What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-16 11:00:58 | X.com modifiant automatiquement le texte du lien mais pas les URL X.com Automatically Changing Link Text but Not URLs (lien direct) |
Brian Krebs rapporté Que X (anciennement connu sous le nom de Twitter) a commencé à modifier automatiquement les liens Twitter.com vers des liens X.com.Le problème est: (1) il a changé tout nom de domaine qui s'est terminé avec & # 8220; twitter.com, & # 8221;et (2) il n'a changé que l'apparence du lien (AnchOrtExt), pas l'URL sous-jacente.Donc, si vous étiez un phisher intelligent et un Fedtwitter.com inscrit, les gens verraient le lien comme FedEx.com, mais cela enverrait les gens à Fedtwitter.com.
Heureusement, le problème a été résolu.
Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,” and (2) it only changed the link’s appearance (anchortext), not the underlying URL. So if you were a clever phisher and registered fedetwitter.com, people would see the link as fedex.com, but it would send people to fedetwitter.com. Thankfully, the problem has been fixed. |
FedEx | ★★ | |
|
2024-04-10 14:28:17 | Le pivot maladroit de Twitter \\ à X.com est un cadeau pour Phishers Twitter\\'s Clumsy Pivot to X.com Is a Gift to Phishers (lien direct) |
Le 9 avril, Twitter / X a commencé à modifier automatiquement les liens qui mentionnent "Twitter.com" pour rediriger vers "x.com" à la place.Mais au cours des 48 dernières heures, des dizaines de nouveaux noms de domaine ont été enregistrés qui démontrent comment ce changement pourrait être utilisé pour élaborer des liens de phishing convaincants - comme Fedetwitter [.] Com, qui est actuellement rendu comme FedEx.com dans Tweets.
On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to redirect to "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links -- such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets. |
FedEx | ★★★ | |
 |
2023-11-10 08:04:20 | 2023 Prédictions de l'escroquerie de vacances, si ce que vous devez savoir 2023 Holiday Scam Predictions-Here\\'s What You Should Know (lien direct) |
\'Tis the season for cyberscams. As the holiday season nears, adversaries will try to take advantage of people\'s generosity and holiday spirit. That\'s why it\'s critical to be alert. While it\'s still early to detect and analyze seasonal trends, we anticipate to see several new and emerging techniques in attackers\' creativity and lures, along with tried-and-true tactics from previous holiday seasons. From generative AI that helps telephone-oriented attack delivery (TOAD) to multifactor authentication (MFA) bypass that leans on shipping alerts, here\'s a look at five holiday scam predictions. These are the tricks and trends that you might see evolve in this year\'s winter threat landscape. 1: Generative AI will make threat detection trickier What\'s blown up since last holiday season? A little thing called generative AI. This emerging technology might change the game of crafting emails that include those too-good-to-be-true offers. Phony shipping emails are always favorites for attackers, and they always become more frequent during the holidays. Nobody wants a problem with merchandise they\'ve ordered or packages they\'ve shipped. Last year, many holiday season shipping phishing attempts featured standard red flags, like grammatical errors and non-native language structure. These are easily detectable at a quick glance. But this year, we expect to see many attackers using generative AI to write their emails and texts, potentially reducing easy detection. So go a level deeper when you\'re trying to determine whether a holiday season shipping email is a scam. Take a closer look these emails and ask these questions: Is the message generic or personalized? Are you being asked for unnecessary sensitive information? Does the sender display name match the email address? (This is a safety checklist item that people learn in security awareness training.) Are you being asked to pay a fee to receive a package? (Note: In this case, it\'s best to refuse the delivery until you can confirm the shipment is legitimate.) 