Tag Archives: exploits

Researcher Exploits Intel Remote Management Security In 30 Seconds But It’s Not What You Think

The big news in security (or lack thereof) recently has been the Meltdown and Spectre issues that have plagued Intel, AMD, and Apple. Those aren’t the only security issues that computer users are facing. Security research firm F-Secure has found a new security flaw that it says affects Intel Active Management Technology or AMT. AMT is an Intel proprietary solution that allows remote access or monitoring and management of personal computers in a corporate setting.

8th Gen Intel Core S series Chip8th Gen Intel Core S series Chip

The tech was meant to allow IT departments in these large organizations or managed service providers to control fleets of computers. F-Secure Senior Security Consultant Harry Sintonen found a flaw in AMT in July of 2017 (it has only now been disclosed) that surprised him. He said, “The attack is almost deceptively simple to

Read more at: https://hothardware.com/news/researcher-exploits-intel-remote-management-security

Sextortion: How a New Breed of Predator Exploits Victims Through Their Own Computers

Heather knew there were adults on the Internet who preyed on kids, and she regularly warned her own four children about the dangers of talking to strangers online. Yet the 37-year-old married mom from Phoenix never thought she would ever fall victim to a growing Internet crime known as sextortion.

The Federal Bureau of Investigation (FBI) classifies sextortion as a form of online blackmail in which explicit images are used to extort additional photos, sexual favors, and sometimes money from victims. It can involve hacking into a victim’s computer or “catfishing” — where predators lure unsuspecting victims into online relationships and coerce them into sharing nude photos or videos. A 2016 report from the Brookings Institute found that sextortion is on

Read more at: https://www.allure.com/story/online-predators-blackmail-sextortion-victims-explicit-images

Simple exploits have a big impact in cyber crime

Critical Read

Simple exploits have a big impact in cyber crime

 

What: Symantec’s annual Internet Security Threat Report for 2016

Why: Bad cyber actors, from criminals to state-sponsored groups, are leveraging existing operating systems, off-the-shelf tools and cloud services to get into Hillary Clinton’s campaign and launch ransomware attacks, according to the cybersecurity company’s annual ISTR.

Attackers are also not shy about using those tools to subvert and undermine government targets, it said.

Cyber criminals and state-sponsored groups are using existing OS, tools and the cloud to “live off the land,” without having to develop, more costly new malware or unearth technical vulnerabilities to attack victims, according to Symantec.

In 2016, there were 15 separate data breaches that exposed more than 10 million identities each, and in all, more than 1.1 billion identities were compromised.

Email-borne malware was the favorite tool for a

Read more at: https://fcw.com/articles/2017/05/02/critical-symantec-cyber.aspx

Availability of ready-made exploits helping young get into cyber-crime

Availability of ready-made exploits helping young get into cyber-crime

The National Crime Agency (NCA) has today published research into how and why some young people become involved in cyber-crime.

According to the NCA, the availability of off-the-shelf hacking tools such as DDoS-for-hire services and Ransomware-as-a-Service companies, who have step-by-step tutorials and come at little to no cost, the skills barrier for entry into cyber-crime is lower than it has ever been.

The report also highlights that whilst there is no socio-demographic bias in cyber-crime communities, with people across the country from different backgrounds among offenders, the average age of cyber-criminals is significantly younger than other crime types.

In 2015, the average age of suspects in NCA cyber-crime investigations was 17 years old, compared to 37 in NCA drugs cases and 39 in NCA economic crime cases.

The report emphasises that financial gain is not necessarily a priority

Read more at: https://www.scmagazineuk.com/availability-of-ready-made-exploits-helping-young-get-into-cyber-crime/article/652064/

Cyber-attacks using exploits up by a quarter in 2016, says Kaspersky

Cyber-crime is rising

The number of attacks using flaws in software increased by a quarter, to over 702 million attempts last year, according to a new report by Kaspersky Lab.

In 2016, there were 702,026,084 attempts to launch an exploit, up by 24.54 percent on 2015, according to the report which also showed that 347,966 users were attacked with exploits in 2016, 20.85 percent fewer than in the previous year.

It was also found that the number of corporate users encountering an exploit at least once increased 28.35 percent to reach 690,557, or 15.76 per cent of the total number of users attacked with exploits.

Among the applications exploited most often were browsers, the Windows and Android operating systems and Microsoft Office, with 69.8 percent of users encountering an exploit for one of these applications at least once in 2016. More than 297,000 users worldwide were attacked by unknown exploits.

Read more at: https://www.scmagazineuk.com/cyber-attacks-using-exploits-up-by-a-quarter-in-2016-says-kaspersky/article/652042/

AES-NI Ransomware Dev Claims He’s Using Shadow Brokers Exploits

The developer of the AES-NI ransomware claims that the recent “success” he’s been enjoying is due to the NSA exploits leaked last week by the Shadow Brokers group.

In a series of tweets he posted online, the AES-NI author alleges he successfully used ETERNALBLUE, an exploit targeting the SMBv2 protocol, to infect Windows servers across the globe and then install his home-made ransomware.

The only evidence the AES-NI author provided was a screenshot that showed the ransomware dev scanning a server for three NSA exploits.

Screenshot posted by AES-NI developer
Screenshot posted by AES-NI developer

The author of this ransomware did not respond to a request for comment from Bleeping Computer. While the validity of his claims cannot be proven, one thing can, and that’s the trail of destruction this ransomware has left behind in the past week.

Below is a chart provided by the experts at

Read more at: https://www.bleepingcomputer.com/news/security/aes-ni-ransomware-dev-claims-hes-using-shadow-brokers-exploits/

Microsoft Patches Shadow Brokers Exploits, Updates Privacy Controls

The hacking group Shadow Brokers last week revealed a large number of Windows vulnerabilities it claims to have stolen from the National Security Agency (NSA), but Microsoft said Friday that it has already patched most of them. The company has also rolled out new privacy settings through its recent Creators Update.

Nine exploits released by the Shadow Brokers have already been patched, while three others only affected users running older, unsupported versions of the Windows operating system, said principal security group manager Phillip Misner on Microsoft’s TechNet IT portal. Misner said anyone with those older versions should upgrade their systems to avoid the vulnerabilities.

Since emerging last summer, the Shadow Brokers organization has published five leaks of zero-days and other vulnerabilities it claims to have taken from the NSA. The exploits the group revealed Friday included Windows vulnerabilities as

Read more at: http://www.newsfactor.com/story.xhtml?story_id=101003HG9T6Q

Hacking Group ‘ShadowBrokers’ Release NSA Exploits, Then Go Dark

The hacker group “ShadowBrokers” releases 61 files said to contain exploit tools used by the National Security Agency, which could fuel a race between attackers—trying to create their own exploit tools—and defenders.

The ShadowBrokers, a hacking group, pledged to shut down their operation and go dark on Jan. 12. But as a final act of spite the group released 61 files from a cache of hundreds of programs allegedly belonging to an exploitation framework used by the U.S. National Security Agency.
The files reportedly include programs for compromising systems and circumventing defensive software, including antivirus programs. The group released the files because many—44, according to security experts—could be detected by at least one antivirus program, the group said in a statement posted online.
“So long, farewell peoples,” the group stated. “TheShadowBrokers is going

Read more at: http://www.eweek.com/security/hacker-group-shadowbrokers-release-nsa-exploits-after-auction-fails.html