Connect with us

Cyber Security

Renewed Emotet phishing activity targets UN, government and military users

Avatar

Published

on

Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at least 82 countries with spam and crafted a special phishing campaign targeting the United Nations.

Meanwhile, an additional report has revealed an increase in Emotet phishing activity targeting government and military entities over the last few months of 2019, with signs of this trend continuing into the new year.

Citing researcher Joseph Roosen, and email security firm Cofense, BleepingComputer reported earlier this week that the Emotet network launched a major spam assault on Jan. 13, with a strong focus on the U.S., after a three-week break in activity.

Reportedly, many of the phishing emails purported to contain business-related Microsoft Word attachments such as proof-of-delivery documents and agreements. Users who opened these attachments and enabled the malicious macros embedded within were subsequently infected with Emotet.

A particularly targeted Emotet phishing mail was sent to 600 United Nations email addresses, BleepingComputer stated in a second report. The email, also spotted by Cofense researchers, appeared to be from representatives with the Permanent Mission or Norway, falsely suggesting that there is a problem with an attached agreement and instructing the recipient to review the document.

Though still described as a banking trojan, Emotet can also steal data and credentials and act as a downloader that leads to secondary malicious payloads like Ryuk ransomware and the TrickBot banking trojan.

Additionally, as a mode of self-propagation, Emotet can access a victim’s inbox and reply to the various unread emails contained within, using content stolen from the unread emails to impersonate the original victim. These reply emails are delivered via a network of stolen outbound SMTP accounts, all in an attempt to trick the victim’s email contacts into opening up a malicious attachment and become infected themselves, explains Cisco Talos in a blog post report today.

It is this man-in-the-middle functionality, Talos continues, that likely has caused a recent uptick in Emotet spam messages directed at military (.mil) and government (.gov) TLDs. The volume of these particular emails rose steadily from September through December 2019, peaking in the last month of the year. Following a holiday break, it appears the trend is continuing, though in smaller quantities.

Talos believes at least some this activity was precipitated by Emotet successfully compromising at least one person working in or for U.S. government. From there, the malware issued out additional phishing emails to that person or persons’ contacts.

Talos cites as an example an Emotet spam email that was sent to an individual working for U.S. Sen. Cory Booker, after previously infecting someone at booker.senate.gov. It is not indicated whether the latter person was also infected via another contact person.

“One of the most cunning aspects of Emotet’s propagation is the way they use social engineering of personal/professional relationships to facilitate further malware infection. When receiving a message from a trusted friend or colleague, it is quite natural for recipients to think, ‘ can safely open this email attachment because it is in reply to a message I sent, or from someone I know,’” wrote blog post author Jason Schultz, a technical leader with Talos. “Any person or organization who has sent an email to an Emotet victim could be targeted by Emotet’s propagation messages. The more interaction with the victim you have, the more likely you are to receive malicious email from Emotet. Like a meandering watering hole attack, this is how Emotet crosses organizational boundaries with the potential to affect entire industries or even countries.”

Source: https://www.scmagazine.com/home/security-news/phishing/renewed-emotet-phishing-activity-targets-un-government-and-military-users/

Cyber Security

Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://threatpost.com/critical-cisco-sd-wan-hyperflex-bugs/165923/

Continue Reading

Cyber Security

Ryuk Ransomware Attack Sprung by Frugal Student

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://threatpost.com/ryuk-ransomware-attack-student/165918/

Continue Reading

Cyber Security

Hide Internet Activity At Work

Avatar

Published

on

How to hide your internet activities from your employer?

Table of Contents

How to hide your internet activities from your employer?

The Internet has evolved into such a public space that not only hackers or governments, but also employers, snoop on internet activity. Without your awareness, companies may monitor your internet use, and the free browsing time you have at work can no longer feel private. Even though your entire web browsing history can be monitored at work, there is a way to keep your internet activities secret from your boss. But first, let’s take a look at how and what your boss may be keeping track of.

Why employers monitor their employees’ internet activity?

The majority of employers keep track of their workers’ internet use for a reason. Compliance with security legislation is one rational reason why monitoring is used. These regulations require businesses (mostly financial institutions or government-related organizations) to control all of their internal networks to avoid fraud and hacking, as well as to be able to track down a problem if one arises.

Another factor, which may be obsolete in today’s world but remains, is their employees’ lack of confidence. Companies monitor software and internet use, as well as active and idle hours, to determine employee productivity. They keep track of how much time you spend online, what websites you visit, and what files you download, which doesn’t feel safe or private in any situation.

How employers can monitor employee internet activity?