2: TOAD scams might get an AI boost TOAD has become part of the threat toolkit, as attackers push victims to take unsafe actions over the phone. Writing with generative AI could increase the believability of TOAD attacks that use a holiday playbook. Need to stop an expensive gift purchase on your credit card or accept a heavily discounted travel offer? Then, contact this (fake) call center! If an AI-generated email successfully imitates a legitimate company, it\'s more likely that the victim will dial the phone number they\'re directed to. Generative AI could also provide opportunities to expand holiday scams globally. For instance, every Christmas and New Year, we see English-language vacation scams that target a Western audience. But there is also a huge volume of travel and celebration for Lunar New Year in China, South Korea, Vietnam and Hong Kong. If attackers previously lacked cultural knowledge or language skills to target these populations, they might now use freely available AI tools to quickly research what experiences might feel meaningful and create holiday lures that are localized and enticing. Luckily, generative AI is unlikely to improve interaction with the fraudulent call center. If you call the TOAD number, red flags should still be detectable. For instance, be wary if the “operator” is: Clearly following a script. Pressuring you to take an action. Speaking in a regional accent that your security awareness training has taught you is where call center fraud often originates. 3: MFA bypass could surface more often MFA bypass surged in popularity last year, and we continue to see an increase in the number of lures that use this technique. The attacker steals account credentials in real time by intercepting the MFA short code when the victim types it into an account login page that is fake or compromised. Since MFA bypass is an ongoing threat trend, we expect to see the techniques applied this year to holiday- | Tool Threat Prediction | FedEx | ★★★ |
|
2023-07-11 11:57:46 | Confidentialité des services d'impression Privacy of Printing Services (lien direct) |
Le Washington Post a un Article sur les services d'impression populaires, et s'ils lisent ou non vos documents et exploitent les données lorsque vous les utilisez pour l'impression:
Idéalement, les services d'impression devraient éviter de stocker le contenu de vos fichiers, ou du moins de supprimer quotidiennement.Les services d'impression doivent également communiquer clairement à l'avance des informations qu'ils collectent et pourquoi.Certains services, comme la bibliothèque publique de New York et la gravure, font les deux.
D'autres ont esquivé nos questions sur les données qu'ils collectent, combien de temps ils les stockent et avec qui ils les partagent.Certains & # 8212; y compris Canon, FedEx et Staples & # 8212; ont refusé de répondre aux questions de base sur leurs pratiques de confidentialité ...
The Washington Post has an article about popular printing services, and whether or not they read your documents and mine the data when you use them for printing: Ideally, printing services should avoid storing the content of your files, or at least delete daily. Print services should also communicate clearly upfront what information they\'re collecting and why. Some services, like the New York Public Library and PrintWithMe, do both. Others dodged our questions about what data they collect, how long they store it and whom they share it with. Some—including Canon, FedEx and Staples—declined to answer basic questions about their privacy practices... |
FedEx | ★★ | |
 |
2023-06-27 13:00:00 | Cyberheistnews Vol 13 # 26 [Eyes Open] La FTC révèle les cinq dernières escroqueries par SMS CyberheistNews Vol 13 #26 [Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams (lien direct) |
CyberheistNews Vol 13 #26 | June 27th, 2023
[Eyes Open] The FTC Reveals the Latest Top Five Text Message Scams
The U.S. Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams. Phony bank fraud prevention alerts were the most common type of text scam last year. "Reports about texts impersonating banks are up nearly tenfold since 2019 with median reported individual losses of $3,000 last year," the report says.
These are the top five text scams reported by the FTC:
Copycat bank fraud prevention alerts
Bogus "gifts" that can cost you
Fake package delivery problems
Phony job offers
Not-really-from-Amazon security alerts
"People get a text supposedly from a bank asking them to call a number ASAP about suspicious activity or to reply YES or NO to verify whether a transaction was authorized. If they reply, they\'ll get a call from a phony \'fraud department\' claiming they want to \'help get your money back.\' What they really want to do is make unauthorized transfers.
"What\'s more, they may ask for personal information like Social Security numbers, setting people up for possible identity theft."
Fake gift card offers took second place, followed by phony package delivery problems. "Scammers understand how our shopping habits have changed and have updated their sleazy tactics accordingly," the FTC says. "People may get a text pretending to be from the U.S. Postal Service, FedEx, or UPS claiming there\'s a problem with a delivery.
