Category: News

Banking’s Digital Future Raises Security Concerns

Posted on 25 August 2021

From securityboulevard.com

open banking Endpoint security financial services

As the global financial services industry undergoes a seismic shift, disruption is prompting the industry to replace traditional practices, with emphasis on the inevitable digital future banks will have to embrace.

In a report from Deloitte, nearly three-quarters (73%) of respondents said they fear their organizations would lose competitive advantage if they fail to adopt blockchain and digital assets.

However, even as new payment options represent a “very important” role for digital assets in their organizations, there are a multitude of cybersecurity issues looming unresolved on the horizon.

Read more…

Analysis of Ragnarok Ransomware Money Laundering Case Using DeFi Coin

Posted on 25 August 2021

From malware.news

Executive Summary

  • Analyze the bitcoin payment address of the Ragnarok ransomware
  • Ragnarok transfers bitcoin to renBTC, performs a coin swap, and finally withdraws to Binance and Huobi exchanges
  • Confirmation of 5 Bitcoin addresses used by Ragnarok ransomware to send renBTC and 2 Ethereum addresses used for coin swap

Detailed analysis

1. Abstract

  • Ragnarok ransomware negotiates with victims via email
  • Confirm payment address through the ransom notes email contact (2021–07–28)
  • Payment address : 1HQeCCR7Vhfm6PWEhWj3NuYcSNVuLDRb24
  • Price : 2.8 BTC
  • Contact mail : christian1986@tutanota.com

Read more…

JavaScript-based BlueCrab Ransomware Has Stopped?

Posted on 25 August 2021

From malware.news

The distribution of BlueCrab (Sodinokibi and REvil) ransomware exploiting JavaScript has stopped since July 13th, 2021. There have been many cases of the distribution being stopped and then resumed after going through changes, but this is the first time to have it stopped for such a long period.

BlueCrab ransomware is distributed through forum posts disguised as file download pages. When users download and run the JS file, the script downloaded through C2 is executed, infecting the system with ransomware.

Read more…

7 Ways to Secure Magento 1

Posted on 25 August 2021

From securityboulevard.com

While unpatched installations of Magento 2 contain many vulnerabilities, I’m going to focus my attention on Magento 1 for this article. This is because Magento 2 provides regularly updated patches for many of the most common vulnerabilities targeting the platform. While Magento 1 also contains patches for many known vulnerabilities, those patches are not currently maintained.

Magento 1 reached its end-of-support on June 30, 2020. When Magento 2 was released, the focus was to improve security, include speed improvements, support the latest PHP installations, include SEO optimizations and provide a more user-friendly interface.

Read more…

Pegasus spyware: Zero-click iMessage attack bypasses iOS 14 protections

Posted on 25 August 2021

From en.secnews.gr

Pegasus spyware Zero-click iMessage

More than 180 journalists around the world have fallen victim to various operators of the now known Pegasus spyware, developed by the Israeli companyNSO Group. New research reveals that Apple devices are back in danger, as they are many vulnerabilities that can be exploited by Pegasus spyware even when users are running iOS 14 on their device.

Read more…

New SideWalk Backdoor Targets U.S.-based Computer Retail Business

Posted on 25 August 2021

From thehackernews.com

SideWalk Backdoor

A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a Chinese advanced persistent threat group primarily known for singling out entities in East and Southeast Asia.

Slovak cybersecurity firm ESET attributed the malware to an advanced persistent threat it tracks under the moniker SparklingGoblin, an adversary believed to be connected to the Winnti umbrella group, noting its similarities to another backdoor dubbed Crosswalk that was put to use by the same threat actor in 2019.

Read more…

Most Important Web Server Penetration Testing Checklist

Posted on 22 August 2021

From gbhackers.com

webserver

Web server pentesting performing under 3 major category which is identity, Analyse, Report Vulnerabilities such as authentication weakness, configuration errors, protocol Relation vulnerabilities.

 1.  “Conduct a serial of methodical and Repeatable tests “ is the best way to test the web server along with this to work through all of the different application Vulnerabilities.

2.  “Collecting as Much as Information” about an organization Ranging from operation environment is the main area to concentrate on the initial stage of web server Pen testing.

3.  Performing web server Authentication Testing, use Social engineering techniques to collect the information about the Human Resources, Contact Details, and other  Social Related information.

Read more…