Employee internet activity can be tracked in a variety of ways, one of which is functioning as a man-in-the-middle. The employer’s network can be set up so that all internet traffic is routed through a rogue proxy that can intercept any traffic and read its contents. A network administrator who can access the server either remotely or physically can view all internet traffic on the employer’s network. The router or proxy server may be inside a company building or in the data center.

Without a VPN, an employer will serve as a middleman and monitor all internet traffic on the network.

On the man-in-the-middle server that the employer owns, all internet activity can be seen – when you connected to what website, did you stream any videos, play a game, or download a file – all is recorded.

Companies that do not have an IT department or resources devoted to tracking their employees’ online activities have made contracts with their Internet Service Provider, who serves as a man-in-the-middle and reports on the online activities conducted via the company’s network regularly. IP addresses, link times, websites or files downloaded, and other data are all visible to an ISP.

Knowing that your personal data can be monitored and used by your employer makes you feel uneasy, but there is a way to mask your internet surfing at work.

How to hide internet activity from employers?

While your employer will track your internet usage and see which websites you visit, using a VPN is a good way to mask your online activities. When you use a VPN, all of your internet activity is encrypted, and the only information that your boss can see is the IP address of the VPN server and gibberish that is difficult to crack. NordVPN is a VPN that uses the best AES-256 bit encryption. It does not hold any records or personally identifying information, and it protects you from someone attempting to eavesdrop on your communications.

The way it works is that when you use a VPN, all of your internet traffic is routed through an encrypted VPN tunnel to the VPN server. This way, the boss and ISP can’t see what websites you visit or what files you download. Using the man-in-the-middle method to see inside the encrypted VPN tube, the employer can only see gibberish details, making it difficult to figure out where you’re trying to communicate online. It just indicates your link to the VPN server’s IP address, rather than your connection to specific websites.

With VPN employer can not see what is inside a strongly encrypted VPN tunnel

VPN hides your online activities from your employer in real-time but you also must take into consideration that your browsing history can be accessible later on your device.

How to bypass administrator rights requirement when installing?

Installing VPN software, especially on a work machine, can necessitate administrator privileges, which you may not have. Fortunately, using a VPN Chrome plugin (which also works for Firefox!) is a simple way to mask your online activities. It is only intended to run on browsers and does not require administrative privileges to install.

How to hide your browsing history from your employer?

A VPN masks your browsing history only on the router or server, keeping your internet activity secret from your boss. You should be aware that browsing history files are stored locally on your computer, and your employer can ask you to show them if they are truly interested.

Combining a VPN and an incognito window is the best way to keep your browsing history secret from your boss. When you close an incognito browser, it will erase all of your browsing history files and cookies. Any browser has an incognito window, which is ideal for keeping your browsing history clean at all times.

Does a work VPN expose my home network when working remotely

Many businesses use a VPN to securely access their services from a distance. What do you do if your boss has already built a VPN for you?

When you use a work VPN, all of your traffic from that computer is decrypted at the company’s servers, and your employer can see all of the websites you visit. The boss, on the other hand, cannot reach your local home network. All other browsing data on other devices is kept private, however, your ISP will be able to see it.

By simply disconnecting from the work VPN, your internet traffic will be routed back to your normal ISP. However, instead of an employer, your ISP now has access to all of your browsing data, and your privacy is compromised.

Best VPNs that would keep things private from your employer

NordVPN

NordVPN is a VPN industry leader, offering lightning-fast speeds across all of its 5600+ servers in 60+ countries. CyberSec, an ad-blocking and malware-protection feature prevent you from accessing compromised pages and protects you from online monitoring.

With double VPN servers and solid next-generation unbreakable encryption, it supports P2P/torrenting traffic with fast download speeds. It also unblocks Netflix and other streaming channels, making it an excellent option for those who enjoy watching movies and TV shows online.

NordVPN has a strict no-log policy and is available on all platforms (including browser extensions). It is the most comprehensive VPN on the market, with reasonable prices and a 30-day money-back guarantee.

    • 5200+ global servers in 59+ countries
    • CyberSec malware and ad-blocking protection
    • Next-generation encryption with double VPN servers
    • Obfuscation technology that masks VPN traffic
    • Strict no-logs policy
    • Works with Netflix and good for streaming
    • Lightning-fast with P2P support
    • 30-day money-back guarantee

Surfshark

Surfhsark is one of the most user-friendly and cost-effective VPNs available. It keeps no logs and has over 1700 servers in 63 different countries.

Since all of the apps use solid AES-256 encryption, neither your boss nor your ISP will be able to see what you do online. CleanWeb technology, which can block unwanted advertisements and trackers, is also included in the service.