"The text links to a convincing-looking – but utterly bogus – website that asks for a credit card number to cover a small \'redelivery fee.\'"
Scammers also target job seekers with bogus job offers in an attempt to steal their money and personal information. "With workplaces in transition, some scammers are using texts to perpetrate old-school forms of fraud – for example, fake \'mystery shopper\' jobs or bogus money-making offers for driving around with cars wrapped in ads," the report says.
"Other texts target people who post their resumes on employment websites. They claim to offer jobs and even send job seekers checks, usually with instructions to send some of the money to a different address for materials, training, or the like. By the time the check bounces, the person\'s money – and the phony \'employer\' – are long gone."
Finally, scammers impersonate Amazon and send fake security alerts to trick victims into sending money. "People may get what looks like a message from \'Amazon,\' asking to verify a big-ticket order they didn\'t place," the FTC says. "Concerned |
Ransomware Spam Malware Hack Tool Threat | FedEx APT 28 APT 15 ChatGPT ChatGPT | ★★ |
 |
2023-04-24 17:00:00 | Campagne de phishing de FedEx abusant de TrustForm et Paay FedEx Phishing Campaign Abusing TrustedForm and PAAY (lien direct) |
> Résumé Netskope Threat Labs suit une campagne de phishing qui imite une livraison de package FedEx comme appât pour voler les données de la carte de crédit.Ce type d'attaque d'ingénierie sociale se trouve couramment dans les pages de phishing, les e-mails et autres escroqueries, où un faux sentiment d'urgence est créé pour exhorter la victime à effectuer une action qui [& # 8230;]
>Summary Netskope Threat Labs is tracking a phishing campaign that mimics a FedEx package delivery as bait to steal credit card data. This type of social engineering attack is commonly found in phishing pages, emails, and other scams, where a false sense of urgency is created to urge the victim into doing an action that […] |
Threat | FedEx FedEx | ★★★ |
 |
2022-08-05 13:17:09 | Open Redirect Flaw Snags Amex, Snapchat User Data (lien direct) | Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims. | FedEx FedEx | ||
 |
2022-07-01 10:06:49 | Pourquoi FedEx bascule des grands systèmes au cloud (lien direct) | Le transporteur américain FedEx va fermer les 20% restants de ses mainframes dans les deux ans alors que progresse la migration cloud. | FedEx FedEx | ||
 |
2022-06-09 21:52:00 | PGA TOUR\'s Fortinet Championship Returns September 15-18, 2022 (lien direct) | Fortinet will once again sponsor this year's PGA TOUR tournament held in Napa, California. The Fortinet Championship will tee off September 15-18, 2022, as the first event of the PGA TOUR's 2022-23 FedExCup Regular Season. Read more.
|
FedEx | ||
 |
2022-05-19 02:00:00 | WannaCry 5 years on: Still a top threat (lien direct) | Who doesn't love an anniversary and the opportunity to reminisce about “where we were” when an historical event happened? Such is the case over the last several days when it comes to remembering WannaCry, the ransomware that infected thousands of computers five years ago and cost companies all over the world billions of dollars in damages.WannaCry broke onto the infosec scene on May 12, 2017. Taking advantage of the vulnerable version of the Server Message Block (SMB) protocol, it ultimately infected approximately 200,000+ machines in more than 150 countries. While Microsoft had issued a patch for the SMB flaw more than a month before the attacks began, millions of computers had not been unpatched against the bug. The largest ransomware attack ever, it impacted several big names globally, including the UK's National Health Service, US delivery giant FedEx, and Deutsche Bahn, the German railway company.To read this article in full, please click here | Ransomware Threat | FedEx Wannacry | |
|
2022-04-25 10:18:40 | SMS Phishing Attacks are on the Rise (lien direct) | SMS phishing attacks — annoyingly called “smishing” — are becoming more common. I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the “Fedex package delivered” messages the article talks about. Mine are usually of the form: “thank you for paying your bill, here’s a free gift for you.” | FedEx | ||
 |
2022-04-22 20:40:06 | Our first impressions after driving FedEx\'s new electric delivery van (lien direct) | BrightDrop and FedEx drove an electric van from NYC to DC-then let Ars have a try. | FedEx FedEx | ★★★ | |
