CSO Online

Hackers create memorial for a cockroach named Trevor

Hackers are an interesting bunch, and sometimes the causes they champion will seem a bit strange to outsiders. But for the crowd at DerbyCon on Sunday evening, watching hackers hold a memorial for a roach named Trevor doesn't feel strange at all.

On Sunday evening, hours after the closing ceremonies of DerbyCon, participants gathered across the street from the conference hotel at the local Smashburger in downtown Louisville, KY.

But the hackers didn’t gather for food, they were there to mourn a cockroach named Trevor.

Twenty-four hours earlier, on Saturday, a DerbyCon participant known to most as Grifter went to grab a bite to eat at Smashburger. Sometime later, Grifter posted a warning to Twitter for other DerbyCon participants that he had discovered a cockroach in his milkshake, which he named Trevor.

To read this article in full or to leave a comment, please click here

Categories: CSO Online

Surviving ransomware by keeping things simple

CSOOnline - Salted Hash - Top Security News - Sat, 09/23/2017 - 5:00pm

 

DERBYCON - Ransomware is a topic everyone knows about, but unless you've experienced a ransomware attack, it's hard to really describe and understand the stress associated with these events.

This year has seen ransomware take the top spot when it comes to attention in the security world. A soon to be released study from Holger Schulze, founder of the 370,000-member Information Security Community on LinkedIn, shows that Ransomware has become a serious focal point.

According to Schulze’s data, 75-percent of organizations affected by ransomware experienced up to five attacks in the last 12 months alone, 25-percent experienced 6 or more attacks. Moreover, 51-percent of those who took part in the study say they could recover from a successful ransomware attack within a day, while 39-percent estimate it will take more than one day to a few weeks to recover.

To read this article in full or to leave a comment, please click here

Categories: CSO Online

Surviving Ransomware by keeping things simple

CSOOnline - Salted Hash - Top Security News - Sat, 09/23/2017 - 5:00pm

DERBYCON - Ransomware is a topic everyone knows about, but unless you've experienced a Ransomware attack, it's hard to really describe and understand the stress associated with these events.

This year has seen Ransomware take the top spot when it comes to attention in the security world. A soon to be released study from Holger Schulze, founder of the 370,000-member Information Security Community on LinkedIn, shows that Ransomware has become a serious focal point.

According to Schulze’s data, 75-percent of organizations affected by ransomware experienced up to five attacks in the last 12 months alone, 25-percent experienced 6 or more attacks. Moreover, 51-percent of those who took part in the study say they could recover from a successful ransomware attack within a day, while 39-percent estimate it will take more than one day to a few weeks to recover.

To read this article in full or to leave a comment, please click here

Categories: CSO Online

Office 365 Phishing attacks create a sustained insider nightmare for IT

CSOOnline - Salted Hash - Top Security News - Wed, 09/20/2017 - 8:00am

DERBYCON - Earlier this month, Salted Hash deconstructed a Phishing email that had bypassed company filters and made into the general inbox.

The email focused on an outdated company subdivision, and was easily spotted as a scam. However, we've since learned the message itself could be part of a larger campaign that has been targeting Office 365 customers since at least June.

This wasn't a random Phishing attack:

On September 7, Salted Hash received a generic looking email warning that our account was almost over quota and these alleged space limitations were responsible for a delay in email delivery. In order to address this problem, the message said to open an attached HTML file and follow instructions. The email was clearly a scam, and the reasoning we used to flag the message as such is explained in our original story.

To read this article in full or to leave a comment, please click here

Categories: CSO Online

BlueBorne is Bluetooth's Stagefright moment

CSOOnline - Salted Hash - Top Security News - Tue, 09/12/2017 - 2:53pm

When Armis researchers demonstrated BlueBorne, an attack that takes advantage of vulnerabilities in the Bluetooth protocol, it was downright frightening how easily an attacker could take remote control over the device. 

View all files saved on the device? Sure—and it’s a snap to encrypt those files as part of a ransomware attack. Turn on the camera? Not a problem—and the device can eavesdrop on meetings and monitor conversations without anyone else knowing. Install malware? Done with a click and no one the wiser.

But what scared me even more was the fact that BlueBorne was just the tip of the iceberg when it comes to Bluetooth-based attacks.

To read this article in full or to leave a comment, please click here

Categories: CSO Online

Office 365 Phishing – A quick look at a recent example

CSOOnline - Salted Hash - Top Security News - Thu, 09/07/2017 - 4:45pm

On Thursday, an interesting email showed up in my inbox. The message says there are emails pending, because I've used 98-percent of my storage space. In order to fix this, I needed to download and save the attached configuration. The email is a scam, but this post will show what happens should anyone fall for it.

The Email:

The sending address (1) is a spoof, but the domain is legitimate, which obviously helped get the scammer's message past the company spam filters. This would be the first red flag, because the domain that sent the email isn't one used by IDG's IT team.

Steve Ragan

The email attachment (2) is a basic HTML file, but again this is a red flag. IT doesn't send attachments, and they don't send us "updates" like this. When opened, the code in the attachment will direct the intended victim's browser (in this case, it was me) to a real-estate investment blog for a company in Kazakhstan.

To read this article in full or to leave a comment, please click here

Categories: CSO Online