Latest & Developing News

Scroll down for the latest news and views relevant to the cyber security world.

In an ever evolving security landscape Pelion Consulting takes the latest relevant news and compiles the best bits here.

(Pelion Consulting is not responsible for external content)

ICONS-PPDP-(R)

Security expert warns of unprecedented phishing attacks in SA

South Africa is witnessing an unprecedented increase in both simple opportunistic attacks and complex targeted attacks, which are increasingly using sophisticated techniques in an effort to avoid detection, an industry expert has warned.

https://www.itweb.co.za/content/WnxpE74DZYy7V8XL/zlP3gQ2qGRMnRD1W


A huge database of Facebook users’ phone numbers found online

Hundreds of millions of phone numbers linked to Facebook accounts have been found online.

The exposed server contained more than 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K., and another with more than 50 million records on users in Vietnam.

https://techcrunch.com/2019/09/04/facebook-phone-numbers-exposed/


FakesApp: A Vulnerability in WhatsApp

As of early 2018, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groupsand 65 billion messages sent every day. With so much chatter, the potential for online scams, rumours and fake news is huge. It doesn’t help then, if threat actors have an additional weapon in their arsenal to leverage the platform for their malicious intentions.

https://research.checkpoint.com/fakesapp-a-vulnerability-in-whatsapp/


Cyberattack lands Ship in Hot Water

On Monday 8 July 2019 the Coast Guard issued a Marine Safety Alert reporting a successful malware attack on a vessel back in February.

https://nakedsecurity.sophos.com/2019/07/11/cybersecurity-attack-lands-ship-in-hot-water/


Malicious apps pose as popular FaceApp to steal Personal Data

The latest hype around the FaceApp application has attracted scammers who want to make a quick profit.

https://www.welivesecurity.com/2019/07/19/faceapp-spotlight-scams-emerge/


Recent massive malvertising campaign run from Hong Kong

This blog post explores the techniques and tactics of a persistent malvertiser that operates under a company called “fiber-ads”. We provide an overview of the metrics behind their current and historic activity, a glimpse into their infrastructure, and some details around the impact from exposure to their campaigns.

https://blog.confiant.com/hong-kong-based-malvertiser-brokers-traffic-to-fake-antivirus-scams-over-100-million-ads-300e251eff06


Nearly Half of all Phishing Attacks are Polymorphic

Nearly one in two phishing attacks are polymorphic, according to research by IRONSCALES. The self-proclaimed world's first automated phishing prevention, detection and response platform identified 11,733 email phishing attacks that underwent at least one permutation over 12 months, with 52,825 permutations impacting 209,807 inboxes across the world.

https://www.infosecurity-magazine.com/news/half-phishing-attacks-are/


One Year on, EU's GDPR Sets Global Standard for Data Protection

The EU's strict data laws have set the global benchmark for protecting personal information online since coming into force a year ago, but some worry that many users have barely noticed the change.

https://www.securityweek.com/one-year-eus-gdpr-sets-global-standard-data-protection


Spam and Phishing in Q1 2019

An overview of the most reported Spam and Phishing emails doing the rounds at the start of 2019. Do you recognise any of them?

https://securelist.com/spam-and-phishing-in-q1-2019/90795/


Five key cyber-threat terms explained

As cyber security, and specifically cyber threats, are becoming more imminent worldwide, the shipping industry gets affected as well. In order to help understand some of the basic terminology of cyber-attacks, the Korean Register of Shipping explains what five key cyber terms mean.

https://safety4sea.com/five-key-cyber-threat-terms-explained/


Another day, another large company, another Ransomware attack....

Big Norwegian Aluminum Producer Suffers Extensive Cyber Attack. Company says attack originated in U.S.; some plants halted.

Norsk Hydro ASA, one of the world’s biggest aluminum producers, suffered production outages after a cyber attack affected operations across Europe and the U.S.

https://www.bloomberg.com/news/articles/2019-03-19/hydro-says-victim-of-extensive-cyber-attack-impacting-operations-jtfgz6td


CIA blackmail?

A recent spate of phishing attacks trying to blackmail people into paying extortion fees to an annonymous address using the untraceable cryptocurrency Bitcoin ( a type of money using numbers rather than printed paper or minted coins ) have been circulating. The nature of these phishing emails can be quite disturbing as they invoke fear, uncertainty and doubt (FUD). How can you report this when it suggests you have been involved in abhorent activities? If you tell someone, will they believe you? When mud can stick, who can you trust to know you?

They claim to have so much information on you. With fake news abounding, it would be feasible to actually create content that could make you look guilty even if not.

So how can you protect yourself?

