Saturday, January 5, 2013

PNC still faces ongoing denial of service attacks...... other hack news of note......

http://www.esecurityplanet.com/network-security/pnc-bank-acknowledges-ongoing-cyber-attacks.html


PNC Bank Acknowledges Ongoing Cyber Attacks

The bank says the denial of service attacks may be making it hard for customers to access online banking services.

PNC Bank recently e-mailed its customers to apologize for continuing problems they may be experiencing in trying to access their accounts online.
"PNC and a few other large U.S. banks have been hit with occasional denial-of-service attacks since a cyber hacking group said on Dec. 10 that it planned to launch an assault," writes The Pittsburgh Tribune-Review's Alex Nixon. "The same group, calling itself al Qassam Cyber Fighters Group, hit PNC and other banks in September, crippling PNC‘s website for two days."
"'PNC has taken steps to block this traffic and maintain online and mobile banking access for the vast majority of its customers,' the bank said in the customer email sent last night. 'In some cases, those measures also may have blocked access to a small percentage of legitimate PNC customers for an extended period,'" writes The Pittsburgh Post-Gazette's Patricia Sabatini.
"The email said the issue is of access and not security, and customers' accounts are protected," writes The Pittsburgh Business Times' Paul J. Gough. "If access is blocked, the email suggested either trying to log on again or contacting the bank."
"A PNC spokesman said that 'the vast majority of our customers largely have had uninterrupted access to our online banking system,' and that the bank is working one-on-one with customers that have been prevented from accessing the site," writes American Banker's Chris Cumming.


http://www.esecurityplanet.com/malware/survey-malware-could-be-portent-of-bigger-threats.html

Survey Malware Could Be 'Portent' of Bigger Threats

Malware that uses a pop-up window to hijack a user's machine and asks them to take a survey could lead to more serious demands, says Malwarebytes' lead analyst.

Hackers are always finding new ways of getting PC users to give up information or money. Recently they've appropriated an annoying but usually innocuous online fixture, a pop-up window that asks users to complete a survey, for their nefarious activities.
According to Adam Kujawa, a lead analyst for Malwarebytes, this malware employs ransomware-like tactics to keep the window in the center of the screen. Users are unable to minimize it, and the window will cover all other windows the user opens, including videos, games and Web browsers. And, he said, the window can also cover the Malwarebytes installation interface so it’s difficult to run a scan against the malware.
Users are asked to take a survey or accept a "special offer" to unlock their systems.
The only way to eliminate the window is by using keyboard shortcuts such as the Windows key, Ctrl and 1, Kujawa said."Point-and-click methods won't work." Malwarebytes security software also can be run from a PC's command line, he added.
While individual users are more likely than groups of enterprise users to be victimized by this malware, "if a company hasn't secured its systems well enough, a vector used to infect one system could conceivably affect the rest of the network," Kujawa said.
Though it's difficult to determine which group or groups might be behind this variant of malware, Kujawa said it could be Russian organized crime gangs that are "known to use this kind of malware, or any malware, if they think they can get enough money from people."

Sign of More Sophisticated Security Threats

Malwarebytes saw a "huge increase" in malware in 2012, he said. The security company believes at least 2,000 new variants of malware are created every hour of every day, many of which are spread via infected email messages or offers to download free software. According to Malwarebytes, malware led to a loss of some $5 million last year.
MalwareSurvey
Malwarebytes isn't the only security company that has noted an increase in this kind of malware activity. Symantec in November published research that found ransomware has become increasingly effective over the course of the last year and is set to become a major security trend to watch in 2013.
Hackers change their methods frequently in an effort to stay ahead of "good guys" like Malwarebytes and other security companies, Kujawa said. In addition to being "incredibly annoying," Kujawa worries the survey-based malware could be "a portent of much larger threats."
"The possibilities are kind of infinite in terms of what you could make a user do if their system is being held hostage," he said, mentioning that users could be forced to host illegal files, for instance. "Where does it end?" he asked.
This type of malware is especially insidious, he said, because "many of us are online, all the time, and it's a pretty big deal when we cannot access our devices."
Ann All is the editor of eSecurity Planet and Enterprise Apps Today.


http://www.esecurityplanet.com/hackers/hackers-steal-3000-classified-japanese-government-documents.html

Hackers Steal 3,000 Classified Japanese Government Documents

Several of the confidential documents were related to negotiations over the TPP free trade agreement.

A recent cyber attack on Japan's Ministry of Agriculture, Forestry and Fisheries apparently resulted in the theft of more than 3,000 classified documents, including several related to negotiations over the Trans-Pacific Partnership (TPP) free trade agreement.
"The stolen documents are suspected to be internal ministry materials created just before the Asia-Pacific Economic Cooperation (APEC) summit on November 2011 and before a Japan-U.S. meeting concerning the TPP on April 2012," writes The Japan Daily Press' Ida Torres. "One document contained a draft statement to be issued by then Prime Minister Yoshihiko Noda and U.S. President Barack Obama regarding the TPP. More than 20 of the files believed to be stolen are highly confidential documents related to Japan’s roadmap for participating in the TPP talks as well as analysis of the consequences of delaying a decision to join it."
"The attack on the Japanese Ministry apparently involved a remotely operated trojan along with a connection bouncer called 'HTran,'" writes PCMag.com's Max Eddy. "Dell's SecureWorks has looked at HTran before, and believe it was originally created by a Chinese hacker to conceal the location of command and control servers and 'redirect TCP traffic destined for one host to an alternate host.'"
"The National Information Security Center of the Cabinet Secretariat discovered about one year ago that suspicious transmissions involving HTran had occurred at the ministry," The Daily Yomiuri reports. "An information security expert said HTran is often used in cyber-attacks to steal information, as it can send data secretly. The program was also used to steal data from the Finance Ministry, as HTran data transmissions were discovered to have taken place from October 2010 to November 2011, the sources said."
"Initially, the ministry didn’t contact the police, despite the fact that the intrusion fell under the Unauthorized Access Prohibition Law," writes Softpedia's Eduard Kovacs. "However, now, the police have launched their own investigation to determine what information has been compromised."

No comments:

Post a Comment