Quantum Computing: Modern Cryptography
Nethone (acquired by Mangopay)
Know Your Users? to reject only fraudsters
In the September edition of the Fraud Intelligence Report (FIRe), we discuss topics like whaling attacks and data breaches, with a big caution on behavioural fraud detection and the recent fraud techniques and countermeasures that will strengthen your business.
From emerging scams to new trends in fraud, we keep you informed:
Fraud Prevention
Diving Deep Into Quantum Computing: Modern Cryptography
The article from TrendMicro discusses the potential impact of quantum computing on modern cryptography and highlights the need for a shift towards post-quantum cryptography. While current cryptographic approaches can withstand most evolving attacks, quantum computing is powerful enough to undermine even the strongest defences of traditional cryptography. The article outlines the basics of contemporary cryptography, including symmetric and asymmetric cryptography, and explains how businesses need to prepare for quantum-resistant cryptography plans to prevent potential threats such as harvest attacks, where cyber attackers can hoard our network traffic today and decrypt them when quantum computing becomes a reality.
Read more
Have a SAFE ride – Cyber Threats in the Automotive Sector
The article highlights the increasing cyber threats the automotive industry faces as it undergoes rapid digitalization. Cybercriminals target various stakeholders, including original equipment manufacturers (OEMs), suppliers, and third-party service providers, exploiting vulnerabilities in their systems. The threats include remote hacking and unauthorized vehicle access, vulnerabilities in industry-related products, ransomware attacks, data breaches, and distributed denial-of-service (DDoS) attacks.
Read more
What is Behavioral Biometrics? Using Behavioral Data to Fight Account Takeover
The author explains that behavioral biometrics authentication combines machine learning, cognitive biometrics, and user behavior analysis to add an extra layer of protection against identity theft. The article explores various types of behavioral biometrics, such as device-based gestures, voice-based behavior, signature analysis, and kinesethics. It also discusses how behavioral biometrics can be used in industries like e-commerce, banking, and social media to detect fraudulent activity and ensure secure authentication. By leveraging behavioral data, organizations can enhance fraud prevention measures and validate user identities more accurately.
Read more
Privacy Sandbox for the Web reaches general availability
The article announces the general availability of the Privacy Sandbox for the Web on Chrome, marking a significant milestone towards a more private web. The Privacy Sandbox initiative was introduced in 2019 to enhance privacy while providing businesses with the necessary tools. This milestone enables advertising providers and developers to scale the usage of new technologies within their products and services. Additionally, new user controls have been rolled out in Chrome to allow users to manage the use of Privacy Sandbox technologies for personalized ad experiences.
Read more
Why Phishing Takedowns Can Be Hard, and How to Simplify Them
The article highlights the difficulties in removing phishing content from various platforms, such as slow or inefficient responses from platform owners, the vast number of platforms to monitor, obfuscated malicious content, and language barriers. To address these challenges, the article recommends leveraging a phishing takedown service with the expertise, relationships, and technology to expedite takedowns. Partnering with such a service can result in faster response times, shorter takedown durations, and access to experienced analysts specialized in phishing threats.?
Read more
7 Best Practices for Dark Web Scanning
The Dark Web constantly changes, making it difficult for businesses to scan for threats. To perform Dark Web scanning effectively, the article recommends automating the scanning process, employing machine learning and data science techniques, focusing on relevant data, analyzing comprehensive data sources, involving human expertise, integrating and contextualizing threat intelligence, and extending threat intelligence to suppliers. By employing these practices simultaneously, businesses can identify relevant threat information lurking on the Dark Web and incorporate it into their cyber defence strategies.
Read more
Reducing Risk with Third-Party Attack Surface Monitoring
Attackers often target an organisation's supply chain and partners to exploit vulnerabilities. Vulnerabilities can include failure to patch software, security misconfigurations, forgotten assets, and shadow IT. The article introduces Intel 471's Attack Surface Discovery as a solution for scanning and monitoring third-party infrastructures. It emphasizes the importance of using continuous monitoring and alerts, paired with cyber threat intelligence, to detect and mitigate potential security incidents.
Read more
Fraud Tools
SapphireStealer: Open-source information stealer enables credential and data theft
The article on Talos Intelligence's blog discusses SapphireStealer, an open-source information stealer that has gained attention since its release in December 2022. SapphireStealer can steal sensitive information, including corporate credentials, and is used by multiple threat actors who have modified and extended its codebase.
