Category Archives: Amazon

Smashing Security #065: Cryptominomania, Poppy, and your Amazon Alexa

Smashing Security #065: Cryptominomania, Poppy, and your Amazon Alexa

Cryptomining goes nuclear, YouTube for Kids gets scary, and TV ads have been given the green light to mess with your Amazon Alexa.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Maria Varmazis.

For YouTube Stars, Influencers: More Risk of Hacks after Octoly Breach

Octoly, the Paris-based agency for online “influencers” apologized following the leak of sensitive and personally identifying information on 12,000 clients. But clients were furious they were not informed by the company first and researchers warn that those exposed could face increased risks of both online and offline harm.  The firm...

Read the whole entry... »

Related Stories

Amazon surpasses Google to become the world’s most valuable brand

Amazon is the world’s most valuable brand, overtakes Apple and Google

Amazon, the e-commerce giant, has raced ahead of last year’s number one, Google, to become the world’s most valuable brand, according to the latest Brand Finance Global 500 report for the year 2018.

Amazon’s brand value has increased by 42% year-on-year to $150.8 billion (£106.3 billion). Moving beyond the digital space, Amazon acquired Whole Foods for US$13.7 billion last year that gave the brand a foothold in the business of bricks and mortar. While Amazon is present in shipping, music and video streaming, there is also industry speculation on an impending bank acquisition in 2018.

Speaking of Amazon’s dominance, David Haigh, Chief Executive Officer of Brand Finance commented, “Jeff Bezos once said that ‘brands are more important online than they are in the physical world’. He has proved himself right by choosing the name Amazon, known as the largest, most powerful river in the world, as 23 years later the Amazon brand carries all before it as an unstoppable force. The strength and value of the Amazon brand gives it stakeholder permission to extend relentlessly into new sectors and geographies. All evidence suggests that the amazing Amazon brand is going to continue growing indefinitely and exponentially.”

Defending its number two ranking is Apple, whose brand value shot up by 37% to $146.3 billion. However, the report’s authors described its future as “looking bleak.”

“Apple has failed to diversify and grown overdependent on sales of its flagship iPhones, responsible for two thirds of revenue,” the report said. “With the advent of emerging world brands like Huawei, Apple’s increasing focus on what are effectively luxury products may cost the brand a fair share of the global mass market, limiting the potential for brand value growth.”

Meanwhile, Google came in at a (relatively) distant third with a modest 10% increase in brand value to $120.9 billion. “Google is a champion in internet search, cloud and mobile OS technology but, similar to Apple, its focus on particular sectors is holding it back from unleashing the full potential of its brand,” the report authors said.

Climbing two positions was the South Korean tech giant, Samsung at number four, whose brand value rose by 39% to $92.3 billion. On the other hand, social networking giant, Facebook climbed from ninth to fifth spot, with its value up by 45% to $89.7 billion.

This is the first time since the inception of the Brand Finance Global 500 study in 2007 that all top five companies in the table are from the technology sector.

The most valuable brands list continues to include telecom firms like AT&T, and Verizon, alongside retail giant Walmart, and China’s ICBC bank.

Of the world’s top brands, 42% are based in the U.S., followed by China at 15%, then Germany and Japan, both at 7%.

 

 

The post Amazon surpasses Google to become the world’s most valuable brand appeared first on TechWorm.

Daily Analysis: Continued Bond Rout Weighs on Stocks amid Crypto Bloodbath

Friday Market Recap Asset Current Value Daily Change S&P 500 2762 -2.12% DAX 12,785 -1.65% WTI Crude Oil 65.14 -1.14% GOLD 1333.00 -0.98% Bitcoin 8505 -4.12% EUR/USD 1.2461 -0.32% A very busy day indeed… Traditional financial markets had one their busiest days in recent memory, as stock markets spiraled lower throughout the session, with the […]

The post Daily Analysis: Continued Bond Rout Weighs on Stocks amid Crypto Bloodbath appeared first on Hacked: Hacking Finance.

Smashing Security #062: Tinder spying, Amazon shoplifting, and petrol pump malware

Smashing Security #062: Tinder spying, Amazon shoplifting, and petrol pump malware

Your Tinder swipes can be spied upon, Amazon is opening high street stores that don't require any staff, and Russian fuel pumps are being infected with malware in an elaborate scheme to make large amounts of money.

With Carole on a top secret special assignment, it's left to security veteran Graham Cluley to discuss all this and much much more on the "Smashing Security" podcast with special guests David McClelland and Vanja Švajcer.

Spectre/Meltdown patches had a significant impact on SolarWinds’s AWS infrastructure

Analysis conducted by SolarWinds on the impact on the performance of the Spectre/Meltdown patches on its own Amazon Web Services infrastructure revealed serious performance degradation.

SolarWinds, the vendor of IT Management Software & Monitoring Tools, has analyzed the impact on the performance of Meltdown and Spectre security patches on its own Amazon Web Services infrastructure.

The results are disconcerting, the company has graphically represented the performance of “a Python worker service tier” on paravirtualized AWS instances.

The CPU usage jumped up to roughly 25% just after Amazon restarted the PV instance used by the company.

