MENTIS

Week of September 09, 2016

MENTIS
news

Week of September 09, 2016

Why Social Media Sites Are The New Cyber Weapons Of Choice

  • Cyber criminals run rampant across every social network today.
  • Companies poor social media security practices put their brands, customers, executives, and entire organizations at serious risk.
  • According to Cisco, Facebook scams were the most common form of malware distributed in 2015; the FBI said that social media-related events had quadrupled over the past five years.
  • Facebook reported that up to 2% of its average users (31 million accounts) are false, Twitter estimates 5%, and LinkedIn doesn’t even have a reliable system for tracking fraudulent accounts.
  • Despite this, social networks remain some of the most trusted channels online.
  • The attackers now have incredibly broad reach and can easily manipulate users and execute a variety of widespread cyber-attacks and scams, including everything from social engineering to brand impersonations, account takeovers, customer fraud, and much more.
  • Security professionals and marketers should start treating social channels like the security threat they are and develop strategies to effectively fend against the range of cyber techniques currently in use.

Source: Dark Reading, September 06, 2016
http://www.darkreading.com/attacks-breaches/why-social-media-sites-are-the-new-cyberweapons-of-choice/a/d-id/1326802


You Need To Update Your Apple Computer Right Now

  • Remember the iPhone security flaw reported on last week? Apple just released patches fixing similar problems with the software powering Mac desktops and laptops, as well as the company’s Safari web browser.
  • The problems could allow hackers to remotely take over your iMac or MacBook.
  • In many cases, your Apple computer will automatically let you know there’s an update available, this is not the time to ignore that message.
  • If you’re behind on your updates, you may have to download more than just today’s fix to get fully secured.

Source: Time, September 02, 2016
http://time.com/4477405/update-your-mac/


Denmark Buys Leaked Data To Use In Tax Evasion Inquiries

  • Denmark has become the first country in the world to apparently buy data from the Panama Papers leak, and now plans to investigate whether 500-600 Danes who feature in the offshore archive may have evaded tax.
  • Denmark’s tax minister, Karsten Lauritzen, said he will pay up to DKK9m (£1m) for the information, which comes from the Panamanian law firm Mossack Fonseca.
  • The source sent over an initial sample of documents and the government reviewed them.
  • “Everything suggests that it is useful information. We owe it to all Danish taxpayers who faithfully pay their taxes,” Lauritzen said, admitting that he had originally been very wary.
  • The Panama Papers, published in April, were the biggest leak in history.
  • The archive includes 12.7m documents, there are details of offshore companies – half of them incorporated in the British Virgin Islands, a UK tax haven as well as of secret “beneficial owners”.
  • The government had already started an investigation into eight Danish banks, stating that the banks had not done enough to ensure offshore accounts weren’t used for money laundering or tax evasion.
  • This is a historic moment for Denmark and the first time it has chosen to buy information on suspected tax offenders.

Source: The Guardian, September 07, 2016
https://www.theguardian.com/news/2016/sep/07/panama-papers-denmark-becomes-firstcountry-to-buy-leaked-data


Report Claims National Security Was Put At Risk By The OPM Data Breach

  • A Congressional investigation into the devastating hack of the US government’s Office of Personnel Management (OPM) has detailed shortcomings in the organisation’s security and made recommendations for other federal departments to prevent the same from happening to them.
  • The report describes how OPM’s servers came under attack between 2012 and early 2015, with hackers ultimately stealing the personnel files of 4.2 million former and current government employees and security clearance investigation information on 21.5 million individuals.
  • The nature of the personal information stored by the OPM on individuals went far beyond the typical organisation, including a “wealth of information about their past activities and lifestyle.”
  • This included extensive financial information, employment history, home addresses for the past
  • ten years, details of emotional or mental health issues, use of illegal drugs or controlled substances,
  • alcohol abuse, and so forth.
  • According to the report, the initial breach at OPM was facilitated by login credentials stolen from a contractor allowing hackers to log into the network.
  • The lack of two-factor authentication was clearly an enormous oversight as may have prevented the attackers from gaining entry via this route.
  • The first attacker was discovered by OPM’s security team and monitored for some time before a decision was made to curtail their access before they could do more harm.
  • Unfortunately, a second attacker was not discovered and ultimately made off with the millions of documents and personnel records which subsequently made for so many headlines in the media.
  • The OPM missed an important opportunity to strengthen its security when it discovered the first evidence of a hacker at work – its failure to implement addition technologies aided the second incident.
  • Other organisations should learn from the security breach at OPM and take steps to secure their networks. A link to the full congressional report is available in the original article (link below).