Read more
New phishing tool hijacked thousands of Microsoft business email accounts
The article from The Record highlights the discovery of a phishing tool called W3LL, which has been used by a hacking group since 2017 to target businesses in Europe, Australia, and the US. Sold on an underground marketplace, this sophisticated phishing kit bypasses multi-factor authentication and specifically targets corporate Microsoft 365 accounts. The kit allows attackers to intercept session cookies and has successfully compromised at least 8,000 accounts out of over 56,000 targeted in the past year.
Read more
领英推荐
5 macOS Infostealers Making Waves Right Now
The article from ReliaQuest's blog explains the increasing popularity of macOS Infostealers, or information stealers, among cyber criminals. Infostealers can collect and disseminate information from targeted systems to attackers and have become prevalent in a malware-as-a-service (MaaS) model.
Read more
Malware Persistence via Telegram and GitHub
The article from Sansec's research blog highlights a novel variant of the Magecart skimming script that allows attackers to achieve malware persistence without using disposable domains. Instead, the attackers use a Telegram bot API and a GitHub-hosted infrastructure to load the script, thereby avoiding the need for a dedicated domain, increasing their chances of evading detection, and ensuring sustained malicious activity.
Read more
Fraudulent activities
Threat Actors Continue to Abuse Google Tag Manager for Payment Card e-Skimming
GTM containers, commonly used by e-commerce domains for marketing and website analytics, are being exploited by threat actors to inject malicious scripts that collect payment card data and personally identifiable information. GTM offers attackers advantages, including the ability to update scripts without accessing the victimized website's system and evading detection by whitelisting trusted domains.
Read more
BBTok Banking Trojan Impersonates 40+ Banks to Hijack Victim Accounts
According to an article from Dark Reading, threat actors target banking customers in Latin America with a banking Trojan called BBTok, which impersonates the interfaces of over 40 Mexican and Brazilian banks. The campaign aims to trick victims into providing their two-factor authentication (2FA) codes and payment card details, allowing the attackers to hijack their bank accounts. The attackers employ phishing techniques and advanced obfuscation methods to evade detection, and the fake interfaces used in the campaign are so convincing that they successfully deceive users into divulging personal and financial information.
Read more
Card testing: how it's done and how to prevent it
Card testing involves fraudsters using stolen credit card details to verify the cards' validity before using them for fraudulent purchases. The article explains the process of card testing, including how fraudsters obtain card details from the dark web, test the cards using online stores, and mimic the cardholder's behavior to avoid detection.
Read more
How criminal networks in Sweden use false Spotify streams to launder money
According to a thorough investigation by Svenska Dagbladet (SvD), criminal networks in Sweden have been using Spotify to launder money for years. The networks pay for fake music streams by artists associated with the groups, artificially boosting popularity and generating revenue. The money laundering scheme involves purchasing Bitcoin through cash transactions using the cryptocurrency to pay for fake streams via Telegram contacts known as "Telegrambots." The increased streams enhance rankings and legitimacy, leading to real payouts from Spotify, effectively laundering the illegally obtained funds. While Spotify has been cracking down on bot streaming, this method remains profitable for dealing with substantial sums.
Read more
Nearly 15,000 accounts raided at automaker sites to harvest vehicle IDs, report says
The recent report from cybersecurity firm Kasada reveals that cybercriminals have been using automated account takeover techniques to breach customer accounts at multiple large automakers. These attackers then harvested sensitive data, including vehicle information such as make, model, registered user, address, and vehicle identification number (VIN). The stolen data was being offered for sale in private Telegram channels, with about 15,000 compromised accounts available for purchase at approximately $2 per account.
Online Warfare
The 'game-changing' attitude behind a very creative dark web takedown
The article describes the collaborative efforts of the Netherlands' National High Tech Crimes Unit in the takedown of Hansa, once Europe's largest dark web market. The operation involved a combination of traditional police work and technical expertise, where a group of officers took over the site and ran it from the inside, setting up cyber traps. The success of this operation was attributed to the team's unique structure, composed of experienced officers and computer specialists.
Read more
Report
Cyber Threat Intelligence Index: 2023 Midyear
The article on the Flashpoint blog discusses their Cyber Threat Intelligence Index 2023 Midyear Report, which provides insights into the states of ransomware, vulnerability, data breach, insider threat, and malware intelligence. The report analyzes the most impactful events and threats of 2023 so far, including the activities of ransomware groups, vulnerabilities, stolen records, insider recruiting, and top malware families. The report aims to help organizations build intelligence-led defences and protect their assets.
Read more
If you are interested in first-hand and real-time Darknet insights to help you spot if you are on a fraudster’s radar, go to nethone.com