi spreader" module to scan Wi-Fi networks, and then attempts to infect devices that are connected to them.
The US has charged the Chinese military with plundering Equifax in 2017. According to the indictment, the four allegedly pried open Equifax by exploiting a vulnerability in the Apache Struts Web Framework software used by the credit reporting agency's online dispute portal.
Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks. According to researchers at Binary Defense, the newly discovered Emotet sample leverages a "Wi-Fi spreader" module to scan Wi-Fi networks, and then attempts to infect devices that are connected to them.
The latest in a string of China-linked hacking incidents came with the Monday indictment of four members of the Chinese military for breaking into the credit-reporting agency Equifax in 2017. The motives, as with several others hacks that preceded it, appear to be more about espionage than stealing trade secrets, cybersecurity experts say.
The takedown of Equifax begs the question of whether attackers might also have been camping out in the networks of other consumer credit reporting agencies - Experian, TransUnion and others - as well as other data brokers. Interesting overlay: In 2015, President Barack Obama threatened China with severe sanctions if it didn't cease its hack attack ways, and in September of that year, he reached a landmark agreement with Chinese President Xi Jinping, which aimed to put intellectual property off limits for nation-state espionage operators.
The U.S. Justice Department today unsealed indictments against four Chinese officers of the People's Liberation Army accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. While the DOJ's announcement today portrays Equifax in a somewhat sympathetic light, it's important to remember that Equifax repeatedly has proven itself an extremely poor steward of the highly sensitive information that it holds on most Americans.
A newly uncovered Emotet malware sample has the ability to spread to insecure Wi-Fi networks that are located nearby to an infected device. If the malware can spread to these nearby Wi-Fi networks, it then attempts to infect devices connected to them - a tactic that can rapidly escalate Emotet's spread, said researchers.
In the 7 years since, threats have become exponentially more advanced, launched by well-funded cyber-criminal groups and nation-state proxies and leveraging automation and AI. And yet the people hacking into Ring cameras weren't highly-technical or using AI. They were Script Kiddies using credentials found and traded on the Dark Web to access devices that did not use 2FA or other additional security mechanisms. As a threat analyst, I have helped companies identify hundreds of IoT devices, from insecure smart refrigerators and CCTV cameras, to compromised video conferencing systems and biometric scanners.
Long-suffering Yahoo! customers may finally get some compensation for having their personal details exposed to hackers not once, not twice, not three times, nor four times, but five times between 2012 and 2016. The proposed $117.5m settlement from the US class-action lawsuit brought back when Yahoo! actually existed is headed toward its final approval by a judge.
According to the confidential document, at least 42 U.N. servers were compromised in Geneva and Vienna, potentially exposing staff personnel data and sensitive documents for other organizations collaborating with the U.N. "Although it is unclear what documents and data the hackers obtained in the 2019 incident, the report implies that internal documents, databases, emails, commercial information and personal data may have been available to the intruders - sensitive data that could have far-reaching repercussions for staff, individuals and organisations communicating with and doing business with the U.N.," Ben Parker, with The New Humanitarian, said on Wednesday. Servers in three separate locations were compromised: the U.N. office at Vienna; the U.N. office at Geneva; and the U.N. Office of the High Commissioner for Human Rights headquarters, also in Geneva.