Monday, July 30, 2018

PowerGhost cryptojacking malware poses a new threat which jeopardizes legitimate cryptocurrency mining

Colleagues, crypto mining remains one of the weakest links in the cryptocurrency ecosystem and in turn a high priority target for cyber criminals. Although not as numerous as personal computers and laptops, corporate servers and workstations typically far more computing power which makes them such attractive targets to cryptojackers. PowerGhost, recently reported by Kaspersky Lab’s is a fileless malware which injects a one-line PowerShell script is run that downloads the miner’s body and immediately launches it without writing it to the hard drive. This malware has been detected in third world countries including Tukey, India, Brazil and Columbia. Malware like PowerGhost is especially a threat to cloud-based computing environments.  Now that the prevalence of the problem has been observed and noted, service providers may wish to extend capabilities they already have to find and flag this content. Bottom line: Cyber criminals relentlessly exploit the weakest point in any ecosystem. Given the meteoric growth of the cryptocurrency ecosystem all participants needs to be equally relentless in keeping their OS and application software up-to-date and installing patches as soon as they are released. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/)  

Wednesday, July 25, 2018

How exposed are traders and investors to Crypto Exchange Fraud?

Colleagues, while cryptocurrency fraud is nothing new, the vast proliferation of exchanges, ICOs and investment funds should send a strong signal to traders and investors alike: Exercise extreme caution and perform 360 degree due diligence before you invest. Yes, many exchanges, ICOs and funds are legitimate. Nonetheless, the recent arrest of Jon Montroll by U.S. authorities in connection with crypto exchange site WeExchange and securities investment platform BitFunder and crypto exchange site WeExchange raise even more red flags. Some of the most common fraudulent tactics taken by crypto criminals include ICOs with no real coins (e.g. HoweyCoins), pump and dump strategies, pyramid and Ponzi schemes and crypto exchanges with questionable track records … at best. The Cryptocurrency Academy offers two baseline recommendations. First, for traders do not deposit personal funds that you are not prepared to loose. Stay with the established top-tier exchanges like CEX.io, Kraken, Coinbase, CoinMama, GDAX (CoinBase Pro) and Paxful. For institutional investors, use trusted investment firms and banks who will perform the due diligence for you – at a cost – however, also provide a much higher level of security and confidence. The growing list of players here include JP Morgan, Goldman Sachs as well as professionally managed crypto funds from the likes of Fidelity, Vanguard and Charles Schwab. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/)  

Friday, July 20, 2018

Will Dark DAO attacks undermine Blockchain delegated “proof of stake” voting and threaten Cryptocurrencies?

Colleagues, decentralized autonomous organization (aka “Dark DAO”) is a clear and present danger to the integrity of Blockchain voting. In an effort to formalize software decision-making process using smart contracts, Blockchain initiatives such as Decred, Tron, Polkadot, Tezos and EOS have used this technique to manage the governance of their code. Dark DAO strategies seek to manipulate the voting process. Low voter turnout gives Dark DAO cyber criminals the upper hand by allowing them to control the decision-making process. Bottom line: Dark DAO places power in the hands of the few which then seek to dominate voter participation. Thus, not only does Dark DAO effect Blockchains, but potentially undermines the cryptocurrencies on which they are based. Mitigation strategies appear questionable at best. More to come on this crucial subject. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/) 

Thursday, July 19, 2018

Has Cryptojacking become the method of choice among cyber criminals?

Colleagues, some 32% of cyber-attacks as of mid-2018 are attributable to crypto mining malware as compared to only 7% of attacks coming from more traditional ransomware. These figures come from SkyBox Security’s 2018 Mid-Year Vulnerability Threat Report. Some analysts believe this shift is due to 1) The dramatic increase in global crypto mining activity, and 2) A trend for victims of ransomware attacks to simply refuse to pay the price – financial or other – demanded by the attacks. Some 21% of cryptojacking attacks are due to the cyber criminals targeting Cisco routers, including the VPNFilter, ASA and Smart Install. How can the top tier mining companies such as Bitmain, Hut 8, Bitfury Mines, Genesis Mining Enigma, Bcause LLC and GigaWatt mitigate this pervasive threat? Start by closely implementing any and all patches - and related tactics - from the Cisco Security Advisories (or other router vendors such as Juniper and Huawei). Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cryptocurrencyacademy.blogspot.com/) 