“As you can see from the following chart taken from a Python worker service tier, when we rebooted our PV instances on Dec 20th ahead of the maintenance date, we saw CPU jumps of roughly 25%.” states the analysis published by SolarWinds.

 

The company also monitored the performance of its EC2 instances noticing a degradation while Amazon was rolling out the Meltdown patches.

“AWS was able to live patch HVM instances with the Meltdown mitigation patches without requiring instance reboots. From what we observed, these patches started rolling out about Jan 4th, 00:00 UTC in us-east-1 and completed around 20:00 UTC for EC2 HVM instances in us-east-1. ” continues the analysis.

“CPU bumps like this were noticeable across several different service tiers:”

Summarizing, the packet rate drops up to 40% on its Kafka cluster, while CPU utilization spiked by around 25 percent on Cassandra.

The deployment of the patches had also some positive effects, CPU utilization rates decreased. The company issued an update on Jan 12, 2018.

“As of 10:00 UTC this morning we are noticing a step reduction in CPU usage across our instances. It is unclear if there are additional patches being rolled out, but CPU levels appear to be returning to pre-HVM patch levels.” states the firm.

Pierluigi Paganini

(Security Affairs – Meltdown patches, Amazon)

The post Spectre/Meltdown patches had a significant impact on SolarWinds’s AWS infrastructure appeared first on Security Affairs.

Netflix and Amazon join hands with Hollywood studios to fight piracy against Dragon Media

Netflix, Amazon and Hollywood studios accuse Dragon Media of copyright infringement, sue the Dragon Box streaming device seller

Netflix and Amazon along with several major Hollywood studios like Universal, Columbia, Disney, 20th Century Fox, Paramount and Warner Bros on Wednesday filed a lawsuit against Dragon Media for facilitating piracy on a huge scale.

Dragon Media, a Carlsbad, Calif.-based company, is accused of offering its Dragon Box, a streaming media box that comes pre-loaded with customized open-source Kodi software, which can be used to access pirated content and facilitate mass copyright infringement.

For those unaware, Kodi is a free and open-source cross-platform software media player and entertainment hub. It works as a centralized media center that allows you to access all of your digital audio, movies, TV shows, music collection and photo library from a single, convenient place. The content can be accessed whenever and wherever you are. You can run it on televisions and set-top boxes and streaming devices.

According to the lawsuit filed in U.S. District Court in Central District of California, Dragon Media urges their customers to use Dragon Box for watching copyrighted movies and TV shows. It advertises its products by encouraging users to stop paying for authorized subscription services and “Watch your Favourites Anytime For FREE”, “Get rid of your Premium Channels … (and) Stop paying for Netflix and Hulu,” the lawsuit says.

“Dragon Box uses software to link its customers to infringing content on the Internet,” the studios said in their 23-page complaint. “The Dragon Media application provides Defendants’ customers with a customized configuration of the Kodi media player and a curated selection of the most popular addons for accessing infringing content,” the lawsuit states.

“These addons are designed and maintained for the overarching purpose of scouring the Internet for illegal sources of copyrighted content and returning links to that content. When Dragon Box customers click those links, those customers receive unauthorized streams of popular motion pictures and television shows.

“When used as defendants intend and instruct, Dragon Box gives defendants’ customers access to multiple sources that stream plaintiffs’ copyrighted works without authorization,” the complaint added.

The lawsuit further alleges, “The commercial value of Defendants’ Dragon Box business depends on high-volume use of unauthorized content through the Dragon Box devices. Defendants promise their customers reliable and convenient access to all the content they can stream and customers purchase Dragon Box devices based on Defendants’ apparent success in delivering infringing content to their customers.”

The streaming boxes in recent months have become the main target for copyright enforcers, including the Alliance for Creativity and Entertainment (ACE), an anti-piracy partnership between Hollywood studios, Netflix, Amazon, and more than two dozen other companies that have come together to fight piracy around the world.

A similar complaint was filed by the same studios had filed in October last year against TickBox, a company based in Georgia, US, which sells the TickBox TV gadget.

With this lawsuit, the future of Dragon Media has suddenly become uncertain. However, at the time of writing, the Dragon Box website is still active and the company has not yet responded on the accusations.

The lawsuit has named Dragon Media Inc. owner and President Paul Christoforo and Dragon Box device distributor Jeff Williams as the defendants. Further, the movie studios have asked the California District court for an injunction to shut down the infringing service along with an injunction against Dragon Media, Christoforo and Williams, and up to $150,000 in statutory damages.

Source: TorrentFreak

The post Netflix and Amazon join hands with Hollywood studios to fight piracy against Dragon Media appeared first on TechWorm.

Tech-Thankful: 10 Ways Technology Empowers Our Parenting Today

thankful for technologyHave you taken a moment to reflect and collect a list of the things for which you are grateful this year? Here’s a kickstart: Imagine your life without _________________. Then, give thanks for those things.

Once you get started on your list, you may have trouble stopping simply because it’s human nature to pay more attention to life’s pain points. This means too often the good stuff of life — the stuff that makes it so sweet — quietly passes us without garnering its due applause.

