blog trackingRealtime Web Statistics Cybercriminals Archives | Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘Cybercriminals’

Ransomware, bogus emails from your ‘boss’ mark growing skill of cyber-criminals

Source: National Cyber Security – Produced By Gregory Evans

Ransomware, bogus emails from your ‘boss’ mark growing skill of cyber-criminals

Cyber-criminals are hacking into corporate computer systems and using the public profiles of top executives to fine-tune email scams that are duping Canadians out of hundreds of millions of dollars each year, a CBC News investigation has discovered. “It came on the scene in a massive way, from virtually nothing to $19 million in 2014” in losses reported, said Daniel Williams of the Canadian Anti-Fraud Centre, a federal government agency. He also says that research by the CAFC and police suggests that less than three per cent of these email scams ever gets reported, meaning the incidents and the losses are probably much higher. “Most probably in the range of $500 million to $1 billion,” Williams says. “It’s big, big money. It’s very organized, very sophisticated crime groups with a lot of resources putting a lot of effort … really on an industrial scale.” Source: http://www.cbc.ca/news/technology/ransomware-cyber-scams-bogus-emails-1.3314221

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Ransomware, bogus emails from your ‘boss’ mark growing skill of cyber-criminals appeared first on National Cyber Security.

View full post on National Cyber Security

Cybercriminals Targeting Real Estate Transactions

Source: National Cyber Security – Produced By Gregory Evans

Cybercriminals Targeting Real Estate Transactions

Small real estate businesses, agents and their clients are fast becoming the targets of sophisticated cyber scammers. That’s according to panelists at the Risk Management and License Law Forum yesterday at the 2015REALTORS® Conference & Expo, who discussed potential threats and offered tips for agents to protect themselves and their businesses and clients from cyber-attacks. Melanie Wyne, National Association of Realtors® technology policy expert said that while we often hear in the news about large companies falling victim to hackers, small businesses, which often lack the vast technology and legal teams of larger businesses, actually account for the majority of attacks. “Small businesses need to pay just as much attention as large companies to possible cyber threats,” she said. Darity Wesley, founder of the Lotus Law Center, said hackers are seeking personally identifiable information, data that could potentially identify a specific individual, such as credit card or bank account information, login credentials, employment details or a physical address, e-mail address, and phone or social security number. “Most people don’t know the vast amount of data stored about them in a variety of systems,” said Wesley. “Identity thieves can do a lot of damage with this information; your credit and whole life could […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Cybercriminals Targeting Real Estate Transactions appeared first on National Cyber Security.

View full post on National Cyber Security

TalkTalk hack was just friends having a laugh: Cyber-criminals who witnessed data breach said there were no criminal mastermind behind attack… and they just did it

Source: National Cyber Security – Produced By Gregory Evans

TalkTalk hack was just friends having a laugh: Cyber-criminals who witnessed data breach said there were no criminal mastermind behind attack… and they just did it

Hackers have claimed ‘at least 25’ cyber-criminals had access to TalkTalk customers’ personal information following the attack on the company. Four people who claim to have witnessed the attack unfolding, including one who said they were involved, told Channel 4 News that it was ‘fun’ to carry out the hack which has affected more than a million customers. An expert told the programme that a flaw in TalkTalk’s security was easily found by hackers using Google. The hackers claimed there was no criminal mastermind behind the attack, it was merely a group of friends ‘laughing’ about a flaw they had exposed in the company’s security. They said the break in took place days before TalkTalk uncovered it on Wednesday, October 22. One hacker said: ‘It was in a Skype group call…with a lot of laughing and making fun of TalkTalk.’ They added: ‘There was no group, it was just a few friends laughing about a company with bad security. It’s fun for us.’ Another said he was ‘shocked’ that such a major company did not have adequate security. He said: ‘I tweeted TalkTalk about an hour before everything happened and they weren’t interested, so I thought f*** them, their security […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post TalkTalk hack was just friends having a laugh: Cyber-criminals who witnessed data breach said there were no criminal mastermind behind attack… and they just did it appeared first on National Cyber Security.

