blog trackingRealtime Web Statistics Hijacks Archives | Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘hijacks’

‘CSI: Cyber’ season 2 episode 11 spoilers: Hacker hijacks plane

Source: National Cyber Security – Produced By Gregory Evans

‘CSI: Cyber’ season 2 episode 11 spoilers: Hacker hijacks plane

Avery Ryan (Patricia Arquette), D.B. Russell (Ted Danson), and the entire squad will be working overtime to trace a plane that suddenly vanished in the upcoming episode of the CBS series “CSI: Cyber.” In “404: Flight Not Found,” Spoiler TV reports that the team will be tapped to investigate a possible hack job in the communication system in an air traffic control. Soon, the operatives will realize that this is not a simple cyber-crime when an entire plane goes off the grid without warning. They are now facing the first ever case of cyber-hijacking in the world. The team must race against time to track down the hacker, with so many lives at stake. Is the Cyber unit equipped with the know-how to pull-off what could be its biggest case to date? The series is currently on its winter hiatus, but it is expected to return on Jan. 10, 2016. For its other upcoming episodes, CBS has teased that the squad will be facing a dangerous criminal who uses the alias “The Angel of Digital Death.” According to TV Line, Stella Kaine is a hacker with a peculiar modus operandi. She will select her targets; send certificates of their death […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post ‘CSI: Cyber’ season 2 episode 11 spoilers: Hacker hijacks plane appeared first on National Cyber Security.

View full post on National Cyber Security

Mandiant Researchers: Heartbleed Attack Bypasses Multifactor Authentication, Hijacks VPN Sessions.

3

According to the researchers at security firm Mandiant the attackers have developed a way to exploit heartbleed in an SSL VPN. The Heartbleed bug, as it’s now known, affects any sites and services running specific versions of OpenSSL. It is estimated that over 66% of the web uses OpenSSL, so a good portion of the web may be vulnerable. The latest heartbleed attack took place on April 08, 2014, following the disclosure of the OpenSSL vulnerability. An attacker exploited the weakness in a VPN appliance and hijacked multiple active user sessions. The attack involved sending repeated malformed heartbeat requests to the …continue reading

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Mandiant Researchers: Heartbleed Attack Bypasses Multifactor Authentication, Hijacks VPN Sessions. appeared first on National Cyber Security.

View full post on National Cyber Security

Chrome extensions malware hijacks Facebook profiles

Kaspersky Lab has found malware-laden Chrome extensions, along with a criminal gang playing cat and mouse with Google by releasing several variations of its wares.

The attacks manifest as suggestions to download Facebook apps. Those apps are, alas, not real. Instead they are malware and, in one case, a malware-laden Chrome extension hosted in Google’s very own Chrome Web Store.

The malware pretends to be a Flash Player installer but instead downloads a Trojan which writes messages to a victim’s Facebook profile and automatically Likes certain pages.

The former activity contains an alluring message suggesting your Friends download the same malware. The auto-Liking behaviour is part of a pay-per-Like scheme that helps the criminals to cash in.

Variations on this attack have been around for a few weeks now, Kaspersky says, but is so far largely confined to Brazil and other Portuguese-speaking nations.

Google is pulling the malware as fast as the criminals can sneak new variants into the Chrome Web Store.

Researcher Fabio Assolini suggests: “Be careful when using Facebook. And think twice before installing a Google Chrome extension.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/03/25/chrome_web_store_malware_hijacks_facebook_profiles/

View full post on National Cyber Security » Virus/Malware/Worms

Malware hijacks file host SendSpace to steal information

Trend Micro researchers have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval.

Malware authors have used file-hosting and sharing servers for that purpose before, but this is the first time malware has been noticed to do that automatically, wrote Roland Dela Paz, a threat response engineer with Trend Micro.

SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote.

It appears SendSpace’s terms of service would prohibit use of the site that way. SendSpace said in response to an email that it was “notified of this several days ago by Trend Micro themselves, and we’re working to find a solution for this.”

