Millie
your market intelligence analyst
Search Results
Edit Save
317 results
Tech-Wreck InfoSec Blog 10/23/2020 08:09
Akamai Outlines Cyber Theft Trends in Retail Sphere (10/21/2020) Between July 2018 and June 2020, 100 billion credential stuffing attacks occurred globally, with more than 60 percent taking place in the retail, travel, and hospitality industries. A new report from , , outlines how cybercriminals are initiating attacks of all types and sizes within the commerce sector. In addition to credential stuffing, Akamai noted over four billion attacks on commercial Web sites, with criminals targeting databases to access personal information, financial records, password hashes, "and anything else that's stored." The US is not only the leading target for attackers but is also the top location from which the majority of attacks originate. Akamai recorde.
Tech-Wreck InfoSec Blog 10/21/2020 20:58
Digital Doomsday Prepper Kit - In light of the recent disasters brought about by mother nature and getting to think about other challenging scenarios I thought it might be good to create a Digital Doomsday Prepper kit - I will be posting an article later describing the basics of these apps but here is the list so far (in no particular order).
Tech-Wreck InfoSec Blog 10/16/2020 07:46
Adobe Patch Addresses Flaw in Flash Player (10/13/2020) has released a new security for Adobe Flash Player for Windows, macOS, Linux, and Chrome OS. The updates address a critical vulnerability in Adobe Flash Player that could lead to an exploitable crash, potentially resulting in arbitrary code execution in the context of the current user. The company notes that "Exploitation of CVE-2020-9746 requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL." The company says that the vulnerability is not actively exploited. Cyber Command Says to Apply New Microsoft Patch Now (10/13/2020) released patches for 87 flaws in this month's , including one that the US Cyber Command says should be addre.
Tech-Wreck InfoSec Blog 10/16/2020 07:45
240 Android Apps Found Displaying Out of Context Ads (10/12/2020) At least 240 malicious Android apps have been inundating people with irrelevant ads, according to . The out of context ads appear to come from popular applications and social media platforms including YouTube and Chrome but are actually from an assortment of apps the researchers have dubbed "RAINBOWMIX." Many of the apps are Nintendo (NES) emulators taken from legitimate sources or low-quality games and had more than 14 million downloads and as many as 15 million ad impressions per day, generating a daily haul of about $150,000. The researchers say the hackers behind the campaign used packers - software that can reserve a bit of space and obfuscate the final payload - to bypa.
Tech-Wreck InfoSec Blog 10/09/2020 09:12
Comcast's X1 Remote Used in Listening Hack (10/07/2020) 's Xfinity X1 voice remote was apparently used to remotely record users' conversations by a security research team, reported. The organization in question, Guardicore Labs, was reportedly able to exploit a weakness in the firmware patching process used on the remote to wirelessly install a malicious software package that made it possible to use the remote's built-in microphone to stealthily listen in from as much as 65 feet away. The team also believes even longer distances could be managed if a more powerful antenna were used in the process. Thankfully for Comcast subscribers, the security flaw was already patched before Guardicore's study was made public. However, the possibility of
Tech-Wreck InfoSec Blog 10/09/2020 09:11
CISA Finds New SlothfulMedia RAT Affecting Russia, India, Other Countries (10/05/2020) The US Cybersecurity and Infrastructure Security Agency () is warning that a new remote access trojan (RAT) labeled SlothfulMedia has been detected in attacks against targets in India, Kazakhstan, Kyrgyzstan, Malaysia, Russia, and Ukraine.
Tech-Wreck InfoSec Blog 10/09/2020 09:09
Global Ransomware Attacks Up 50% in Third Quarter. (10/06/2020). Research issued saying that ransomware claims a new victim every 10 seconds with the daily number of attacks increasing by 50 percent in the past three months alone. The number of attacks in the US has nearly doubled (a 98.1 percent increase), making it the number one most targeted country. Other countries in the top five for the year's third quarter are India (with attacks up 39.2 percent), Sri Lanka (with a 436 percent increase), Russia (up 57.9 percent), and Turkey (up 32.5 percent). The research also details cybercriminals' latest tactic of extracting large quantities of sensitive information prior to encrypting the victim's files and threatening to publish the information u.
Tech-Wreck InfoSec Blog 10/02/2020 06:40