View full post on National Cyber Security

How To Protect Your Company From Cybercriminals

How To Protect Your Company From Cybercriminals

At a recent “Hacker Lab” event, “white hat” hackers revealed how cybercriminals work — and what businesses can do to protect themselves. The September 9 multimedia presentation used a simulated small business system to demonstrate how hackers choose their targets, […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

View full post on National Cyber Security

Europol launches taskforce to fight world’s top cybercriminals

Source: National Cyber Security – Produced By Gregory Evans

Europol launches taskforce to fight world’s top cybercriminals

Cybercrime experts from police forces around the world are coming together to form a new body, the Joint Cybercrime Action Taskforce (J-CAT), aiming to tackle the smartest online criminals. Andy Archibald, deputy head of the National Cyber Crime Unit with […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Europol launches taskforce to fight world’s top cybercriminals appeared first on National Cyber Security.

View full post on National Cyber Security

Investigators No. 1 Challenge is Identifying Cyber-Criminals

A hacker known as “Track2″ helped steal more than 200,000 credit card numbers from small retailers across the United States and sold them online to other criminals for more than $2 million, according to a federal indictment. “This is a […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Investigators No. 1 Challenge is Identifying Cyber-Criminals appeared first on National Cyber Security.

View full post on National Cyber Security

Cybercriminals abusing Microsoft Azure for phishing attacks

NCS_FBI11-145x150

CyberCriminals usually host fake web pages on hacked websites, free web hosting, more recently they abused Google Docs.  These fake pages(phishing pages) trick unsuspecting users into handing over their personal and financial information. Read More….

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Cybercriminals abusing Microsoft Azure for phishing attacks appeared first on National Cyber Security.

View full post on National Cyber Security

Cybercriminals honing Android malware skills in Russia

Sophos says they’re starting in Russia, but will expand with success

View full post on Techworld.com security

View full post on National Cyber Security » Computer Hacking

Cloud payroll services the target of cybercriminals using Zeus malware

Cybercriminals are using the Zeus online banking malware to target companies that use cloud-based payroll services, according to researchers from security firm Trusteer.

The researchers have come across a Zeus configuration that monitors the log-in web page of a Canadian provider of human resources and payroll services called Ceridian Canada, with the purpose of stealing authentication information from its customers.

The malware steals user IDs, passwords and company numbers when users authenticate on Ceridian’s clients.powerpay.ca website from infected computers and automatically takes screenshots of their answers to the site’s image-based verification system.

Trusteer expects payroll services to become increasingly targeted by cybercriminals who can more easily steal large amounts of money through them than from regular online banking accounts, the company’s chief technology officer, Amit Klein, said.

In general, the authentication protection measures used by payroll services lag a few years behind those used by online banking websites, Klein said.

Also, because payroll services can be accessed from anywhere, it’s not always necessary for attackers to break into a corporate network to perform fraud, he said. The authentication credentials can be stolen and abused through a laptop that’s regularly removed from the enterprise premises.

Once in possession of the stolen authentication credentials, the cybercriminals can add fake employees in the payroll system and transfer considerable sums of money to accounts the criminals control.

Last year, a group of cybercriminals used this method to steal $217,000 from a nonprofit organisation called the Metropolitan Entertainment Convention Authority (MECA) based in Omaha, Nebraska.

The attackers transferred money through MECA’s payroll system to the bank accounts of US residents hired through work-at-home scams, who then wired the funds out of the country, Klein said.

Unfortunately, running an antivirus program is often not enough to prevent Zeus infections, because cybercriminals who use this Trojan horse perform reconnaissance before launching their attacks in order to learn what security products their targets use. They then alter the malware to evade detection by those applications.

