Cyb0rn™

Welcome back my aspiring cyber warriors! In an earlier tutorial, I tried to explain some of the basic concepts and terms of cryptography . Not only are those terms and concepts key to becoming effective in the world of cyber security, but they are required to pass such certification exams such as the CISSP, CWA, Security+ and many others. In this tutorial we will address the various attack models for cryptanalysis. In other words, what methods can a cryptanalyst use to break the encryption without knowing the key. Besides being fascinating, you are likely to find these methods, concepts and analysis on the CISSP and CASP exams. Terminology Some terminology before we begin. plaintext - text that has not been encrypted ciphertext - text that has been encrypted cryptanalyst - person knowledgeable in breaking encryption without the key cipher - a way of hiding the content and message of plaintext We can divide these methods into four types and further classify them as...

The healthcare industry is no longer circling the drain, but it's still in critical condition. While many organizations in healthcare have aimed at or made positive strides toward a more robust cybersecurity and privacy posture, they still have a long way to go. In 2018, healthcare had the highest number of breaches recorded compared to other industries. This is according to BakerHostetler's 2019 Data Security Incident Response Report , which is in its fifth annual iteration this year. Even today, black hat hackers are continuing to go after patient healthcare data, and as such breaches will only intensify , according to Business Insider. The HIPAA Journal , a website dedicated to covering HIPAA-related news, corroborates this intensity after seeing a steady reporting of at least one breach per day from January through March, 2019. What's causing these daily breaches? Hacking and IT incidents, which include malware attacks, have been ...

By Jérôme Segura, Adam Thomas, and S!Ri We have been closely monitoring the situation involving the continued attacks against users of the popular Electrum Bitcoin wallet. Initially, victims were being tricked to download a fraudulent update that stole their cryptocurrencies. Later on, the threat actors launched a series of Distributed Denial of Service (DDoS) attacks in response to Electrum developers trying to protect their users. Since our last blog , the amount of stolen funds has increased to USD $4.6 million, and the botnet that is flooding the Electrum infrastructure is rapidly growing. Case in point, on April 24, the number of infected machines in the botnet was just below 100,000 and the next day it reached its highest at 152,000 , according to this online tracker . Since then, it has gone up and down and plateaued at around the 100,000 mark. New loader identified We have been able to correlate two distribution campaigns (RIG exploit kit and S...

Around April 20, many users reported that Wall Street Market, a broadly known dark net market, had executed an exit scam, and that any pending orders were unlikely to be completed. Scamming with enterprises involving Bitcoin is not unheard of , and dark net markets with centralized escrow are particularly vulnerable. As these markets grow in popularity and amass large amounts of transactions, the potential payout of an exit scam can be enormous, as seen with the Evolution market exit scam in 2015, totaling roughly 12 million in stolen Bitcoins. A common tactic in these types of scams is to initially freeze transactions for "technical difficulties," followed by taking the entire market offline and grabbing the funds. What the users say Wall Street Market appears to have followed a similar trajectory, with frozen transactions leading to side channel messages warning of scams, to a mass vendor exodus. Notable in the saga...

Last week on Labs, we looked at security threats to headphones , privacy options in the world of law, and wandered through the FBI's 2018 IC3 online crime report . We also explored another MageCart attack , and we released our 2019 Q1 Crime Tactics and Techniques report . Other cybersecurity news Fooling automated surveillance cameras: Bypassing neural network frameworks with colourful abstract signs . Well, rectangles, to be more accurate. (Source: Arvix) VPN traffic raises concerns: Users of NordVPN query traffic they consider to be unusual related to the popular app. (Source: The Register) Who keeps your data safe? People think banks are best , but a majority still fear identity theft. (Source: Help Net Security)   Microsoft abandons password expiration for Windows 10: MS joins the growing trend for not finding a huge amount of value in needless password changes . (Source: Microsoft) Biometrics take a hit in Danish passports: A glitch is responsible for switchi...

