Tag Archives: attackers

Security flaw in Intel’s AMT lets attackers hack laptops in seconds: Cyber security firm


An attacker can reboot the target’s machine and enter the boot menu. (File Photo)

Finnish cyber security company F-Secure has claimed

Read more at: http://indianexpress.com/article/technology/tech-news-technology/security-flaw-in-intels-amt-lets-attackers-hack-laptops-in-seconds-cyber-security-firm-5025341/

Security flaw in Intel’s AMT lets attackers hack laptops in seconds

Finnish cyber security company F-Secure has claimed it has found a security flaw in Intel’s Active Management Technology (AMT) which can allow a hacker to compromise a work laptop within seconds. AMT is Intel’s proprietary solution for remote access monitoring and maintenance of corporate-grade personal computers, created to allow IT departments or managed service providers to better control their device fleets.

The company said that in July 2017 Harry Sintonen, one of F-Secure’s Senior Security Consultants, discovered unsafe and misleading default behaviour within Intel’s AMT. “AMT is no stranger to security weaknesses, with many other researchers finding multiple flaws within the system, but Sintonen’s discovery surprised even him,” the company said in a blog post.

“The attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individual’s work laptop, despite even the most extensive security measures,” Sintonen

Read more at: http://www.bgr.in/news/security-flaw-in-intels-amt-lets-attackers-hack-laptops-in-seconds/

Intel AMT security flaw lets attackers easily bypass laptop passwords

Intel is having a rough start to the year. Following the Meltdown and Spectre fiasco that is ongoing, F-Secure is piling on more bad news, saying Intel’s Active Management Technology (AMT) gives attackers an easily exploitable backdoor into potentially millions of laptops.

AMT is Intel’s proprietary solution to allow IT admins remote access monitoring and maintenance of corporate-grade systems. It is commonly found on business laptops, particularly those with Intel vPro processors. AMT has had its share of security issues in the past, but this new one is arguably the most concerning issue yet.

“The attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individual’s work laptop, despite even the most extensive security measures,” said Harry Sintonen, senior security consultant at F-Secure.

It doesn’t take long to exploit the vulnerability, which is

Read more at: http://www.pcgamer.com/intel-amt-security-flaw-lets-attackers-easily-bypass-laptop-passwords/

Mirai botnet attackers plead guilty for roles in cyberattacks

(Image: file photo)

Three men have pleaded guilty to federal cyber-crime charges for launching a cyberattack last year that knocked large parts of the internet offline.

Paras Jha, Josiah White, and Dalton Norman were indicted by an Alaska court in early December, according to documents unsealed Wednesday.

The Justice Dept. released a statement later in the day confirming the news.

Prosecutors accused the hackers of writing and using the Mirai botnet to hijack vulnerable internet-connected devices to launch powerful distributed denial-of-service (DDoS) attacks.

According to Jha’s plea agreement, the botnet ensnared more than 300,000 vulnerable devices.

The filing says that Jha “conspired to conduct DDoS attacks against websites and web hosting companies located in the United States and abroad,” and “demanded payment in

Read more at: http://www.zdnet.com/article/justice-dept-indicts-mirai-botnet-attackers/

Mirai botnet attackers plead guilty for roles in 2016 internet cyberattack

(Image: file photo)

Two hackers have pleaded guilty to federal cyber-crime charges for launching a cyberattack last year that knocked large parts of the internet offline.

Paras Jha and Josiah White were indicted by an Alaska court in early December, according to documents unsealed Wednesday.

Prosecutors accused the hackers of writing and using the Mirai botnet to hijack vulnerable internet-connected devices to launch powerful distributed denial-of-service (DDoS) attacks.

According to Jha’s plea agreement, the botnet ensnared more than 300,000 vulnerable devices.

The filing says that Jha “conspired to conduct DDoS attacks against websites and web hosting companies located in the United States and abroad,” and “demanded payment in exchange for halting the attack.”