|
2022-01-05 17:15:48 | Walmart wants to buy 5,000 electric delivery vans from GM\'s BrightDrop (lien direct) | FedEx is also increasing its order from 500 to 2,000 electric vans. | FedEx FedEx | ||
|
2021-12-17 16:02:32 | FedEx receives its first electric BrightDrop delivery vans (lien direct) | The first vans will start delivering packages in Los Angeles in 2022. | FedEx | ||
|
2021-11-04 16:49:59 | \'Tis the Season for the Wayward Package Phish (lien direct) | The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a time-honored lure about a wayward package that needs redelivery. Here's a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. | FedEx FedEx | ||
 |
2021-09-16 16:23:56 | Salesforce announces partnership with FedEx, new features to marketing cloud (lien direct) | The two companies will offer a single platform aimed at e-commerce and supply chain management. Salesforce's marketing cloud will receive enhancements focused on personalization and customer satisfaction. | FedEx | ||
|
2021-06-16 15:59:53 | FedEx announces autonomous delivery agreement as bots brave the logistical last mile (lien direct) | Typically, humans have manually delivered parcels to other humans. However, companies are using myriad craft from drones to autonomous vehicles to revolutionize supply chains. | FedEx | ||
|
2021-06-08 10:32:33 | Vulnerabilities in Weapons Systems (lien direct) | “If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.” That was Bruce’s response at a conference hosted by U.S. Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the internet. That may be necessary to keep in touch with civilian companies like FedEx in peacetime or when fighting terrorists or insurgents. But in a new era facing off with China or Russia, it is dangerously complacent. Any 21st century war will include cyber operations. Weapons and support systems will be successfully attacked. ... | FedEx FedEx | ||
 |
2021-02-24 15:33:24 | DHL Express and FedEx targeted by phishing scam (lien direct) | Researchers have discovered that around 10,000 employee mailboxes at DHL Express and FedEx have been hit by two phishing attacks that sought to extract recipients work email account. A blog post shared by Armorblox this week detailed the attacks. The post explained how there were two different attacks, one which pretended to share shipping details […] | FedEx FedEx | ★★ | |
|
2021-02-23 14:00:38 | 10K Microsoft Email Users Hit in FedEx Phishing Attack (lien direct) | Microsoft users are receiving emails pretending to be from mail couriers FedEx and DHL Express - but that really steal their credentials. | FedEx FedEx | ||
 |
2021-01-12 16:32:37 | FedEx will be the first customer for GM\'s new electric delivery van (lien direct) | The EV600 van uses GM's new Ultium batteries; there's also an electric pallet. | FedEx | ||
|
2020-12-01 14:02:13 | Delivery scams surge to ring in the holiday season (lien direct) | November saw a spike in phishing emails spoofing shipping companies such as DHL, Amazon, and FedEx, says Check Point Research. | FedEx | ||
|
2020-11-13 20:04:13 | Dell Technologies, FedEx, and Switch to build tech hubs to support multiple cloud environments (lien direct) | A new initiative plans to bring compute, storage, and connectivity to the network edge to help customers overcome latency issues. | FedEx | ||
 |
2020-09-15 11:00:00 | FedEx Will Track Your Packages More Precisely Than Ever (lien direct) | A Bluetooth-based system coming this fall will be especially useful for high-value shipments, like medicines or vaccines. | FedEx | ||
|
2020-08-25 11:00:00 | Amazon and FedEx Push to Put Delivery Robots on Your Sidewalk (lien direct) | The companies are backing bills in more than a dozen states that would legalize the devices. Some bills would block cities from regulating them at all. | FedEx | ★★★ | |
|
2020-05-01 18:59:28 | Fake FedEx, DHL, and UPS delivery issues used in COVID-19 phishing scams (lien direct) | Cybercriminals are leveraging overwhelmed delivery services to further phishing schemes. | FedEx | ||
 |
2020-04-28 15:42:44 | Comment: Fake Fedex And UPS Delivery Issues Used In COVID-19 Phishing (lien direct) | In a new report by Kaspersky, researchers see a new wave of phishing scams that utilise a COVID-19 theme and impersonate well-known shipping carriers such as FedEx, UPS, and DHL. The ISBuzz Post: This Post Comment: Fake Fedex And UPS Delivery Issues Used In COVID-19 Phishing | FedEx | ||
