In case you are keeping track:
Hackers are targeting US auto industry, FBI says | fox5sandiego.com
WASHINGTON — The American automotive industry has been the target of malicious cyber actors since at least late 2018, according to an FBI report obtained by CNN.
In the bulletin disseminated this week to a select group of private companies, the FBI warned of efforts by hackers to successfully compromise auto industry computer systems using sophisticated techniques and by taking advantage of network vulnerabilities.
The cyber attacks “have resulted in ransomware infections, data breaches leading to the exfiltration of personally identifiable information, and unauthorized access to enterprise networks,” the FBI said.
Russia's 'Sandworm' Hackers Also Targeted Android Phones | WIRED
At the CyberwarCon conference in Arlington, Virginia today, Google security researchers Neel Mehta and Billy Leonard described a series of new details about Sandworm's activities since 2017 that ranged from its role in targeting the French Election to its attempt to disrupt the 2018 Olympics to—perhaps the most unlikely new example of Sandworm's tactics—attempting to infect large numbers of Android phones with rogue apps.
Google's investigation into Sandworm's Android targeting began in late 2017, around the same time when, according to threat intelligence firm FireEye, the hacker group appears to have begun its campaign to disrupt the Winter Olympics in Korea .
Microsoft: Iranian hacker group APT 33 homing in on ICS - Axios
Why it matters: The group, nicknamed APT 33, Refined Kitten and Elfin, has been known to use malware to damage computer systems in the past, leading the Microsoft researcher presenting the talk on Thursday, Ned Moran, to speculate that the hackers may be laying the groundwork for future destructive attacks on industrial systems.
To be clear: The group has also been associated with traditional, fact-finding and source producing espionage as well. It's tough to guess the endgame of most hackers from their opening moves.
Quite a lot has been going on:
Shopped online at Macy's? Hackers may know your credit card. - Chicago Tribune
Department store chain Macy's alerted customers that their personal and payment information may have been hacked on the retailer's website during a one-week period in October.
Macy's said it reported the incident to federal law enforcement after it found a suspicious third party who added unauthorized computer code on the retailer's website Oct. 7. In a letter sent to affected customers dated Nov. 14, Macy's said hackers potentially had access to customers' names, address, phone numbers and payment card information. According to the letter, Macy's removed the code Oct. 15.
Iran's APT33 Hackers Are Targeting Industrial Control Systems | WIRED
Microsoft ranked those targets by the number of accounts hackers tried to crack; Moran says about half of the top 25 were manufacturers, suppliers, or maintainers of industrial control system equipment. In total, Microsoft says it has seen APT33 target dozens of those industrial equipment and software firms since mid-October.
The hackers' motivation—and which industrial control systems they've actually breached—remains unclear. Moran speculates that the group is seeking to gain a foothold to carry out cyberattacks with physically disruptive effects. "They're going after these producers and manufacturers of control systems, but I don't think they're the end targets," says Moran. "They're trying to find the downstream customer, to find out how they work and who uses them.
How a bank got hacked (a study in how not to secure your networks) | CSO Online
Robbing a bank is easier than you might think, especially if you don't care which bank you rob, according to a "how to rob a bank" manifesto by the apparently vigilante hacker Phineas Phisher. The PwC incident response report , which Phineas Phisher leaked, backs up that claim. The report details the intrusion to management at the robbed bank, Cayman National Bank (Isle of Man) Limited (CNBIOM) and its sister company, Cayman National Trust Company (Isle of Man) Limited (CNTIOM).
Macy’s said hackers stole customer credit cards — again – TechCrunch
For the second time in as many years, Macy’s customers have been hit by a data breach involving countless numbers of credit cards.
In a filing with the California attorney general, the retail giant said hackers siphoned off customers’ names, addresses, and phone numbers, but also credit card numbers, card verification codes, and expiration dates by inserting malicious code on its website and quietly sending the stolen data back to the hackers.
Happening on Twitter
New - Huawei's bug bounty offers hackers $20,000 more than Google's comparable program... Could also be a useful… https://t.co/fwPusGGkTZ iblametom (from London) Mon Nov 18 10:57:29 +0000 2019
Think twice before using that random cable at an airport charging station or docking into that hotel USB port — hac… https://t.co/lxtH8UiKqP StaySafeOnline (from Washington, DC) Mon Nov 18 15:12:01 +0000 2019
No comments:
Post a Comment