Surfshark will unblock 15 Netflix libraries around the world, as well as Hulu, BBC iPlayer, Hotstar, and Disney+.

It also helps you to connect an infinite number of devices to the same account.

Both servers are P2P-friendly and torrenting is perfectly hidden from ISPs. VPN browser extensions for Chrome and Firefox are also available.

All of Surfhsark’s plans come with a 30-day money-back guarantee. You can currently get a 2-year contract for only $1.99 per month.

3200+ global servers in 60+ countries

    • CleanWeb ad-blocking feature
    • Secure and strong encryption with OpenVPN
    • Whitelist, Multi-hop VPN and kill switch
    • No-logs policy
    • Works with Netflix and good for streaming
    • Great speeds
    • 30-day money-back guarantee

ExpressVPN

ExpressVPN is one of the most private VPN services available. It was openly audited and found to have no logs. Its server network spans more than 160 locations around the world.

This VPN provider uses RAM for all of its servers, in addition to an Internet Kill Switch and best-in-class encryption algorithms. This means that when the server is restarted, all data is removed. This guarantees complete privacy and keeps the employer in the dark.

ExpressVPN is excellent for unblocking streaming services and other restricted content in countries where they are available. It completely supports and hides torrenting, and it downloads files at lightning speeds.

This VPN service offers applications for all major platforms as well as VPN plugins for Chrome and Firefox. However, administrator privileges are needed to use the extensions because they require a VPN app to function.

All ExpressVPN plans come with a 30-day money-back guarantee.

    • 160+ locations and 3000+ servers
    • Strict No-Log policy
    • Unlimited streaming (Netflix, Hulu, BBC iPlayer)
    • Strong military-grade AES 256-bit key encryption
    • Kill Switch, Split tunneling, and RAM-disk servers
    • 30-day money-back guarantee
    • Windows, macOS, iOS, Android, and Linux support
    • Fast speeds and reliable connections

Final thoughts

Using a VPN with strong and unbreakable encryption, such as NordVPN, will allow you to keep your online browsing at work private and hidden from your boss. It makes it difficult to see the contents of your internet traffic and covers the websites and files you download from your boss. The easiest way to keep your online habits secret from your boss is to use it in conjunction with an incognito window that deletes your browsing history on your browser until locked.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/hide-internet-activity-at-work/

Continue Reading

Cyber Security

Massive DDoS Attack Disrupts Belgium Parliament

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://threatpost.com/ddos-disrupts-belgium/165911/

Continue Reading
Nano Technology8 mins ago

Open-source GPU technology for supercomputers: Researchers navigate advantages and disadvantages

Nano Technology8 mins ago

A silver lining for extreme electronics

Nano Technology9 mins ago

Simple robots, smart algorithms

Nano Technology9 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

Nano Technology9 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

AI22 mins ago

AI in Construction Scenario and Workforce Planning Seen Lowering Costs 

Techcrunch22 mins ago

Twitter Tip Jar lets you pay people for good tweetin’

CNBC23 mins ago

Can the Oversight Board force Facebook to follow its own rules?

Aviation32 mins ago

Libyan Coast Guard Shoots At Two Italian Fishing Boats: Italian Frigate And P-72A Surveillance Plane On The Scene

Nano Technology36 mins ago

Open-source GPU technology for supercomputers: Researchers navigate advantages and disadvantages

Nano Technology36 mins ago

A silver lining for extreme electronics

Nano Technology37 mins ago

Simple robots, smart algorithms

Nano Technology37 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

Nano Technology37 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

AI48 mins ago

Computational Omnipresence And Bird’s-Eye View Are Aiding AI Autonomous Cars 

Techcrunch49 mins ago

Yale’s longtime — and legendary — endowment chief, David Swensen, has passed away at age 67

Crowdfunding51 mins ago

Uniswap Version 3.0 Now Successfully Deployed on Ethereum (ETH) Mainnet

Nano Technology53 mins ago

A silver lining for extreme electronics

Nano Technology53 mins ago

Simple robots, smart algorithms

Nano Technology54 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

Nano Technology54 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

Crowdfunding58 mins ago

Goldman Sachs Leads $15 Million Series B Round in Coin Metrics

SaaS1 hour ago

SaaS1 hour ago

SaaS1 hour ago

SaaS1 hour ago

SaaS1 hour ago

AR/VR1 hour ago

For National Space Day Watch Episode 1 of Space Explorers: The ISS Experience With Oculus

Techcrunch1 hour ago

80% of the 22 million comments on net neutrality rollback were fake, investigation finds

Nano Technology1 hour ago

Open-source GPU technology for supercomputers: Researchers navigate advantages and disadvantages

Trending