Source: Tripwire, September 08, 2016
http://www.tripwire.com/state-of-security/government/report-claims-national-security-was-putat-risk-by-the-opm-data-breach/


Crimeware As A Service Hack Turns Potential Hackers Into Victims

  • Cybercriminals are using Google Docs to host a new Facebook scamming tool, which is designed to steal credentials from potential hackers who try to access other users' accounts.
  • Crimeware-as-a-service (CaaS) enables hackers to automate their illegal activity online. The phishing tools are typically used to steal account information from a broad range of targets.
  • Blue Coat Elastica Cloud Threat Labs (BCECTL) discovered that cybercriminals are now using Facebook hacking tools to target end-users and trick them into sharing their Facebook account credentials.
  • One version of the tool allows an attacker to send its hacker “customer” a link that takes them to a “Facebook Friend’s Account Hacker” document that requires them to provide their Facebook login information.
  • When their account info is entered, it's sent back to the attacker-controlled domain, meaning the aspiring hacker's data has been stolen.
  • Hackers primarily use CaaS to make money by selling stolen credentials on the underground market, which is one goal of the Facebook hacker tool.

Source: Dark Reading, September 08, 2016
http://www.darkreading.com/attacks-breaches/crimeware-as-a-service-hack-turns-potentialhackers-into-victims/d/d-id/1326849


Network Management Systems Vulnerable To SNMP Attacks

  • Many network management systems that are used to discover and monitor desktops, servers, printers, and other equipment connected to the network such as routers and switches, are vulnerable to attacks via the Simple Network Management Protocol.
  • Security vendor Rapid7 says it discovered the issue when researching how attackers could leverage SNMP to target systems that rely heavily on the protocol.
  • The exercise led to Rapid7 finding a total of 13 vulnerabilities in network management products from nine vendors that would have let adversaries carry out sustained cross-site scripting attacks over SNMP.
  • Most modern network management systems are managed via web-based interfaces, use SNMP by default to track and manage systems, and can be configured to automatically receive device SNMP data or “traps” from systems on the network.
  • From an attacker’s standpoint, network management systems provide an ideal target because they maintain information in near real-time about the network components they manage.
  • Such systems can point attackers to the most valuable targets on a network including less obvious ones like a printer doing payroll runs or an HR server with personally identifiable information on employees.
  • For the attacks described by the researchers in the paper, an adversary would need a way to plant a rogue device on the network.

Source: Dark Reading, September 07, 2016
http://www.darkreading.com/vulnerabilities---threats/network-management-systemsvulnerable-to-snmp-attacks/d/d-id/1326838


India Shelves Plan To Expand French Submarine Order After Data Breach

  • India is unlikely to give French naval contractor DCNS a proposed order for three new submarines, in addition to the six it is already building in the country, following the leak of secret data about its capabilities.
  • India's defense ministry has written to DCNS asking for details about the extent of the leak and how data relating to the Scorpene's intelligence gathering frequencies, diving depth, endurance and weapons specifications had ended up in the public domain.
  • Indian submarine experts say that, while the breach in information security was serious, it does not make the Scorpenes immediately vulnerable to detection.
  • India's submarine arm is down to 13 vessels, only half of which are operational at any time, and is falling rapidly behind China, which is expanding its maritime presence in the Indian Ocean.
  • The Indian government has approved the acquisition of the next generation of submarines beyond the Scorpene, in a project estimated at $8 billion.
  • The first defense official said he did not expect any movement on that project until the investigation into the Scorpene leak was completed and new security measures put in place.

Source: Reuters, September 03, 2016
http://www.reuters.com/article/us-india-france-submarines-idUSKCN1182F6


German Spy Agency "Illegally Restricted" Supervision Of Its Abuses

  • The German Federal Intelligence Service (BND) has been trying to hamper its own oversight, the country’s data protection commissioner said in a leaked report, which also unveiled excessive and systematic violations of citizens’ rights by the spy agency.
  • The paper examined how the BND data collection center in the southeastern city of Bad Aibling monitored the telecommunications data of German citizens.
  • In the leaked document, dating back to March 2016, Federal Data Protection Commissioner Andrea Vosshoff claimed the BND clearly hampered her attempts to investigate the agency’s work.
  • According to Vosshoff, the “BND has collected personal data without a legal basis.”
  • The commissioner pinpointed 18 severe legal violations and filed 12 formal complaints in seven fields of the service’s activity, detailing attempts to block her inquiries as one of them.
  • While the BND outpost in Bad Aibling is the target of the latest investigation, there are several more similar data processing services that are collecting metadata from all over the world amounting to some 220 million data points a day.

Source: Russia Today, September 03, 2016
https://www.rt.com/news/358176-german-spy-agency-illegally-restricted/

Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

Image CAPTCHA
scroll top