So you've heard about the many capabilities Metasploit has to offer. You may have already tried using it, but wondered; is there something I'm missing?  Metasploit is the best exploit tool on the planet but it can be complex.  Because of that we decided to cover some of the more useful Metasploit commands to get you […] from Learn Ethical Hacking and Penetration Testing Online full article here

Featured on MTV's Catfish TV series, in season 7, episode 8, Grabify is a tracking link generator that makes it easy to catch an online catfish in a lie. With the ability to identify the IP address, location, make, and model of any device that opens on a cleverly disguised tracking link, Grabify can even identify information leaked from behind a VPN. Whether it's an online apartment ad that seems too good to be true or a person online you have a strange feeling about, identifying red flags can save a lot of trouble early on. If you live in Canada, and an IP address in Africa lists the ... more from Null Byte « WonderHowTo full article here

Every day, new e-commerce websites fall into the hands of one of the many Magecart skimmers. Unbeknownst to shoppers, criminals are harvesting their personal information, including payment details in the online equivalent of ATM card skimming. Most often the skimming code—written in JavaScript and obfuscated—is hosted on infrastructure controlled by attackers. Over time, they have created thousands of domain names mimicking Magento, the CMS platform that is by far most targeted. However, as we sometimes see in other types of compromises , threat actors can also abuse the resources of legitimate providers, such as code repository GitHub, acquired by Microsoft last year. This latest skimmer is a hex-encoded piece of JavaScript code that was uploaded to GitHub on April 20 by user momo33333 , who, as it happens, had just joined the platform on that day as well. In the above and below screenshots, you can see that the threat actor was fine tuning the...

BillCipher is a website and IP address information gathering tool. The tool gathers a series of information including DNS record, Whois information, GeoIP data, Subnet record , open ports information, live pages (links) available on the target web application, server information, Cloudflare information, plugins, HTTP Header, Host Header, reverse IP information, shared DNS servers, IP […] from Learn Ethical Hacking and Penetration Testing Online full article here

The Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 report found businesses at the butt end of a bad joke. In just one year, threats aimed at corporate targets have increased by 235 percent, with Trojans, such as Emotet, and ransomware in particular revving up in the first quarter. Included in the report is analysis of sharp declines in consumer cryptomining and other threats, further cementing the shift away from individual targets and toward businesses, with SMBs in particular suffering because of lack of resources. "Consumers might breathe a sigh of relief seeing that malware targeting them has dropped by nearly 40 percent, but that would be short-sighted," said Adam Kujawa, director of Malwarebytes Labs. "Consumer data is more easily available in bulk from business targets, who saw a staggering 235 percent increase in detections year-over-year. Cybercriminals are using increasingly clever means of attack to get even more value from targets through the...

The FBI's Internet Crime Complaint Center have released their annual Crime Report, with the most recent release focusing on 2018. While the contents may not surprise, it definitely cements some of the bigger threats to consumers and businesses—and not all of them are particularly high tech. Sometimes less is most definitely more. What is the Internet Crime Complaint Center? Good question. For those not in the know, it's the FBI's way of allowing you to file a complaint about   a computer crime . If the victim or alleged perpetrator are located in the US, you can file. The information is then handed to trained analysts who distribute the data as appropriate. They eventually take all that information and turn it into a report. There's a fair bit in there to chew on— here's the report , in PDF format—but there are some prominent themes on display. Shall we take a look at what's hot? Business Email Compromise (BEC) Business Email Compromise is something w...

There are no promises in the words, "We care about user privacy." Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It is a strategy. In the US, companies that break their own privacy policies can—and do—face lawsuits over misleading and deceiving their users, including making false statements about data privacy. But users are handicapped in this legal fight, as successful lawsuits and filings are rare. Instead of relying on the legal system to assert their data privacy rights, many users turn to tech tools, installing various web browsers, browser extensions, and VPNs to protect their online behavior. Luckily, users aren't alone in this fight. A small number of companies, including Apple, Mozilla, Signal, WhatsApp, and others, are truly committed to user privacy. They stand up to overbr...

More than a decade ago, cardiologists from the Beth Israel Medical Center in Boston presented their findings at the American Heart Association (AHA) Scientific Sessions 2008 about MP3 headphones causing disruptions with heart devices—such as the pacemaker and the implantable cardioverter defibrillator (ICD)—when the headphones were placed on their chests, directly over their devices' location. These interference can range from preventing a defibrillator from detecting abnormal heart rhythms, deactivating the defibrillator temporarily (and, thus, stopping it from delivering a life-saving shock), forcing a pacemaker to deliver signals to the heart (and, thus, making it beat while disregarding the patient's current heart rhythm), to fully reprogramming the heart device. Experts named neodymium magnets, which are common in most headphones, as the culprit to these potentially life-threatening disruptions. Doctors have been repeatedly warned pacemaker and defibrillat...