Articles for July 2017

One. Lousy. Click.

Source: One lousy click: the phishing blunder that sank an entire product

Like I said… it is easy money… just only for the guys who are stealing it.

More Ethereum Stolen!

An unknown hacker has just stolen nearly $8.4 Million worth of Ethereum – one of the most popular and increasingly valuable cryptocurrencies – in yet another Ethereum hack that hit Veritaseum’s Initial Coin Offering (ICO).

This incident marks as the fourth Ethereum hack this month and second cyber attack on an ICO, following a theft of $7 Million worth of Ether tokens during the hack of Israeli startup CoinDash’s initial coin offering last week.

Read more here.

Six months after it was discovered, the first Mac malware of the year is still causing a stir.

The recently discovered Fruitfly malware is a stealthy but highly-invasive malware for Macs that went undetected for years. The controller of the malware has the capability to remotely take complete control of an infected computer — files, webcam, screen, and keyboard and mouse.

Source: New details emerge on Fruitfly, a near-undetectable Mac backdoor

Still think mining crypto currency is easy money… maybe just easy money for someone else.

An unknown hacker has just stolen nearly $32 million worth of Ethereum – one of the most popular and increasingly valuable cryptocurrencies – from Ethereum wallet accounts linked to at least three companies that seem to have been hacked.

This is the third Ethereum cryptocurrency heist that came out two days after an alleged hacker stole $7.4 million worth of Ether from trading platform CoinDash, and two weeks after an unknown attacker hacked into South Korean cryptocurrency exchange Bithumb and stole more than $1 Million in Etherand Bitcoins from user accounts.

Read more here.

As part of its ongoing Vault 7 leaks, the whistleblower organisation WikiLeaks today revealed about a CIA contractor responsible for analysing advanced malware and hacking techniques being used in the wild by cyber criminals.

According to the documents leaked by WikiLeaks, Raytheon Blackbird Technologies, the Central Intelligence Agency (CIA) contractor, submitted nearly five such reports to CIA as part of UMBRAGE Component Library (UCL) project between November 2014 and September 2015.

These reports contain brief analysis about proof-of-concept ideas and malware attack vectors — publically presented by security researchers and secretly developed by cyber espionage hacking groups.

Read more here.

How quickly do you push the big red Delete button on someone’s access after they leave?

Source: Access all areas – but for how long after you’ve left the company?

Ouch…

Ashley Madison, an American most prominent dating website that helps people cheat on their spouses has been hacked, has agreed to an $11.2 Million settlement for roughly 37 million users whose personal details were exposed in a massive data breach two years ago.

Though the parent company of Ashley Madison, Ruby Corp., denies any wrongdoing, the company has pledged to pay around $3,500 to each of the hack’s victims for the settlement.

Read more here.

Not cool…

An entire generation of PCs, most only three or four years old, are now unable to receive new feature updates to Windows 10. If Microsoft doesn’t deliver a patch within the next six to nine months, those PCs could be cut off from security fixes.

Source: Microsoft cuts off Windows 10 support early for some PCs | ZDNet