BU-CERT – Bournemouth University Computer Emergency Response Team

New Visa payment security services help defend against evolving threats

Posted on 22 August 2019

From helpnetsecurity.com

Visa announced a suite of innovative security capabilities to help prevent and disrupt payment fraud, breaking new ground in cybersecurity and fraud prevention.

The new payment security services and capabilities help protect the integrity of the payments ecosystem by detecting and disrupting fraud threats targeting financial institutions and merchants, as revealed at the Visa U.S. Security Summit 2019, a forum bringing together payment industry experts from risk, business and operational departments of financial institutions, merchants, processors and other payment service providers.

Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics

Posted on 22 August 2019

From thehackernews.com

Silence APT, a Russian-speaking cybercriminal group, known for targeting financial organizations primarily in former Soviet states and neighboring countries is now aggressively targeting banks in more than 30 countries across America, Europe, Africa, and Asia.

Active since at least September 2016, Silence APT group’s most recent successful campaign was against Bangladesh-based Dutch-Bangla Bank, which lost over $3 million during a string of ATM cash withdrawals over a span of several days.

According to a new report Singapore-based cybersecurity firm Group-IB shared with The Hacker News, the hacking group has significantly expanded their geography in recent months, increased the frequency of their attack campaigns, as well as enhanced its arsenal.

DoS attacks against most used default Tor bridges could be very cheap

Posted on 22 August 2019

From securityaffairs.co

Researchers explained that carrying out attacks against the most used default Tor bridges would cost threat actors $17,000 per month.

According to security researchers Rob Jansen from the U.S. Naval Research Laboratory, and Tavish Vaidya and Micah Sherr from Georgetown University, launching denial-of-service (DoS) attacks against most commonly used default Tor bridges would cost attackers $17,000 per month.

DoS attacks could be used for preventing users to access the popular anonymizing network or to carry out attacks to de-anonymize Tor users with techniques such as traffic correlation.

For a modest sum, threat actors could target Tor bridges saturating their resources and causing significant degradation of network performance.

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Posted on 22 August 2019

From prodefence.org

A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries?

A cybersecurity issue can cause unexpected costs in several different areas. In addition to the monetary costs associated with things like lost productivity and improving network security to reduce the likelihood of future incidents, affected companies have to deal with the costs tied to reduced customer trust and damaged reputations.

It’s not always easy or straightforward to pinpoint the overall costs of recovering from a cyberattack. The totals also vary by industry. However, here’s some research that illuminates the various financial impacts for these four sectors.

Nasty Botnet Neutrino Caught Hacking Other Hackers’ Web Shells

Posted on 22 August 2019

From prodefence.org

A crypto mining botnet operation, going for almost a year, is hijacking web shells of other hackers, according to report from Positive Technologies. Researchers have linked the source of the dangerous botnet to Neutrino gang.

Back in 2017, Neutrino (aka Kasidet) was a dangerous trojan that launched DDoS attacks, recorded keystrokes and installed malware on desktops. However, the people behind Neutrino went off the radar for a long time.

However, it appears like the group is back. And this time, its target seems to be other malware botnet’s infected hosts. According to the researchers at Positive Technologies, Neutrino has been searching the web for different types of PHP web shells to hijack.

Web shells are malicious scripts that hackers plant in web applications that they have already compromised. The purpose is to maintain persistent access to enable malicious tasks remotely.

Identifying vulnerable IoT devices by the companion app they use

Posted on 22 August 2019

From helpnetsecurity.com

For better or worse, connected “smart” devices are springing up like mushrooms. There is no doubt that they can be very helpful but, unfortunately, most have a slew of security vulnerabilities that could turn them into a nightmare.

Until legislation catches up and manufacturers start caring about implementing security from the start, security researchers are our only hope when it comes to improving IoT security. Consequently, every approach that makes the process of identifying as many vulnerable devices as quickly as possible is more than welcome.

A group of researchers from Indiana University Bloomington and Symantec Research Labs have recently unveiled the promising result of one such approach: they’ve analyzed 2,081 IoT companion apps and confirmed that at least 164 IoT devices from 38 different vendors were definitely vulnerable.

T-Mobile hit by hours-long nationwide outage

Posted on 22 August 2019

From techcrunch.com

T-Mobile customers across the U.S. said they couldn’t make calls or send text messages following an outage.

We tested with a T-Mobile phone in the office. Both calls to and from the T-Mobile phone failed. When we tried to send a text message, it said the message could not be sent. Access to mobile data appeared to be unaffected.

The outage began around 6pm ET.