 |
2020-04-28 13:09:55 | Experts warn of deliveries scams that use a COVID-19 theme (lien direct) | Kaspersky experts uncovered a new wave of phishing scams that use a COVID-19 theme and impersonate shipping carriers, including FedEx, UPS, and DHL. The COVID-19 outbreak is forcing people to work from home and make shopping online causing a consequent increase in the number of home deliveries. Crooks are attempting to exploit the crisis and […] | FedEx | ★★★★ | |
 |
2020-04-27 18:28:59 | Fake Fedex and UPS delivery issues used in COVID-19 phishing (lien direct) | As people socially isolate and work from home, shopping online and home deliveries have increased. Scammers are capitalizing on this by creating new scams using Coronavirus delivery issues as a lure to get people to visit malicious links or open malware. [...] | FedEx | ||
|
2019-11-18 10:07:26 | Pemex Hit by Ransomware, US Postal Service Targeted by Copycat and New WhatsApp Bugs (lien direct) | FedEx says exposed driver database was a ‘test system’. US parcel delivery company FedEx has acknowledged that it left an exposed database containing detailed driver and delivery information, but says the infomation was part of a test system. Security researcher Devin Stokes found and responsibly disclosed the open database to FedEx. Once it was removed (after more […] | FedEx | ★★ | |
 |
2019-08-24 11:10:05 | Vulnerability Found in SimpleMDM Apple Device Management Solution (lien direct) | An XML external entity (XXE) vulnerability has been found and patched in the SimpleMDM Apple device management solution, but the researcher who found the flaw and the vendor disagree on its impact. SimpleMDM is an increasingly popular mobile device management (MDM) solution used by companies such as FedEx, Deloitte and the Discovery Channel. | Vulnerability | FedEx Deloitte | |
|
2019-06-26 15:55:03 | Tech news roundup: FedEx sues the DOC, skilled workers are in demand, and how companies stay relevant (lien direct) | This week's TechRepublic and ZDNet news stories include a Verizon error leads to massive outages, Apple's plan to hire 2,000 employees, and five ways robots impact our lives. | Guideline | FedEx | |
|
2019-06-25 14:13:03 | FedEx suing Department of Commerce over burden of enforcing Huawei blacklisting (lien direct) | Following a series of incidents in which packages were misrouted, and under increasing scrutiny from the Chinese government, FedEx is seeking relief. | FedEx | ★★★★★ | |
 |
2019-05-29 20:16:09 | Your threat model is wrong (lien direct) | Several subjects have come up with the past week that all come down to the same thing: your threat model is wrong. Instead of addressing the the threat that exists, you've morphed the threat into something else that you'd rather deal with, or which is easier to understand.PhishingAn example is this question that misunderstands the threat of "phishing":Should failing multiple phishing tests be grounds for firing? I ran into a guy at a recent conference, said his employer fired people for repeatedly falling for (simulated) phishing attacks. I talked to experts, who weren't wild about this disincentive. https://t.co/eRYPZ9qkzB pic.twitter.com/Q1aqCmkrWL- briankrebs (@briankrebs) May 29, 2019The (wrong) threat model is here is that phishing is an email that smart users with training can identify and avoid. This isn't true.Good phishing messages are indistinguishable from legitimate messages. Said another way, a lot of legitimate messages are in fact phishing messages, such as when HR sends out a message saying "log into this website with your organization username/password".Recently, my university sent me an email for mandatory Title IX training, not digitally signed, with an external link to the training, that requested my university login creds for access, that was sent from an external address but from the Title IX coordinator.