Three waves of DNS hijacking attacks against consumer routers have been linked back to Google Cloud Platform abuse. Hackers have been abusing Google’s cloud computing service to redirect and intercept web and mail traffic on an array of vulnerable consumer routers. A researcher said that he has seen the Google Cloud Platform being abused to carry out three separate waves of DNS ...
Read More »Author Archives: firewalltraining
74 Facebook groups for cybercriminals found
There are Facebooks groups for moms, people who like trains, or old photographs of Chicago so it should come as no surprise that cybercriminals also use the social media network to discuss what they like. Cisco Talos found 74 Facebook groups with more than 385,000 members with dedicated to acts ranging from shady to illegal. “In all, Talos has compiled ...
Read More »London Blue group’s Business Email Compromise (BEC) scams target Asia
London Blue scammers were spotted running BEC scams against employees in Asia who are working for companies in the US, Australia, or Europe. London Blue scammers are spoofing the email address of the target company’s CEO in order to add more authenticity to their scam emails. What is the issue – London Blue scammers were spotted running BEC scams against employees ...
Read More »Facebook Data of Millions Exposed in Leaky Datasets
Researchers say that two publicly exposed dataset are leaking Facebook data- from user names to plaintext passwords. Hundreds of millions of Facebook records – including account names, personal data, and more – have been found in two separate publicly-exposed app datasets. The first publicly-exposed dataset originates from a Mexico-based media company, Cultura Colectiva, and contains over 540 million records including ...
Read More »Google researcher finds zero-day in P-Link SR20 router smart home hub
Google security researcher Matthew Garrett publicly released a zero day vulnerability he discovered in the TP-Link SR20 router smart home hub in one device. The device is designed to integrate with a user’s home automation kit that allows them to use the device as the core of their home network and to work with other smart devices. The vulnerability could ...
Read More »Group-IB report: JS-sniffers infected 2440 websites around the world
Crime without punishment: Group-IB issues a new report on JS-sniffers that infected 2440 websites around the world Group-IB, an international company that specializes in preventing cyberattacks, has issued a new comprehensive report on the analysis of JavaScript-sniffers – a type of malware designed to steal customer payment data from online stores. 2440 infected ecommerce websites with a total of around 1.5 million unique daily ...
Read More »The FBI Takes Too Long to Alert Victims of Cyberattacks
In one instance, agents waited nine months to tell a company it had been breached, according to an internal watchdog. The FBI takes too long to notify groups when they’ve succumbed to cyberattacks, and the alerts those victims receive are often sparse on useful information, according to an internal watchdog. The Justice Department Inspector General found the bureau’s reliance on ...
Read More »Rockwell Automation, Panduit, and Cisco open Manufacturing Advanced Technology Center in Mexico City
MEXICO CITY, 28 March 2019.- Rockwell Automation, Panduit and Cisco, with special collaboration with Tecnologico de Monterrey, EY and Unified announced today the opening of their Manufacturing Advanced Technology Center (MATC) in Mexico City. The MATC showcases how companies in the automotive, mining, food & beverage and cementing industries can embrace the future now by establishing their digital journey for ...
Read More »NSA-style backdoor in Huawei laptops found by Microsoft
The Microsoft Defender Advanced Threat Protection (ATP) service featured in Windows 10 version 1809 alerted researchers to an NSA-inspired backdoor vulnerability in Huawei laptops. The Microsoft Defender Advanced Threat Protection (ATP) service featured in Windows 10 version 1809 alerted researchers to an NSA-inspired backdoor vulnerability in Huawei laptops. The PCManager software included in some Huawei’s Matebook systems allows unprivileged users ...
Read More »Toyota suffered a data breach compromising sales information of almost 3.1 million customers
Hackers breached Toyota’s IT systems and gained unauthorized access to servers that contained sales information of almost 3.1 customers. The accessed data belongs to several sales subsidiaries such as Toyota Tokyo Sales Holdings, Tokyo Tokyo Motor, Tokyo Toyopet, Toyota Tokyo Corolla, Nets Toyota Tokyo, Lexus Koishikawa Sales, Jamil Shoji (Lexus Nerima), and Toyota West Tokyo Corolla. What is the issue ...
Read More »