Products like Trusteer’s Rapport are designed to secure web browsing sessions so that malware can’t tamper with them and steal credentials. However, security experts have advised organisations in the past to only perform sensitive financial activities from dedicated computers that aren’t used for other tasks, or to do so by booting from a Linux live CD in order to decrease the chances of malware interference.

Article source: http://rss.feedsportal.com/c/270/f/470440/s/1e4b2270/l/0Lnews0Btechworld0N0Csecurity0C3350A4150Ccloud0Epayroll0Eservices0Etarget0Eof0Ecybercriminals0Eusing0Ezeus0Emalware0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Virus/Malware/Worms

Cybercriminals Use Zeus Malware to Target Cloud Payroll Services

Cybercriminals are using the Zeus online banking malware to target companies that use cloud-based payroll services, researchers from security firm Trusteer said Monday.

The researchers have come across a Zeus configuration that monitors the log-in Web page of a Canadian provider of human resources and payroll services called Ceridian Canada, with the purpose of stealing authentication information from its customers.

The malware steals user IDs, passwords and company numbers when users authenticate on Ceridian’s clients.powerpay.ca website from infected computers and automatically takes screenshots of their answers to the site’s image-based verification system.

Trusteer expects payroll services to become increasingly targeted by cybercriminals who can more easily steal large amounts of money through them than from regular online banking accounts, the company’s chief technology officer, Amit Klein, said in a blog post.

In general, the authentication protection measures used by payroll services lag a few years behind those used by online banking websites, Klein said via email.

Also, because payroll services can be accessed from anywhere, it’s not always necessary for attackers to break into a corporate network to perform fraud, he said. The authentication credentials can be stolen and abused through a laptop that’s regularly removed from the enterprise premises.

Once in possession of the stolen authentication credentials, the cybercriminals can add fake employees in the payroll system and transfer considerable sums of money to accounts the criminals control.

Last year, a group of cybercriminals used this method to steal US$217,000 from a nonprofit organization called the Metropolitan Entertainment Convention Authority (MECA) based in Omaha, Nebraska.

The attackers transferred money through MECA’s payroll system to the bank accounts of U.S residents hired through work-at-home scams, who then wired the funds out of the country, Klein said.

Unfortunately, running an antivirus program is often not enough to prevent Zeus infections, because cybercriminals who use this Trojan horse perform reconnaissance before launching their attacks in order to learn what security products their targets use. They then alter the malware to evade detection by those applications.

Products like Trusteer’s Rapport are designed to secure Web browsing sessions so that malware can’t tamper with them and steal credentials. However, security experts have advised organizations in the past to only perform sensitive financial activities from dedicated computers that aren’t used for other tasks, or to do so by booting from a Linux live CD in order to decrease the chances of malware interference.

Article source: http://www.pcworld.com/businesscenter/article/253505/cybercriminals_use_zeus_malware_to_target_cloud_payroll_services.html

View full post on National Cyber Security » Virus/Malware/Worms

Page 1 of 212»

My Twitter

  • Woman attacked in Carlisle city centre by man she met on dating website https://t.co/0qVOSsgh99 #dating @gregorydevans
    about 47 mins ago
  • Ed Henry off the air at Fox News after alleged infidelity reported https://t.co/4xG5QsJT9K #dating @gregorydevans
    about 55 mins ago
  • Brad Pitt Cheating On Wife Angelina Jolie With ‘Five Seconds Of Silence’ Co-Star Marion Cot https://t.co/g2ycEBI7pB #dating @gregorydevans
    about 1 hour ago
  • Excessively messaging to bad grammar: Online dating mistakes to avoid https://t.co/r3KR5Fteue #dating @gregorydevans
    about 2 hours ago
  • RT @datingscams101: International Dating Service AnastasiaDate Introduces Service Changes to Make Global Dating https://t.co/xzORidCwcF #da…
    about 2 hours ago

AmIHackerProof.com By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans