10-14-16 a malware-laden flash drive isn’t the only way to attack an ATM. Here’s another example: This one lets crooks grab the cash from several ATMs at once.
The attack still requires physical access, but it makes use of a device crafted to hook into the network instead of the ATM; the device connects the bank’s network to a server operated by criminals. This server mimics a processing center controlling all transactions carried out via the ATMs located on the same network. Such an action is possible if the network isn’t segmented and if the security settings have errors. https://www.kaspersky.com/blog/atm-attacks-2/15160/
...............................................................................................................................
The CIA wrote code to impersonate Kaspersky Labs in order to more easily siphon off sensitive data from hack targets, according to leaked intel released by Wikileaks on Thursday. Forged digital certificates were reportedly used to "authenticate" malicious implants developed by the CIA. Wikileaks said:
Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.
Eugene Kaspersky, chief exec of Kaspersky Lab, sought to reassure customers. "We've investigated the Vault 8 report and confirm the certificates in our name are fake. Our customers, private keys and services are safe and unaffected," he said.
Hackers are increasingly abusing digital certs to smuggle malware past security scanners. Malware-slinging miscreants may not even need to control a code-signing certificate. Security researchers from the University of Maryland found that simply copying an authenticode signature from a legitimate file to a known malware sample – which results in an invalid signature – can result in antivirus products failing to detect it. https://www.theregister.co.uk/2017/11/10/cia_kaspersky_fake_certs_ploy/
.......................................................................................................................................................
3-8-17 WikiLeaks claimed the latest haul, which it dubbed 'Vault 7, Year Zero', exposed the agency’s entire hacking tool kit.
It said this constituted an even bigger and more significant breach of US intelligence than the National Security Agency files leaked by analyst Edward Snowden.
Snowden, who fled to Russia in 2013 after the Justice Department announced two charges of breaching the Espionage Act of 1917, tweeted yesterday that the latest trove of files is a 'genuinely a big deal'.
No comments:
Post a Comment