Alien Trojan Affects More Than 200 Android Apps. (09/28/2020). A relatively new and barely known Android malware that has remote access trojan (RAT), notification stealing, and authenticator-based 2FA theft capabilities has recently been uncovered. Named , this new strain has been active since the start of the year and is has been available as a Malware-as-a-Service (MaaS) offering on underground hacking forums. Researchers at say Alien is a fork of the now discontinued Cerberus first variant, whose customers seem to be switching to Alien, making it the prominent new MaaS for fraudsters. To date, the researchers have found at least 226 Android applications that were targeted with fake login pages. Most of these were aimed at online banking ap.
Tech-Wreck InfoSec Blog 09/25/2020 09:46
Decade Old MS Office E-Mail Bug Being Revived. (09/21/2020). A Office e-mail vulnerability affecting versions dating back to 2007 has seen a rapid uptick in the second quarter of 2020 as threat actors attempt to exploit it for malware purposes. Malware detection analysis by shows that targeted attempts to exploit the memory corruption issue CVE-2017-11882 in Microsoft Office (2007-2016) went up by 400 percent in the first quarter of the year. The analysis indicates that the growing trend does not seem to be improving any time soon. NordVPN digital privacy expert Daniel Markuson says, "The malware targeting a decade-old MS Office vulnerability must have been under the radar, as it has been spreading through emails for three years now." The mem.
Tech-Wreck InfoSec Blog 09/25/2020 09:45
Bing Mobile App Database Exposed with 6.5TB of Info. (09/22/2020). An open server with more than 6.5TB of data from users of the Bing search engine app was victim of a Meow attack, . A Meow attack is an automated infiltration of an open server that aims to delete all or a large portion of the data. This Meow attack deleted nearly the entire database. Both iOS and Android versions of the search app were exposed in an initial attack that took place from September 10 to 12. A second attack from the same group occurred on the 14th, and WizCase says that the server may have been exposed to other attackers and scammers as well. Information such as search terms, device details, and GPS coordinates were part of the database, and the researchers specu.
Tech-Wreck InfoSec Blog 09/25/2020 09:44
179 Arrested for Drug Selling through the Dark Web. (09/22/2020). Law enforcement agencies in the US and Europe broke up cybercriminal operations that used the Dark Web to traffic narcotics and opioids. Operation DisrupTor, named after the Tor private Web browser that is frequently used to access Dark Web sites, resulted in the arrests of 179 individuals in the US, Germany, and five other nations as well as the seizure over $6.5 million in cash and virtual currencies; approximately 775 kilograms of drugs including fentanyl, oxycodone, hydrocodone, methamphetamine, heroin, cocaine, ecstasy, MDMA, and medicines containing addictive substances; and 63 firearms. According to a US Department of Justice , the suspects were identified through vendor.
Tech-Wreck InfoSec Blog 09/18/2020 15:44
MS-SQL Databases Targeted by New Cryptominer. (09/16/2020). Cryptomining malware has been found burrowing into Microsoft SQL (MS-SQL) servers, affecting thousands of databases in recent months. reports that researchers from Tencent technologies have named the malware MrbMiner after a domain used by the attackers to host their malware. After identifying a MS-SQL server on the Web, the botnet will make repeated brute force attacks trying weak passwords. Once access is gained, a backdoor is created to allow future entry. Connecting to a command and control server, the attackers can then download an app that mines the Monero cryptocurrency using local server resources and generate Monero coins into the hackers' accounts. ZDNet says that Tencent h.
Tech-Wreck InfoSec Blog 09/18/2020 15:43
Bug in Staples Order Tracking System Leads to Data Breach. (09/16/2020). Some online customers of the office supply chain received notices of a data breach that may have exposed personally identifiable information. The cause of the breach was a combination of a poorly designed ordering system and unpatched Pulse Secure VPN servers, according to . Given that Staples' order numbers are assigned sequentially, adding or subtracting from a valid order ID would show information for a different customer. Using the zip code for that package, the hackers were able to access customer names and addresses, the credit card's last four digits and its type, phone numbers and e-mail addresses, and the customer's order history. No indication was given as to t.

Automotive Industries

Business Issues

Companies - Public

Companies - Venture Funded

Global Markets

Government Agencies

Information Technologies

Job Titles

Legal and Regulatory

Market Research Topics

Political Entities

Sources

Strategic Scenarios

Trends