Monday, July 16, 2018

Russians Indicted in Spear Phishing Attack on US DNC

Colleagues, last Friday Robert Mueller filed charges against Russian hackers tied to cyberattacks on the Democratic National Committee. Assistant Attorney General announced the indictment last Friday (read the full text here). The indictments, were announced by US Deputy Attorney General Rod Rosenstein during a Justice Department press conference on Friday morning. The twelve Russians defendants are a part of Russia's military Intel agency known as the GRU. These so-called "active measures," secret tools of statecraft and Russian is the chief offender. More precisely, the Russians used spear-phishing techniques against unwitting DNC staff as designed and delivered by well-known Russian cyber warfare entity FancyBear. Bottom line: Despite the domestic overtones, the US needs to mount an unprecedented offensive cyber initiative to neutralize and then dismantle Russia’s cyber infrastructure. With the US mid-term elections just months away, such actions are long overdue and the US must make an asymmetric, prolonged offensive against Russia. The sovereignty of the US Constitution and our electoral process lies in the balance. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cryptocurrencyacademy.blogspot.com/)  

Wednesday, July 11, 2018

Do Blockchain Firewalls Represent the Next Generation of Internet Security?

Colleagues, amid the fanfare of R3’s recent launch of the first Blockchain-based firewall the fundamental question is whether Corda Enterprise does in fact represent a new era of improved network and Internet security? Corda states it is able to limit communication between Blockchain nodes operating in different environments, and with different informational needs from their network. in any Blockchain architecture each node uses point-to-point messaging to communicate with other peer nodes. It would be naïve to deploy the Blockchain node in the DMZ with a public IP address. By targeting specific nodes, an attacker can influence how consensuses are reached and possibly even halt the Blockchain operation. To provide additional security to the Blockchain nodes. One technique is to filter network traffic, thus implementing a firewall for Blockchain applications. Cisco projects they can provide access control functionality which can effectively mitigate flooding attacks from multiple sources at simultaneously. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cryptocurrencyacademy.blogspot.com/

Friday, July 6, 2018

Are We Approaching an Era Where Cryptocurrency Transactions Can Increasing Be Tracked?

Colleagues, money laundering, illicit drug transactions and nation-states seeking to side-step trade sanctions have all sought refuge via the use of cryptocurrencies. However, the emerging crypto world order may in fact be an era in which such transactions can in fact be tracked. The cyber security struggle between good and evil is playing out before our eyes as central banks (e.g. US Federal Reserve) and regulatory entities (e.g. the US SEC) seek the upper hand against crypto cyber criminals. Firms such as CipherTrace, Chainanalysis and Bitfury are introducing tools designed to gain insight into crypto transactions. Bottom line question: Which side of the crypto privacy vs. transparency ecosystem will succeed? The Cryptocurrency Academy predicts that not unlike other cybercrime and warfare, this will be a long-term dilemma whereby each side develops new technologies and tactics that the other will thwart or mitigate. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/)  

Tuesday, July 3, 2018

Can a $2m Incentive Help Buglab Enhance Cryptocurrency Exchange Security?

Colleagues, the Coincheck, Bitgrail, Coinsecure and Coinrail cryptocurrency exchanges have all fallen victim to cybercrime thefts in 2018 alone. So what can be done to increase exchange security and bolster both crypto trader and investor confidence? Well, our friends at Buglab holding a hacking contest to uncover vulnerabilities in their platforms with a $2m BGL token prize. They are an Ethereum-based platform which helps exchanges around the globe resolve security weaknesses in digital solutions such as web apps, DAPPS, smart contracts and IoT. Major software and IT vendors such as Google, Apple and Microsoft commonly hold such security bake-offs to stress-test the integrity of their solutions. Crypto exchanges are often believed to be the weakest link in the emerging cryptocurrency ecosystem. The key question is which bugs can be identified combined with strong mitigation techniques? Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cybersecuritydefender.blogspot.com/

Monday, July 2, 2018

Mitigating the Voracious PythonBot Adware Browser Extensions

Colleagues, the infamous PythonBot or PBot adware was first identified in 2017, yet since then the malware has evolved and its creators have been trying different money-making schemes to profit themselves based upon research from security software vendor Kaspersky Labs. The PythonBot adware, aka MinerBlocker, then uses this data with the intent of getting users to install various different types of advertisement-supported programs or to cause browser redirects to websites with the same topics the users are interested in. This technique is called behavioral advertising.  Both MalwareBytes Labs and UninstallandRemoveIt have issued detailed mitigation procedures which we highly recommend both individual and corporate computer users closely follow. Share your assessment while visiting us today! Lawrence – Cyber Security Defender (https://cryptocurrencyacademy.blogspot.com/)