Page 5 - Threat Intelligence 11-5-2019
P. 5

Security News












        FBI Advises SMBs on Dangers of E-Skimming. As part of cybersecurity month, the FBI is warning small and
        medium businesses (SMBs) about the dangers of e-skimming, a practice that could allow hackers to intercept
        online credit card payments. E-skimming is a precise type of attack that allows cybercriminals to intercept
        online credit card payments by using malicious code inserted into a website. Hackers could gain entry into an
        organization in a phishing attack or through an unpatched vulnerability in its infrastructure. Once that
        happens, the intrusion may remain undetected for a long time. “The bad actor may have gained access via a
        phishing attack targeting your employees—or through a vulnerable third-party vendor attached to your
        company’s server,” explains the FBI in their advisory. “Regardless, once he is in, he can load the malicious code
        and capture the credit card data in real time as the user enters it. He either then sells the data on the darknet
        or uses it to make fraudulent purchases himself.”

                Source: https://securityboulevard.com/2019/10/fbi-advises-smbs-on-dangers-of-e-skimming/



        Confirmed: North Korean malware found on Indian nuclear plant's network. The network of one of India's
        nuclear power plants was infected with malware created by North Korea's state-sponsored hackers, the
        Nuclear Power Corporation of India Ltd (NPCIL) confirmed today. News that the Kudankulam Nuclear Power
        Plant (KNPP) might have been infected with a dangerous strain of malware first surfaced on Twitter on
        Monday. Pukhraj Singh, a former security analyst for India's National Technical Research Organization (NTRO),
        pointed out that a recent VirusTotal upload was actually linked to a malware infection at the KNPP..

                Source:    https://www.zdnet.com/article/confirmed-north-korean-malware-found-on-indian-nuclear-
                plants-network/




        Microsoft launches ‘911’ on-demand service for emergency security threats. Microsoft has introduced a new
        service offering enterprise customers a direct line to the company's top security experts when a threat is so
        bad it can't be solved alone. The managed threat hunting service called Threat Experts on Demand has now
        reached 'general availability' and is part of the Microsoft Defender Advanced Threat Protection (ATP) service
        for customers with subscriptions such as Windows 10 Enterprise E5 and the Microsoft 365 bundle.
                Source:    https://www.zdnet.com/article/microsoft-launches-911-on-demand-service-for-emergency-
                security-threats/





















                                                    www.accumepartners.com
                                                                                                                     5
   1   2   3   4   5   6   7   8   9   10