- Tyler Pieron (@tyler_pieron) May 29, 2019Yes, it's amazing how easily stupid employees are tricked by the most obvious of phishing messages, and you want to point and laugh at them. But frankly, you want the idiot employees doing this. The more obvious phishing attempts are the least harmful and a good test of the rest of your security -- which should be based on the assumption that users will frequently fall for phishing.In other words, if you paid attention to the threat model, you'd be mitigating the threat in other ways and not even bother training employees. You'd be firing HR idiots for phishing employees, not punishing employees for getting tricked. Your systems would be resilient against successful phishes, such as using two-factor authentication.IoT securityAfter the Mirai worm, government types pushed for laws to secure IoT devices, as billions of insecure devices like TVs, cars, security cameras, and toasters are added to the Internet. Everyone is afraid of the next Mirai-type worm. For example, they are pushing for devices to be auto-updated.But auto-updates are a bigger threat than worms.Since Mirai, roughly 10-billion new IoT devices have been added to the Internet, yet there hasn't been a Mirai-sized worm. Why is that? After 10-billion new IoT devices, it's still Windows and not IoT that is the main problem.The answer is that number, 10-billion. Internet worms work by guessing IPv4 addresses, of which there are only 4-billion. You can't have 10-billion new devices on the public IPv4 addresses because there simply aren't enough addresses. Instead, those 10-billion devices are almost entirely being put on private ne | Ransomware Tool Vulnerability Threat Guideline | FedEx NotPetya | |
 |
2019-03-27 23:19:05 | Problème de sécurité pour le site Fedex (lien direct) | La société Fedex, spécialiste du transport et services de logistiques souffre de plusieurs problèmes sur son site Internet. Prudence aux liens qui peuvent vous être proposés. Vous avez du très certainement dû en entendre parler : la superbe exposition " Toutânkhamon, le Trésor du Pharaon " organisée... Cet article Problème de sécurité pour le site Fedex est apparu en premier sur ZATAZ. | FedEx | ||
|
2018-12-01 15:13:03 | A Dunkin\' Donuts Hack, a Fake FedEx Site, and More Security News This Week (lien direct) | Scam centers, exposed massage company data, and more of the week's top security news. | FedEx | ||
 |
2018-11-29 12:04:05 | Smashing Security #106: Google Maps, Fed phishing, and Grinch bots (lien direct) |  How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
And don't miss our special bonus interview about passwords with Rachael Stockton of LastPass.
|
FedEx LastPass | ||
|
2018-11-27 12:33:04 | When the FBI rather than the fraudsters make the fake FedEx website (lien direct) |  Fraudsters beware! The Feds are prepared to use your own tricks against you.
|
FedEx | ||
 |
2018-06-29 13:00:00 | Things I Hearted this Week – 29th June 2018 (lien direct) |
It's been an absolutely lovely warm week in London. The sun has been shining, allergies have been high, and kids have been missing out on all the wonders because they're too busy being indoors staring at a mobile device or tablet.
Things were very different back in my days... and just like that, I've turned into my Dad!
Have I Been Pwned - The Saga Continues
I like to think of myself as a bit of a hipster because I was following Troy Hunt before he was widely recognised as being cool. I remember reading his posts on OWASP top 10 for .NET developers and thinking to myself that this guy really knows his stuff.
Which is why I was optimistic when Troy launched Have I been Pwned - but I don't think I foresaw how big the project would become and now it is being integrated into Firefox and 1Password. Not bad going for the blogger from down under.
We're Baking Have I Been Pwned into Firefox and 1Password| Troy Hunt
Defining Hacker In 2018
If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a quintessentially green computer terminal. They’re up to no good… Stealing your data, crashing critical systems, or causing general Internet badness.
In reality, the word “hacker” applies to a much broader group of people, one that extends well beyond cybersecurity. Merriam-Webster defines a “hacker” as “an expert at programming and solving problems with a computer”.
Defining "Hacker" in 2018| BugCrowd
Lessons From nPetya One Year Later
This is the one year anniversary of NotPetya. It was probably the most expensive single hacker attack in history (so far), with FedEx estimating it cost them $300 million. Shipping giant Maersk and drug giant Merck suffered losses on a similar scale. Many are discussing lessons we should learn from this, but they are the wrong lessons.
