Archive for January 31, 2018

Dutch Tax Authority and Banks Face DDoS Attacks

The national tax office in the Netherlands and several of the country’s largest banks were hit by a distributed denial-of-service (DDoS) attack on Monday.

The tax office said that its website had gone down for 5-10 minutes after the attack.

ABM Amro, ING, and Rabobank are some of the major banks affected by the DDoS attack which disrupted online and mobile banking services over the weekend.

The attacks led to banks’ services being down for hours at a time.

"We are now working on an alternative access route to the site, it is not yet possible to say how long this will take," Rabobank said.

"Since the big DDoS attack on ING in 2013, everything seemed to be in order. There is now clearly something we need to respond to, and we are discussing this with the banks," a spokesperson from the Dutch central bank, DNB, had to say.

Spokesperson for the Tax Authority, André Karels said that no data had been leaked and that the attack is under investigation by the National Cybersecurity Services.

DDoS attacks work to bring down websites by sending a lot of traffic to one server at the same time. While such attacks itself cannot cause a breach in networks or data to be leaked, they are often used as distractions by hackers trying to penetrate a network.

Coincheck hackers try to move stolen cryptocurrency, company promises refund

Hackers who stole around $534 million worth of cryptocurrency from Tokyo-based Coincheck exchange last week - one of the biggest such heists ever - are trying to move the stolen "XEM" coins- a move believed to be an attempt to make the stolen currency harder to trace- the foundation behind the digital currency said on Tuesday.

The company suspended trading after detecting "unauthorised access" of its digital exchange. NEM Foundation, creators of the XEM cryptocurrency, have traced the stolen coins to an unidentified account, and the account owner had begun trying to move the coins onto six different exchanges where they could then be sold, Jeff McDonald said.

"He is trying to spend them on multiple exchanges. We are contacting those exchanges," said McDonald. He also told Reuters that he couldn't yet determine how much of the stolen coins had already been spent. The location of the hackers' account is also not known.
As many as 10,000 businesses in Japan are said to accept crypto-currencies.

Coincheck, one of Japan's largest digital currency exchanges has said it will refund more than 46 billion yen of the virtual assets to its 260,000 customers using its own capital.

The heist has raised fresh questions about security and regulatory protection in the booming market.

UK Government to Fine Infrastructure Organisations up to £17m for Lax Cybersecurity

Industries running critical infrastructure in the UK will be facing fines as much as £17 million ($24 million), if they fail to put in strong cybersecurity measures as required by the NIS Directive.

NIS covers network and information security to be put into place by 9 May, 2018, and was announced by the UK government on Sunday.

The affected industries include transport, water, energy, and health businesses.

These fines are apparently as “last resort” if any of the above-mentioned businesses fails to follow the cybersecurity guidelines as required by all industries in the EU member states.

The government warned that a regulator will be able to assess the cybersecurity infrastructure of the country's critical industries and will have the power to issue legally-binding instructions to make sure the security is up to its mark — including imposing fines.

The Directive’s objectives are outlined as to manage security risk, ensure protection against cyber attacks, detecting cybersecurity events, and minimising the impact of cybersecurity incidents.

"We want our essential services and infrastructure to be primed and ready to tackle cyber attacks and be resilient against major disruption to services. I encourage all public and private operators in these essential sectors to take action now and consult NCSC's advice on how they can improve their cybersecurity,” said Margot James, Minister for Digital and Creative Industries.

According to the government, they are working on a “simple, straightforward reporting system” where it will be one can easily report cyber breaches and IT failures so they can be quickly identified and acted upon.

The National Cyber Security Centre (NCSC) website states that the first iteration of the Cyber Assessment Framework (CAF) will be available by the end of April 2018.

Hackers using Phishing pages to strike down websites

Phishing pages, of late, have become an easy resort for the cyber hackers to strike millions of websites across the globe. The experts engage in dealing with these hackers in Netcraft confirmed it after encountering hundreds of such pages hosted in a folder/.well-known/.as they logged on to the websites since it serves as a Uniform Resource Identifier (URI) path for the users to get into the details of the policies.

Normally, the users keep browsing through the directory to own up a domain since they get to know the required information to host the domain.

According to the experts, the attacks of the kind with /.well-known/ in the directory is made available on the sites which support HTTPS only.

A phishing page is kept hidden in /.well-known/ since the folder is easily available in many websites without the active support in the administrator's system.

A dot in the directory’s name was believed to have provided the experts huge clue to the nefarious network. Since all the folders and files have start mark as “.” lS command is not visible. These hackers have no dearth of designs to strike as they have deployed subdirectories /pki/ validation/./acme-challenge to ensure that the phishing pages are not easily found out.

Those dealing with these cyber hackers find it quite tough to discover the way the nefarious hackers could hijack the websites with these phishing pages.

Most of them have concluded that only the shared hosting platforms are vulnerable to be misused since the file permissions on the directories are permissive which permits a portal to upload content on somebody else’s website.

The Team8 Portfolio Company, comes Out of Stealth and launches its First Product upon a Disruptive Hybrid Architecture

The Israeli cyber security company Hysolate founded by President Tal Zamir, a veteran of an elite Israeli cyber unit and the former Research and development leader in Wanova, Dan Dinnar, former CEO of HexaTier and executive sales officer at CyberArk Programming, has recently made the news for raising around $8 million, led by the cuber security foundry Team8 and Eric Schmidt's Innovation Endeavors.

In light of the rising number of cyber threats the Team8 portfolio organization, has at last left stealth and instituted its first product.

There have been occasions that have in some way or the other found a way to keep the enterprises indentured to regularly attempt to lock down user devices, keeping the users from fully browsing the web, installing in new applications, interfacing USB devices or communicating adequately with the 3rd parties or the cloud.

In different cases, enterprises are made to embrace an "air gap" security display or model that requires the clients to really carry two laptops: one unhindered laptop for full internet use and another entirely restricted laptop for favoured corporate access. While this significantly enhances security, efficiency or in yet other words productivity is additionally corrupted. This however never fails to further frustrate the employees and fundamentally brings about the abatement of efficiency.

Hysolate, while keeping up the most elevated level of security, enables enterprises to run various next to each other working system on a solitary workstation, giving a consistent experience to the end-users. The start-up is known for building its stage upon an option "hybrid" design that disposes of these difficulties.

Zamir said, "While we are proud to introduce Hysolate, what excites us even more is that we are creating game-changing comprehensive security architecture for endpoints. The feedback we have received from our first customers - who include some of the worlds most respected and well-known brands - over the last year has been overwhelmingly positive, and we look forward to rapidly expanding our customer and partner base over the next year."

Indeed, even Nadav Zafrir, Co-Founder and CEO of Team8 concurs that while most enterprise security products concentrate on security first and users last, Hysolate is "secure-by-design", guaranteeing no compromise on both security and user experience. What's more, he additionally adds that since its beginning, the Hysolate group has far surpassed their expectations.

Hysolate, as of now is even working with some of the biggest enterprises in the world, including a few of the world's biggest banks, innovation and technology merchants, money related service providers and other enterprise organizations and remains the fourth company to be launched out of Team8, joining Illusive Networks, Claroty and the recently launched Sygnia.