Shocking! I thought everyone loved India.
Indian
Officials Under a Barrage of Ongoing Cyber-Attacks
Named Operation Transparent Tribe, this campaign
was first detected on February 11, 2016, when Proofpoint's security
team was alerted by two different spear-phishing emails received by
officials at the Indian embassies in Saudi Arabia and Kazakhstan,
both sent from the same IP address.
This convinced Proofpoint researchers to take a
closer look at the emails, and they're now saying in their most
recent report that this attack is part of a larger operation that
has targeted a large number of Indian officials, not just embassy
employees.
… The threat group behind this attack is using
spear-phishing emails that contain casual news snippets that are of
interest for their targets, usually current news stories.
The links in these malicious emails redirect
victims to various sites where the group carries out watering hole
attacks, or sometimes have directly linked to applications that
eventually infect the victim with a new RAT (Remote Access Trojan)
which Proofpoint has named MSIL/Crimson.
Despite being a newly discovered threat, this RAT
is quite an advanced cyber-espionage tool, capable of stealing
various types of data from the local computer and sending it to a C&C
server.
MSIL/Crimson can collect data through keyloggers,
take screenshots of the desktop, record audio and video via the
microphone and webcam, and of stealing data from email clients.
Proofpoint has not managed to identify who is
behind this threat, but this may be because they don't have enough
data to look at. In an interview with Threat
Post, Kevin Epstein, VP of Proofpoint's threat operations center
says that this campaign is still going on as we speak.
'Tis the season!
It used to be that in February and March, we’d
see a number of reports of breaches involving employees’ W-2 tax
statements that were due to printing or mailing errors. This year,
we’re seeing reports of W-2 data theft via phishing.
Because a W-2 form provides the employee’s name,
Social Security number, address, and earnings information for the
year with how much had been deducted for taxes, etc. – as well as
the employer’s name and address – it
provides everything criminals need to engage in tax refund fraud.
Just in the past week alone, I’ve reported on
incidents involving AmeriPride,
Actifio,
Evening
Post Industries, Main
Line Health, one at Mansueto
Ventures impacting employees of Inc.,
and Fast Company, City
of Hope, and one
at GCI impacting all employees of GCI, Denali
Media, UUI and Unicom.
Now add Seagate to the list.
Brian
Krebs reported the breach yesterday. The company has not
revealed how many employees have been impacted.
And those are just the ones found in my online
searching this past week. There are likely more that are being
discovered or first reported that we’ll learn about in time.
That’s a lot of potential new tax refund fraud
victims.
Perhaps because it is so easy to do?
Apple shuts
down first-ever ransomware attack against Mac users
The incident is believed to be the first
Apple-focused attack using ransomware,
which typically targets computers running Windows.
… Security company Palo Alto Networks wrote on
Sunday that it found the "KeRanger" ransomware wrapped into
Transmission, which is a free Mac BitTorrent client.
Transmission warned
on its website that people who downloaded the 2.90 version of the
client "should immediately upgrade to 2.92."
Not smoking gun, but lots of simmering dumb.
Sanders
tops 2016 field in newly deleted tweets
Democratic hopeful Bernie
Sanders tops the list, with 58 deletions from January to March 4.
In many of those cases, though, he just deleted retweets of others'
social media posts. On the GOP side, John Kasich tops the list, with
31, ahead of the race's front-runner, Donald
Trump, who has 28 deletions.
… Trump deleted a tweet accusing Ted
Cruz of employing illegal tactics in the Iowa caucuses.
… A review of the archive over the past month
shows the press took notice of most bombshell deletions almost
instantly, as the intense scrutiny on this year's candidates carries
over to social media.
… There are no set rules for campaigns to
follow when deleting tweets, but digital operatives say there are
best practices.
Deleting typos is the most frequent reason, and
excusable, they say.
When a staffer accidentally sends a tweet from a
boss's account, experts recommend quick deletion and acknowledgement
of the mistake.
Too many self-imposed restrictions to succeed?
Peeple, the
notorious "Yelp for people" app, arrives
It generated controversy and criticism when word
of it first broke back in October, even though Peeple,
a people-rating mobile app that was likened to being the "Yelp
for people," hadn't launched yet. Now, after a number of tweaks
to the concept, the people-rating app has finally arrived.
Starting today, Peeple is available to download
for free for iPhones
or iPads. The app, which was created by two friends in Calgary,
Canada, allows users to rate other users in three categories:
personal, professional, and romantic.
… However, the idea of people posting
"reviews" of their neighbors, coworkers, dates and others
prompted outrage from critics who saw its potential for abuse as an
outlet for bullying or cyber revenge.
… Perhaps in response to that round of
criticism last fall, the Peeple app going public today will not allow
users to rate others without their permission
No comments:
Post a Comment