An example is this quote in a recent article:
"One year on from NotPetya, it seems lessons still haven't been learned. A lack of regular patching of outdated systems because of the issues of downtime and disruption to organisations was the path through which both NotPetya and WannaCry spread, and this fundamental problem remains."
This is an attractive claim. It describes the problem in terms of people being "weak" and that the solution is to be "strong". If only organizations where strong enough, willing to deal with downtime and disruption, then problems like this wouldn't happen.
But this is wrong, at least in the case of NotPetya.
Lessons from nPetya one year later| Errata Security
German Researcher Defeat Printers' Doc-Tracking Dots
Beating the unique identifiers that printers can add to documents for security purposes is possible: you just need to add extra dots beyond those that security tools already add. The trick is knowing where to add them.
Many printers can add extra dots to help identify which device printed a document, as it's handy to know that when they fall into the wrong hands. The |
FedEx NotPetya Wannacry | ||
|
2018-06-27 15:49:15 | Lessons from nPetya one year later (lien direct) | This is the one year anniversary of NotPetya. It was probably the most expensive single hacker attack in history (so far), with FedEx estimating it cost them $300 million. Shipping giant Maersk and drug giant Merck suffered losses on a similar scale. Many are discussing lessons we should learn from this, but they are the wrong lessons.An example is this quote in a recent article:"One year on from NotPetya, it seems lessons still haven't been learned. A lack of regular patching of outdated systems because of the issues of downtime and disruption to organisations was the path through which both NotPetya and WannaCry spread, and this fundamental problem remains." This is an attractive claim. It describes the problem in terms of people being "weak" and that the solution is to be "strong". If only organizations where strong enough, willing to deal with downtime and disruption, then problems like this wouldn't happen.But this is wrong, at least in the case of NotPetya.NotPetya's spread was initiated through the Ukraining company MeDoc, which provided tax accounting software. It had an auto-update process for keeping its software up-to-date. This was subverted in order to deliver the initial NotPetya infection. Patching had nothing to do with this. Other common security controls like firewalls were also bypassed.Auto-updates and cloud-management of software and IoT devices is becoming the norm. This creates a danger for such "supply chain" attacks, where the supplier of the product gets compromised, spreading an infection to all their customers. The lesson organizations need to learn about this is how such infections can be contained. One way is to firewall such products away from the core network. Another solution is port-isolation/microsegmentation, that limits the spread after an initial infection.Once NotPetya got into an organization, it spread laterally. The chief way it did this was through Mimikatz/PsExec, reusing Windows credentials. It stole whatever login information it could get from the infected machine and used it to try to log on to other Windows machines. If it got lucky getting domain administrator credentials, it then spread to the entire Windows domain. This was the primary method of spreading, not the unpatched ETERNALBLUE vulnerability. This is why it was so devastating to companies like Maersk: it wasn't a matter of a few unpatched systems getting infected, it was a matter of losing entire domains, including the backup systems.Such spreading through Windows credentials continues to plague organizations. A good example is the recent ransomware infection of the City of Atlanta that spread much the same way. The limits of the worm were the limits of domain trust relationships. For example, it didn't infect the city airport because that Windows domain is separate from the city's domains.This is the most pressing lesson organizations need to learn, the one they are ignoring. They need to do more to prevent desktops from infecting each other, such as through port-isolation/microsegmentation. They need to control the spread of administrative credentials within the organization. A lot of organizations put the same local admin account on every workstation which makes the spread of NotPetya style worms trivial. They need to reevaluate trust relationships between domains, so that the admin of one can't infect the others.These solutions are difficult, which is why news articles don't mention them. You don't have to know anything about security to proclaim "the problem is lack of patches". It's moral authority, chastising the weak, rather than a proscription of what to do. Solving supply chain hacks and Windows credential sharing, though, is hard. I don't know any universal solution to this -- I'd have to thoroughly analyze your network and business in order to | Ransomware Malware Patching | FedEx NotPetya Wannacry | |
