Security daily (12-08-2021)

UN experts join growing calls for moratorium on surveillance technology

United Nations experts on Thursday called for a halt to the sale and transfer of surveillance technology until countries introduce a regulatory framework to address the human rights impact of its abuse. “It is highly dangerous and irresponsible to allow the surveillance technology and trade sector to operate as a human rights-free zone,” the experts warned. The statement specifically singles out the Israeli spyware company NSO Group, which has been condemned for years by privacy advocates for aiding authoritarian regimes in tracking and intimidating journalists, human rights advocates and dissidents. The call for action follows a report from Amnesty International that the company’s Pegasus spyware was more widely used than previously thought. Between July 2014 and July 2021, the NSO group’s Pegasus software was used to target more than three dozen smartphones belonging to journalists, human rights activists and business executives, according to a Amnesty’s investigation with the French journalism nonprofit […] The post UN experts join growing calls for moratorium on surveillance technology appeared first on CyberScoop. (CyberScoop)

Microsoft catches hackers using Morse Code to help cover their tracks

Clever hackers use a range of techniques to cover their tracks on a target computer, from benign-looking communication protocols to self-erasing software programs. It’s not very often, though, that digital attackers turn to Morse Code, a 177-year-old signaling system, for operational security. Yet that’s exactly what played a part in a year-long phishing campaign that Microsoft researchers outlined on Thursday. Morse Code — a method of representing characters with dots and dashes popularized by telegraph technology — was one of several methods that the hackers, whom Microsoft did not identify, used to obscure malicious software. It’s a reminder that, for all of their complexities, modern offensive and defensive cyber measures often rest on the simple concept of concealing and cracking code. Hackers were sending select targets fake invoices to try to convince them to cough up their passwords and, in some cases, to collect IP addresses and location data of […] The post Microsoft catches hackers using Morse Code to help cover their tracks appeared first on CyberScoop. (CyberScoop)

Hackers stole client info, work materials in Accenture ransomware attack

Ransomware hackers began leaking Accenture data after the consulting giant suffered a security incident where the perpetrators made off with client-related documents and work materials. The gang, known as LockBit 2.0, has threatened to leak further after providing purported proof of the breach. Accenture acknowledged the attack on Wednesday, but has downplayed its severity. “Through our security controls and protocols, we identified irregular activity in one of our environments,” an Accenture spokesperson said. “We immediately contained the matter and isolated the affected servers. We fully restored our affected servers from back up. There was no impact on Accenture’s operations, or on our clients’ systems.” In an internal memo, Accenture said it noticed the “security incident” on July 30. “While the perpetrators were able to acquire certain documents that reference a small number of clients and certain work materials we had prepared for clients, none of the information is of a […] The post Hackers stole client info, work materials in Accenture ransomware attack appeared first on CyberScoop. (CyberScoop)

US makes progress on improving cyber but key issues remain, congressional committee finds

A congressional commission dedicated to shoring up America’s cyber defenses has made significant progress in the wake of multiple recent cybersecurity crises, according to a new report. Nearly 75% of the 82 recommendations made in the Cyberspace Solarium Commission’s March 2020 report, which set out to assess ways the U.S. can improve its digital resilience, have been implemented or are on track to be implemented, according to an evaluation released Thursday by the Commission. The report notes that some of this movement has been spurred by a wave of high profile cybersecurity incidents within the past year, starting with the revelation in December 2020 that Russian hackers had infiltated at least nine federal agencies using network management software SolarWinds. In March, apparent Chinese hackers exploited a vulnerability in Microsoft’s Exchange Server technology, affecting thousands of users. Multiple ransomware attacks have followed, including one against fuel provider Colonial Pipeline that forced […] The post US makes progress on improving cyber but key issues remain, congressional committee finds appeared first on CyberScoop. (CyberScoop)

S3 Ep45: Routers attacked, hacking tool hacked, and betrayers betrayed [Podcast]

Latest episode - listen now! (And learn about the Navajo Nation's selfless cryptographic contribution to America.) (Naked Security)

Windows 10: Microsoft Just Revealed Another Print Spooler Bug

(News ≈ Packet Storm)

Accenture Confirms LockBit Ransomware Attack

(News ≈ Packet Storm)

Hacker Returns More Than $260 Million From Poly Attack

(News ≈ Packet Storm)

Singaporean Telco Leaked Personal Data Of Over 57,000 Customers

(News ≈ Packet Storm)

Leaked Voting Machine BIOS Passwords May Implicate Q-Friendly County Clerk

(News ≈ Packet Storm)

Experts Shed Light On New Russian Malware-as-a-Service Written in Rust

A nascent information-stealing malware sold and distributed on underground Russian underground forums has been written in Rust, signalling a new trend where threat actors are increasingly adopting exotic programming languages to bypass security protections, evade analysis, and hamper reverse engineering efforts. Dubbed "Ficker Stealer," it's notable for being propagated via Trojanized web links (The Hacker News)

How Companies Can Protect Themselves from Password Spraying Attacks

Attackers are using many types of attacks to compromise business-critical data. These can include zero-day attacks, supply chain attacks, and others. However, one of the most common ways that hackers get into your environment is by compromising passwords. The password spraying attack is a special kind of password attack that can prove effective in compromising your environment. Let's look closer (The Hacker News)

IT Giant Accenture Hit by LockBit Ransomware; Hackers Threaten to Leak Data

Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post made by the operators on their dark web portal, likely filling a void left in the wake of DarkSide and REvil shutdown. "These people are beyond privacy and security. I really hope that their services are better than what I saw as an insider," read a message posted on (The Hacker News)

Rogue Marketplace AlphaBay Reboots

Illicit underground marketplace relaunches years after takedown. (Threatpost)

Black Hat: Novel DNS Hack Spills Confidential Corp Data

Threatpost interviews Wiz CTO about a vulnerability recently patched by Amazon Route53's DNS service and Google Cloud DNS. (Threatpost)

AdLoad Malware 2021 Samples Skate Past Apple XProtect

A crush of new attacks using the well-known adware involves at least 150 updated samples, many of which aren't recognized by Apple's built-in security controls. (Threatpost)

Ransomware Payments Explode Amid ‘Quadruple Extortion’

Unit 42 puts the average payout at over half a million, while Barracuda has tracked a 64 percent year over year spike in the number of attacks. (Threatpost)

QR Code Scammers Get Creative with Bitcoin ATMs

Threat actors are targeting everyone from job hunters to Bitcoin traders to college students wanting a break on their student loans, by exploiting the popular technology's trust relationship with users. (Threatpost)


/security-daily/ 13-08-2021 23:44:22