Categories
Featured

Hospital helpdesks targeted by hackers — US Health Department warns health services are under threat

[ad_1]

The US Department of Health and Human Services (HHS) has issued a warning that hackers are attempting to target the helpdesks of hospitals in order to gain access to critical hospital systems.

The hackers have been observed contacting hospital IT help desks using local area code phone numbers and then pretending to be a hospital employee, providing the helpdesk with stolen identification.

[ad_2]

Source Article Link

Categories
Featured

Linux servers targeted by dangerous espionage malware as Windows threat makes the jump

[ad_1]

A dangerous espionage malware, previously only used against Windows devices, is increasingly being observed on Linux machines, too, experts have warned.

Following earlier reports by ESET and Trend Micro, Kaspersky is now warning of the Dinodas Remote Access Trojan (RAT), signaling the rising popularity of the malware. 

[ad_2]

Source Article Link

Categories
News

Warning: Apple Users Targeted in Advanced Phishing Attack Involving Password Reset Requests

[ad_1]

Phishing attacks taking advantage of what appears to be a bug in Apple’s password reset feature have become increasingly common, according to a report from KrebsOnSecurity. Multiple Apple users users have been targeted in an attack that bombards them with an endless stream of notifications or multi-factor authentication (MFA) messages in an attempt to get them to approve an Apple ID password change.

reset password request iphone
An attacker is able to cause the target’s iPhone, Apple Watch, or Mac to display system-level password change approval texts over and over again, with the hope that the person being targeted will mistakenly approve the request or get tired of the notifications and click on the accept button. If the request is approved, the attacker is able to change the ‌Apple ID‌ password and lock the Apple user out of their account.

Because the password requests target the ‌Apple ID‌, they pop up on all of a user’s devices. The notifications render all linked Apple products unable to be used until the popups are dismissed one by one on each device. Twitter user Parth Patel recently shared his experience being targeted with the attack, and he says he could not use his devices until he clicked on “Don’t Allow” for more than 100 notifications.

When attackers are unable to get the person to click “Allow” on the password change notification, targets often get phone calls that seem to be coming from Apple. On these calls, the attacker claims to know that the victim is under attack, and attempts to get the one-time password that is sent to a user’s phone number when attempting a password change.

In Patel’s case, the attacker was using information leaked from a people search website, which included name, current address, past address, and phone number, giving the person attempting to access his account ample information to work from. The attacker happened to have his name wrong, and he also became suspicious because he was asked for a one-time code that Apple explicitly sends with a message confirming that Apple does not ask for those codes.

The attack seems to hinge on the perpetrator having access to the email address and phone number associated with an ‌Apple ID‌.

KrebsOnSecurity looked into the issue, and found that attackers appear to be using Apple’s page for a forgotten ‌Apple ID‌ password. This page requires a user’s ‌Apple ID‌ email or phone number, and it has a CAPTCHA. When an email address is put in, the page displays the last two digits of the phone number associated with the Apple account, and filing in the missing digits and hitting submit sends a system alert.

It is not clear how the attackers are abusing the system to send multiple messages to Apple users, but it appears to be a bug that is being exploited. It is unlikely that Apple’s system is meant to be able to be used to send more than 100 requests, so presumably the rate limit is being bypassed.

Apple device owners targeted by this kind of attack should be sure to tap “Don’t Allow” on all requests, and should be aware that Apple does not make phone calls requesting one-time password reset codes.



[ad_2]

Source Article Link

Categories
Featured

Python devs are being targeted by this massive infostealing malware campaign

[ad_1]

Cybersecurity researchers from Checkmarx have discovered a new infostealing campaign that leveraged typosquatting and stolen GitHub accounts to distribute malicious Python packages to the PyPI repository.

In a blog post, Tal Folkman, Yehuda Gelb, Jossef Harush Kadouri, and Tzachi Zornshtain of Checkmarx said they discovered the campaign after a Python developer complained about falling victim to the attack. 

[ad_2]

Source Article Link

Categories
Featured

US government warns water services are being targeted in cyberattacks

[ad_1]

The US government has issued a warning to its allies that state-backed hackers from Iran and China are increasingly targeting critical infrastructure, with the most notable attacks against water systems.

The Cybersecurity and Infrastructure Security Agency (CISA) probed a number of Iranian attacks targeting Unitronic programmable logic controllers (PLC) used in water facilities.

[ad_2]

Source Article Link