Firstly, don't panic and NEVER respond to the email or send money. As soon as you do, they know they have found a live person who is willing to respond. You will become a target for more attempts to extort money.

Delete the email. You don't want it hanging around where it could play on your mind, or someone else find it and wonder what is going on.

Decide if you want to report it. Googling your local law enforcement should provide an address to which you can report it. If you would prefer, you can forward the email to Pelion and we can advise on a course of action.


CIA phish

Children's smartwatch recalled over data fears

The European Commission has ordered the recall of a children's smartwatch because it leaves them open to being contacted and located by attackers. In its recall alert, the Commission said the Enox Safe-Kid-One device posed a "serious" risk. Data sent to and from the watch was unencrypted allowing data to be easily taken and changed, it said. Enox said the decision was "excessive" and added that it had appealed against the ruling. The recall is believed to be the first issued because a product does not protect user data.

https://ec.europa.eu/consumers/consumers_safety/safety_products/rapex/alerts/?event=viewProduct&reference=A12/0157/19&lng=en


Hackers Dump Data on Merkel, Politicians in Giant German Leak - Phished!

We know the EU and inparticular Germany take the protection of their personal information very seriously, so imagine their shock to find their personal data dumped on hacker websites!

According to Bloomberg News, Email addresses, mobile phone numbers, and personal chat transcripts, where released via Twitter by "G0d" from Hamburg. "G0d" described as “security researching,” “artist” and “satire & irony.” organized what appears to be the biggest ever data leak on German politicians, media personalities and YouTube stars.

https://www.bloomberg.com/news/articles/2019-01-04/hackers-release-personal-data-of-hundreds-of-german-politicians

This particular hack looks to have started with social engineering Facebook and then downloading all the data Facebook had collected. It's surprising what can be found in your Facebook data, even personal voice messages can be found.

It is recommended you download and review the information colected on you and ensure only what you want on Facbook is on Facebook. Check your Facbook privacy setttings to ensure only what you want is shared with who you want.


Hot Tub PWN machine

No username, no password, internet connected hot tubs are to easy to hack

An app on your phone allows you to warm up, start the jets and basically set it up your way so when you get to the tub, all you have to do, is get in. However as the app has no username or password, all you need is the address of the card in the tub and you have full control. These addresses are all to easy to find on hacker sites like #pastebin. Enjoy the video



Meet Cayla; the interactive doll... or is she a spy?

Cayla

My Friend Cayla can be hacked even if you do follow the instructions!

Imagine if you would, a child with this toy being instructed to hide it in the boardroom and retrieve it tomorrow in reward for a new song to be played. Just one of the possible scenarios where toys can be turned into the tools of hackers. Rememeber anything connected with a camera, microphone or speakers can be used in ways that the manufacturer did not intend. These are cheap IoT devices and security is often a cost factor that outweighs what they preceive as the risk. You may think different.


Malware & Cyber Espionage Predictions for 2019

Vaporworms: New breed of self-propagating fileless malware to emerge in 2019

WatchGuard Technologies’ information security predictions for 2019 include the emergence of vaporworms, a new breed of fileless malware with wormlike properties to self-propagate through vulnerable systems, along with a takedown of the internet itself and ransomware targeting utilities and industrial control systems.


Cyber attack cost Maersk $300 million

Maersk CEO Soren Skou: Ransomeware cyber attack led to predominant loss of business.

Maersk were lucky to be able to recover their entire systems authentication data from ONE server that happened to be offline due to a power outage. Without this, they may never have recovered. In the end, they managed to ship the server to a data center from where they recoverd 4000 servers and 45000 workstations.

Don't be "collateral damage" in the ransomeware wars. They are indiscriminate, hitting any soft target just as that which hit the NHS in the UK.


Cyber crime the biggest threat to superyacht security!

Newer superyachts use a Controller Area Network (CAN) Bus to connect on-board systems, from navigation to engines and control systems, making this the prime target of remote attacks. To magnify this weakness, the control systems such as Systems and Supervisory Control and Data Acquisition SCADA were developed without consideration for security, which lead to serious compromises such as the destruction of centifuges in Iran's nuclear program. Talk with us today to learn more.


Why be a pirate when you can be a hacker?

With more and more superyachts now having WiFi internet everywhere, pirates are moving from the very risky direct attacks to the easier route of cyber crime. One yacht owner suffered a loss of $150,000 from one such attack, whilst others have been blakmailed after photos taken onboard were stolen remotely. Tracking yachts via sites such as Marine Traffic,https://www.marinetraffic.com/en/ais/home/centerx:-12.0/centery:25.0/zoom:4enables to wardrive by rich targets to see what they can sniff on the WiFi,