From the Ground Up - Learning About Computer Security

 The Internet Archive (IA), most notably the "Wayback Machine", has been the victim of several hacks this past year. Starting back in May they suffered their first legitimate service interruption since the site's founding. They suffered a DDoS attack and eventually were victim to a data breach after that too. The group that took responsibility for the attack strangely enough didn't seem to really be trying to achieve a whole lot. They almost seemed to do it just a prove a point that it could be done. The group in question was able to deface part of the website and leave a message in-place saying:  "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP!" Considering the level that they were able to compromise the system to, it is interesting that they didn't (at least that we know of) do more with the compromised data. They wer...

 In this article it talked about the effect cybersecurity spending is having on the industry and whether CISO's felt that they were protecting the companies as well as they could be. Despite a projected spending of upwards of $215 billion globally, companies are still finding that they haven't gotten the protection that they feel they need. This comes down to a belief that that "data-in-motion" is not being monitored as much as it could be. The article also cited that "93% of malware" is hidden in this data too.  It seems that some of the focus going forward will be more on the nitty-gritty packet level analysis to help root out potential problems or hidden malware before it can get into the networks. Source:  CISOs: Throwing Cash at Tools Isn't Helping Detect Breaches

 Hello, I came across this article in my google feed this past week and it caught my eye. It was about a tool that was used to hack "air-gapped" devices. Granted I wasn't familiar with that term until I read this article and then proceeded to look it up in more detail. The tools have been attributed to a group being called "GoldenJackle". The tools involved in the hack included a backdoor under the name "JackalControl", a file collector and exfiltrator, and then a worm facilitates other parts of the attack on the external drive. The attack is described by article as: "The basic flow of the attack is, first, infecting an Internet-connected device through a means ESET and Kaspersky have been unable to determine. Next, the infected computer infects any external drives that get inserted. When the infected drive is plugged into an air-gapped system, it collects and stores data of interest. Last, when the drive is inserted into the Internet-connected de...

 Hello, When reading over articles for a topic this week I can across one that talked about trading apps being used to "lock" people money once deposited, effectively stealing it once deposits are made. I found this fairly interesting as I had first assumed these were apps downloaded from third-party websites. As it turns out though, these apps can come from the Google Play Store (not a huge surprise there) but they can also be on the Apple App Store. I'm not much of an IOS person but I had always believed that their app store was supposed to be fairly secure. The apps appear to be using somewhat legitimate means to get users in but then "lock" them in with withdrawal limitations later on.  From the article:    " Unlike traditional banking trojans (GoldPickaxe, which was discovered in  February 2024), these apps don’t contain explicit malicious code but rather serve as sophisticated deceptions, reads the Group-IB   report . They do so by using “TermsFeed” f...