 |
2018-02-20 12:40:03 | Hacker Tools Used for Good as Exposed Amazon Cloud Storage Accounts Get Warnings (lien direct) | Responding to the all too familiar news of compromised Amazon cloud storage, security researchers have begun leaving “friendly warnings” on AWS S3 accounts with exposed data or incorrect permissions. The misconfiguration of access control on the AWS storage “buckets” has been responsible for numerous high profile data breaches, including Verizon, The Pentagon, Uber, and FedEx. […]… Read More | FedEx Uber | ||
|
2018-02-19 16:30:02 | FedEx Data Breach (lien direct) | The ISBuzz Post: This Post FedEx Data Breach | FedEx | ||
|
2018-02-16 19:19:03 | 119,000 Scanned IDs of FedEx-owned company Bongo International\'s customers exposed online (lien direct) | Researchers discovered an Amazon S3 bucket contains personal information and scans of IDs of some 119,000 US and international citizens. It has happened again, researchers discovered another unsecured Amazon S3 bucket holding a huge trove of data that was exposed online. The Amazon S3 bucket contains personal information and scans of IDs of some 119,000 […] | FedEx | ||
|
2018-02-16 15:00:05 | FedEx Customer Documents Exposed In Mass Data Breach (lien direct) | The ISBuzz Post: This Post FedEx Customer Documents Exposed In Mass Data Breach | FedEx | ||
 |
2018-02-15 14:00:00 | Unsecured server exposed thousands of FedEx customer records (lien direct) | Another day, another exposed Amazon S3 server. | FedEx | ||
|
2018-01-26 11:41:13 | New Phishing scam combines FedEx and Google Drive to lure victims (lien direct) | >Several universities and more than 20 companies have been hit with malware whose creators are using several layers of subterfuge to camouflage their phishing attack by taking advantage of a few trusted brand names. View full story ORIGINAL SOURCE: SC Magazine | FedEx | ★★★★ | |
 |
2017-12-22 15:22:32 | NotPetya\'s Cost to FedEx: $400 Million and counting (lien direct) | As Federal Express continues to recover from the devastating NotPetya malware outbreak, the cost of the attack on the company continues to grow, topping $400 million in just the last six months. FedEx said it is still recovering from the destructive wiper malware attack and reported a $100 million hit to its financial results in the second...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/512318212/0/thesecurityledger -->» | FedEx NotPetya | ||
|
2017-12-19 18:07:17 | White House Blames North Korea for Cyberattack (lien direct) | The White House on Tuesday publicly accused North Korea of launching a massive cyberattack that hit 150 countries last May -- hobbling networks from Britain's public health system to FedEx. | FedEx | ||
|
2017-09-25 16:50:28 | Is CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night? (lien direct) | In the latest Security Ledger podcast, Paul speaks with Michael Gorelik of the firm Morphisec about the hack of security software vendor CCleaner – a hack that Gorelik’s firm discovered. CCleaner, he says, may just be the tip of the iceberg when it comes to supply chain hacks. And: “Alexa: have we been hacked by China?”...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/461342024/0/thesecurityledger -->»
Related StoriesIs CCleaner the Tip of an Iceberg of Supply Chain Hacks? And Alexa: did China hack us Last Night? - EnclosureReport: 1.9b Records Lost in First Half of 2017, topping 2016FedEx: NotPetya Cost $300m, Wrecked Q1 Earnings
|
CCleaner FedEx NotPetya | ||
|
2017-09-21 05:29:26 | (Déjà vu) FedEx announces $300m in lost business and response costs after NotPetya attack (lien direct) | FedEx is the last firm in order of time that disclosed the cost caused by the massive NotPetya, roughly $300m in lost business and response costs. The malware compromised systems worldwide, most of them in Ukraine, the list of victims is long and includes the US pharmaceutical company Merck, the shipping giant Maersk, the Ukraine's central […] | FedEx NotPetya |
To see everything:
Our RSS (filtrered)
