Protecting Your Cyber World With Real World Solutions

Online Sandbox Services Used to Exfiltrate Data: Researcher

This entry was posted in SecurityNews on March 20, 2018 by

Attackers can use online sandbox services to exfiltrate data from an isolated network, a SafeBreach security researcher has discovered.

The new research is based on the discovery that cloud anti-virus programs can be exploited for data pilfering. Last year, SafeBreach Labs’ Itzik Kotler and Amit Klein demonstrated proof-of-concept (PoC) malware abusing this exfiltration method, and said it would work even on endpoints that have no …read more

Via:: Security Week

Trending
Current
CSO
Did you Know?

Hive ransomware servers shut down at last, says FBI

Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"... [...]

Dutch suspect locked up for alleged personal data megathefts

Undercover Austrian "controlled data buy" leads to Amsterdam arrest and ongoing investigation. Suspect is said to steal and sell all sorts of data, including medical records. [...]

S3 Ep119: Breaches, patches, leaks and tweaks! [Audio + Text]

Lastest episode - listen now! (Or read the transcript.) [...]

GoTo admits: Customer cloud backups stolen together with decryption key

We were going to write, "Once more unto the breach, dear friends, once more"... but it seems to go without saying these days. [...]

Apple patches are out – old iPhones get an old zero-day fix at last!

Don't delay, especially if you're still running an iOS 12 device... please do it today! [...]

Serious Security: How dEliBeRaTe tYpOs might imProVe DNS security

It's a really cool and super-simple trick. The question is, "Will it help?" [...]

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line. [...]

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. [...]

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. [...]

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. [...]

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. [...]

Twitter Whistleblower Complaint: The TL;DR Version

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. [...]

Hackers abuse legitimate remote monitoring and management tools in attacks

Security researchers warn that an increasing number of attackers are using legitimate remote monitoring and management (RMM) tools in their attacks to achieve remote access and control over systems. These tools are commonly used by managed service providers (MSPs) and IT help desks so their presence on an organization's network and systems might not raise suspicion.Researchers from Cisco Talos reported this week that one particular commercial RMM tool called Syncro was observed in a third of the incident response cases the company was engaged in during the fourth quarter of 2022. However, this wasn't the only such tool used.To read… [...]

FBI takes down Hive ransomware group in an undercover operation

The US Department of Justice (DOJ) along with international partners has taken down the Hive ransomware group. The operation that began in July 2022 resulted in the FBI penetrating Hive’s computer networks, capturing its decryption keys, and offering them to victims worldwide, preventing victims from having to pay the $130 million in ransom demanded, DOJ said in a release on Thursday. “Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world,” Attorney General Merrick B. Garland said in the… [...]

The CSO guide to top security conferences

There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts.Fortunately, plenty of great conferences are coming up in the months ahead.If keeping abreast of security trends and evolving threats is critical to your job — and we know it is — then attending some top-notch security conferences is on your must-do list for 2023.From major events to those that are more narrowly focused, this list from the… [...]

BrandPost: 3 Best Practices for Building Security Resilience

Only 37% of organizations responding to a recent Cisco survey said they’re confident they can remain resilient in the event of a worst-case security incident.That’s not surprising, given the rapidly increasing volume of endpoints distributed across complex IT architectures. Hybrid workforces combined with diverse IT infrastructures continue to make security resilience a daunting task.“We don’t secure everything, everywhere, or otherwise business wouldn’t get done,” said Helen Patton, CISO, Cisco Security Business Group. “But security resilience will allow you to focus your security resources on the pieces of the business that add the most value to an organization and ensure that… [...]

9 API security tools on the frontlines of cybersecurity

Application programming interfaces (APIs) have become a critical part of networking, programs, applications, devices, and nearly everything else in the computing landscape. This is especially true for cloud and mobile computing, neither of which could probably exist in its current form without APIs holding everything together or managing much of backend functionality.Because of their reliability and simplicity, APIs have become ubiquitous across the computing landscape. Most organizations probably don’t even know how many APIs are operating within their networks, especially within their clouds. There are likely thousands APIs working within larger companies and even smaller organizations probably rely on more… [...]

Recent legal developments bode well for security researchers, but challenges remain

Despite the hoodie-wearing bad guy image, most hackers are bona fide security researchers protecting users by probing and testing the security configurations of digital networks and assets. Yet the law has often failed to distinguish between malicious hackers and good-faith security researchers.This failure to distinguish between the two hacker camps has, however, improved over the past two years, according to Harley Geiger, an attorney with Venable LLP, who serves as counsel in the Privacy and Data Security group. Speaking at Shmoocon 2023, Geiger pointed to three changes in hacker law in 2021 and 2022 that minimize security researchers' risks.To read… [...]

North Korean cryptocurrency hackers expand target list

North Korean cryptocurrency hackers expand target list l33tdawg Wed, 01/25/2023 - 10:18 [...]

Ukraine deepens NATO cyber partnership

Ukraine deepens NATO cyber partnership l33tdawg Wed, 01/25/2023 - 10:18 [...]

China Is the World’s Biggest Face Recognition Dealer

China Is the World’s Biggest Face Recognition Dealer l33tdawg Wed, 01/25/2023 - 10:18 [...]

Fearing ChatGPT, Google enlists founders Brin and Page in AI fight

Fearing ChatGPT, Google enlists founders Brin and Page in AI fight l33tdawg Wed, 01/25/2023 - 10:18 [...]

2023 MacBook Pro review: A refined second generation

2023 MacBook Pro review: A refined second generation l33tdawg Wed, 01/25/2023 - 10:18 [...]

China aims to grow local infosec industry by 30 percent a year, to $22 billion by 2025

China aims to grow local infosec industry by 30 percent a year, to $22 billion by 2025 l33tdawg Mon, 01/16/2023 - 08:12 [...]