File storage services offer several advantages for cybercriminals, said Rik Ferguson, director of security research and communication for Trend Micro in Europe.

Although the cybercriminals often use networks of proxy computers to mask how they are communicating with a compromised computer, using a storage service adds another layer, Ferguson said. “It breaks in some ways the chain of evidence,” he said.

Also, authorities would be less likely to take down a legitimate file-hosting service than a new server set up by scammers, Ferguson said.

The services are especially useful for so-called Advanced Persistent Threat attacks, where cyberspies seek to infiltrate an organisation for a long period of time, Ferguson said. There is also a better chance that organisations that are hacked will not regard outbound connections to a file-hosting service as suspicious, making it less likely the connection will be shut down, he said.

“Basically it’s criminals taking advantage of public infrastructure to appear less suspicious,” Ferguson said.

Article source: http://rss.feedsportal.com/c/270/f/470440/s/1c6fc3a1/l/0Lnews0Btechworld0N0Csecurity0C33352750Cmalware0Ehijacks0Efile0Ehost0Esendspace0Esteal0Einformation0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Virus/Malware/Worms

Malware hijacks file host SendSpace to steal information

Trend Micro researchers have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval.

Malware authors have used file-hosting and sharing servers for that purpose before, but this is the first time malware has been noticed to do that automatically, wrote Roland Dela Paz, a threat response engineer with Trend Micro.

SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote.

It appears SendSpace’s terms of service would prohibit use of the site that way. SendSpace said in response to an email that it was “notified of this several days ago by Trend Micro themselves, and we’re working to find a solution for this.”

File storage services offer several advantages for cybercriminals, said Rik Ferguson, director of security research and communication for Trend Micro in Europe.

Although the cybercriminals often use networks of proxy computers to mask how they are communicating with a compromised computer, using a storage service adds another layer, Ferguson said. “It breaks in some ways the chain of evidence,” he said.

Also, authorities would be less likely to take down a legitimate file-hosting service than a new server set up by scammers, Ferguson said.

The services are especially useful for so-called Advanced Persistent Threat attacks, where cyberspies seek to infiltrate an organisation for a long period of time, Ferguson said. There is also a better chance that organisations that are hacked will not regard outbound connections to a file-hosting service as suspicious, making it less likely the connection will be shut down, he said.

“Basically it’s criminals taking advantage of public infrastructure to appear less suspicious,” Ferguson said.

Article source: http://rss.feedsportal.com/c/270/f/470440/s/1c6fc3a1/l/0Lnews0Btechworld0N0Csecurity0C33352750Cmalware0Ehijacks0Efile0Ehost0Esendspace0Esteal0Einformation0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Virus/Malware/Worms

‘Ramnit’ worm hijacks 45,000 Facebook logins

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company’s online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine’s and Web site’s coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media’s internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan’s activities, follow him on Twitter.

Article source: http://www.zdnet.com/blog/security/ramnit-worm-hijacks-45000-facebook-logins/9934

View full post on National Cyber Security » Virus/Malware/Worms

My Twitter

  • RT @GregoryDEvans: New Study: Principals Play a Large Role in Teacher Retention – District Dossier – Education https://t.co/1fLSYZdgdD #se…
    about 3 hours ago
  • RT @GregoryDEvans: New Study: Principals Play a Large Role in Teacher Retention – District Dossier – Education https://t.co/1fLSYZdgdD #se…
    about 3 hours ago
  • RT @GregoryDEvans: Good Cybersecurity Can Be Good Marketing https://t.co/UqreHFsdIH https://t.co/CkjWdrFdPp
    about 20 hours ago
  • RT @GregoryDEvans: Good Cybersecurity Can Be Good Marketing https://t.co/UqreHFsdIH https://t.co/CkjWdrFdPp
    about 21 hours ago
  • RT @GregoryDEvans: Good Cybersecurity Can Be Good Marketing https://t.co/UqreHFsdIH https://t.co/CkjWdrFdPp
    about 21 hours ago

AmIHackerProof.com By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans