The military must be prepared to disrupt hacking attacks before they reach US computer networks, according to a new strategic vision from the Pentagon. The Department of Defence (DoD) has updated its cyber strategy for the first time since 2015, advocating a more aggressive approach than the previous document.
Perhaps most controversially, under the new strategy the US should be ready to “defend forward to disrupt or halt malicious cyber activity at its source, including activity that falls below the level of armed conflict”.
Read more about the more aggressive cyber strategy adopted by the US Department of Defence and the implications thereof, on ZDNet.
Account takeover attacks (ATO), in which a person’s credentials are stolen and used to send emails from their real account, often result in phishing attacks being sent from the victim’s account, according to a Barracuda Networks report. Out of the 60 total ATO incident recorded, 78% led to phishing emails, said the report.
Barracuda randomly selected 50 organizations to study from April to June 2018. The goal of the study was to analyze ATO attacks, which are much less likely to be blocked by security systems that filter for domain, sender, or IP reputation, said the report.
Read more about the findings of the new Barracuda report on TechRepublic.
The Cold War of the mid-twentieth century played out as a truly epic conflict. The U.S. and the Soviet Union mobilized spies across the globe, supported proxy armies from the jungles of Southeast Asia to Central America, and deployed vast nuclear arsenals capable of annihilating life as we know it.
Many believe the US and Russia have returned to a Cold War footing, one that promises to re-imagine war. The peril from this new hybrid type of warfare incorporates cyber tactics focusing on soft targets designed to disrupt businesses, our economy and other areas of our society that were normally safe from adversaries.
Read more about the cyber Cold War being waged by hackers, and learn how to prevent your business from being attacked, on Help Net Security.
Recently, Russian PIR Bank lost $1,000,000 because of a compromised router that allowed hackers to gain entry into their local network. Why did it happen and how companies can protect themselves?
Malicious IoT hacking incidents are a norm today. That is not surprising, considering that by 2020, the IoT is expected to reach a staggering amount of 20.4 Bn devices. Homes and enterprises using legacy security measures are in danger because of the ever-growing IoT.
Networked printers increasingly are becoming targets of hackers as these devices often aren’t secured by enterprises. A new study cited by Booz Allen Hamilton found that of 61% of survey respondents who reported a data loss incident in 2016, at least 50% had at least one such incident linked to a printer. The 2017 survey by Quocirca included 200 companies with more than 1,000 employees.
The security incidents included digitally intercepted print jobs (50%), loss of data from printer hard disks (48%), mailing of documents via multifunction printers to external sources (44%), and printers getting hacked to gain network access (18%).
Read more about the findings of the new study on DarkReading.
The attempted hack came to light after CNN and the Washington Post published news stories about a phishing attempt against a website owned by the DNC. The reports cited an alert issued by US cyber-security firm and government contractor Lookout.
Read more about the attempted hack that proved to be simulated phishing test, one which had not been authorized by the DNC, on BleepingComputer.
Hackers have again taken aim at the Democratic National Committee. A scheme discovered and shut down Tuesday involved trying to steal usernames and passwords of Democratic Party officials by way of a fake login page for VoteBuilder, the service that hosts the DNC’s voter database.
A teenager from Melbourne, unnamed for legal reasons, is now facing criminal charges after he allegedly accessed Apple’s network without permission, leading to the theft of documents and the apparent compromise of customer accounts.
As reported by The Age, the teenager managed to compromise “Apple’s mainframe” a number of times from his bedroom over the course of a year. The teenager reportedly downloaded roughly 90GB of content from the network which was stored in a folder called “hacky hack hack.”
Read more about the alleged network breach, which comes after iOS source code was leaked on GitHub, on TechRepublic.
Instagram has been hit by a widespread hacking campaign which appears to have affected hundreds of users, leaving them unable to recover their accounts. As first reported by Mashable, increasing numbers of Instagram users are finding themselves barred from their own accounts.
Login attempts appear to be failing, and when password reset and recovery emails are requested, many users are reporting that the email addresses linked to their accounts have been changed to .ru domains. While it is unknown who is behind the compromise, the use of .ru email addresses may indicate the source is from Russia.
Read more about the widespread Instagram hacking campaign on ZDNet.
Representatives of Cosmos Bank, India’s second-largest cooperative bank, revealed this week that hackers breached the bank’s servers over the weekend and stole over 940 million rupees ($13.5 million) across three days.
The incident is still under investigation, and the exact date of the intrusion is unknown, but the bank said that hackers stole money from its accounts in three waves, across three days. Cosmos Bank said no money was taken from customer accounts, and all losses will be supported by the bank, according to international banking standards.
Read more about how hackers managed to steal $13.5 million from Cosmos Bank through illicit ATM and wire transactions, on BleepingComputer.