DDoS attacks are a common way to disrupt online services, and often require little or no technical knowledge. The operator

Read more at: http://www.zdnet.com/article/justice-dept-indicts-mirai-botnet-attackers/

Oman safest Arab country in fighting cyber attackers

Muscat: Oman is ranked fourth on Global Cyber Security Index and first in the Arab region, but cyber security challenges due to growing technology applications lie ahead.

Oman’s cyber government bodies Information Technology Authority (ITA) and Computer Emergency Readiness Team (CERT) have thwarted more than 70 million attacks this year, including malware, phishing and organised attacks.

Experts believe the fight against cyber crimes has just begun with advancing and more resilient threats.

“Cyber security is something that is ongoing all the time and does not sleep. We are working on it, but there is a lot more to be done. We have already drafted the data protection law, and we are working on regulations pertaining to the IoT (Internet of Things), smart cities and other developing technologies,” Salim Al Ruzaiqi, Head of ITA, told Times of Oman during the sixth Regional Cyber Security Summit (RCSS) being held in Oman on November 20 and

Read more at: http://timesofoman.com/article/122377/Oman/Oman-is-ranked-fourth-on-Global-Cyber-Security-Index

70 per cent of ATMs in India easy prey for cyber attackers

NEW DELHI: India was among the 99 countries affected by a global cyber attack that took down, among others, health services in the UK, a telecom network in Spain and government computer systems in Russia this weekend.

As many as 102 computer systems of Andhra Pradesh police were hacked on Saturday. The malware reportedly halted production at a Nissan-Renault Alliance plant on the outskirts of Chennai, but the company did not comment on the issue.

National Cyber Security Adviser in the Prime Minister’s Office Gulshan Rai told TOI: “About 100 systems were attacked but as of now there are no more threats.”

The international cyber attack was carried out using a malware called Wanna Decryptor or WannaCry. This is a “ransomware“, a digital extortion system that locks down systems by encrypting the data on it, only to decrypt and

Read more at: http://economictimes.indiatimes.com/industry/banking/finance/banking/70-per-cent-of-atms-in-india-easy-prey-for-cyber-attackers/articleshow/58666596.cms

Cyber attackers reveal new levels of ambition

The 77-page report covers information gained from Symantec’s Global Intelligence Network tracking over 700,000 global adversaries and records events from 98 million attack sensors in over 157 countries. But it also includes Endpoint Protection, Symantec DeepSight Intelligence, Symantec Managed Security Services, Norton consumer products, and other third-party data sources, generating more than nine trillion rows of security data.

For example, its email statistics were gathered from more than 2 billion emails each day, its website security from over 2.4 billion web requests each day, and its cloud and apps from Symantec CloudSOC security technology, which in 2016 safeguarded more than 20,000 cloud apps, 176 million cloud documents, and 1.3 billion emails.

Kevin Haley, director, Symantec Security Response, said, “New sophistication and innovation is the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivation and focus. Zero-day vulnerabilities and sophisticated malware are now used sparingly,

Read more at: http://www.itwire.com/security/77830-cyber-attackers-reveal-new-levels-of-ambition.html

Cyber attackers are more ambitious than ever, Symantec warns

2016 was marked by extraordinary cyber attacks, including multi-million dollar virtual bank heists and overt attempts to disrupt the US electoral process by state-sponsored groups, say researchers.

The past year also saw some of the

Read more at: http://www.computerweekly.com/news/450417475/Cyber-attackers-are-more-ambitious-than-ever-Symantec-warns

US college admits paying $28000 ransom to cyber attackers

The Los Angeles Community College District has admitted handing over $28,000 in bitcoin to cyber attackers to regain access to data encrypted by malware commonly known as ransomware.

Ransomware is usually delivered through malicious links in email messages or through an infected website and typically encrypts all data on the infected machine and all other connected

Read more at: http://www.computerweekly.com/news/450410825/LA-college-admits-paying-28000-ransom-to-cyber-attackers