One of those good things we may take for granted is technology.

As much as we naturally ferret out the potential dangers tech brings, for every one negative, we’re thankful that countless positives flood that equation. Face it. We’re plugged-in, click-happy, smartphone parents who have a lot to be grateful for — namely the way technology has revolutionized parenting.

What would life look like without the internet? How about the world minus that Smartphone? And what would our day look like without our kid tracking, fitness, social, or map apps? With technology comes opportunity; the opportunity for smarter working, living — and parenting.

10 pieces of technology that empower parenting

  1. The internet. Wow, where do we begin? The internet has put the world at our fingertips and given our parenting experience a million new dimensions. Just to name a few perks: Shopping, crowdsourcing, collaboration, cloud computing, innovation, communication, philanthropy, education, entertainment and the list goes on. For the infinite positives and added scope of knowledge, this has added to our life; we are beyond thankful.
  2. Facetime. Can’t get home for the holidays? Isn’t it amazing that we can facetime with friends and family all over the world? Don’t forget to fire up your smartphone or Skype this holiday and connect in real time with the ones you love (no texting!). Technology like this makes all the difference sometimes.
  3. Pinterest. Many of us will hover over the stove this week, smartphone in hand, as we follow a new, rock star recipe found on Pinterest. In just a click, Pinterest helps with any life hack imaginable making us instantly more confident as we tackle new skills alongside a community of pinners around the world.
  4. Tracking apps. If you’re a parent of a tween or teen tracking or location apps, have spared you more than a few grey hairs. Can’t find your child? No worries, a tracking app will keep you connected 24/7. And, we all know what happens if they turn off their location . . . phone privileges get zapped. Add to this anti-anxiety mix, the handful of apps that keep kids from texting and driving.
  5. Facebook. Okay, this one brings all kinds of issues — addiction, bullying, narcissism, hate speech, and the list goes on — however, let’s rest our attention the genius of Facebook for just a moment. Arguably, this pioneering social network has done more to shrink the world and amplify connectivity than any other tech tool. We’re now connected instantly to everyone from childhood friends, to new friends, to aging parents at any time of the day or night. Facebook’s influence, reach, and power, as a resource, is endless. For that, we’re taking a moment to be thankful.
  6. Amazon. This one site has radically changed the way we purchase and make buying decisions for our family. Amazon has saved us countless hours of travel, shopping time, and the dreaded time and cost of returns — who isn’t grateful for those helpful (verified) consumer reviews? Along with Amazon, we can now add countless grocery, restaurant delivery, meal services, and car shuttle services to our technology Thanksgiving list.
  7. Safeguards. Filtering and security tools come in many shapes and sizes these days. From software packages to network security built into products, the consumer’s safety and security are now at the forefront of many minds. Without intentional safeguards, it would be impossible to enjoy the power of our technology. We’re also grateful for the battalion of watchdogs, companies, and innovators committed to keeping technology and the internet a better place to be.
  8. EBooks. If you grew up in love with the library or running to the mailbox to see if your book of the month arrived, the avalanche of reading material now available with one click deserves its own parade. Is there anything more gratifying than seeing a young child reading a book on his or her tablet or a teenager engrossed in a reading site? Books, and the knowledge they carry, continue to shape us — now more than ever — thanks to technology. Along with books, we can celebrate the many, many free educational resources online that make learning (and helping our kids learn) so much more exciting for kids and parents.
  9. Wi-Fi and data. This bit of technology has revolutionized the way we work, which in turn, has dramatically impacted our families. Many parents now enjoy flexibility making the elusive work-life balance more possible than ever. The opportunities for our children in their work choices have also expanded thanks to technology.
  10. Google. Google has empowered parents everywhere to step into shoes that sometimes feel way too big. Can’t answer the tough ones like “How do planes stay in the sky?” or “Why can’t the government just print more money and get out of debt?” No worries! Just Google it and come off as a superhero every time. Adding to our superhero parenting skills are the amazingly informative and empowering YouTube and HowItWorks where we can become pros on any topic in a matter of minutes.

No doubt technology comes carrying a bucketful of concerns that can easily keep any parent up at night. But for this moment of reflection, it’s clear — we love our tech, we’re better for it, and this moment of applause is long overdue. Have a wonderful, rest-filled, tech-thankful holiday!

The post Tech-Thankful: 10 Ways Technology Empowers Our Parenting Today appeared first on McAfee Blogs.

IcedID – New Banking Trojan targets US-based companies with web injects

The malware research team in the UAB Computer Forensics Research Lab is widening its horizon and is always on the look out for new malware families. While researching new malware families, Arsh Arora, Ph.D. Candidate at UAB, found some chatter about the new banking trojan IcedId.  Although ransomware is the most discussed malware in the press for many financial institutions the most feared malware type is the Banking Trojan. The objective of most banking trojans is to steal banking credentials and eventually steal the money from account holders.

IcedID Banking Trojan 

IBM X-Force discovered a new banking trojan IcedID that was first detected in September 2017. It is known as modified version of the Zeus Trojan. The following trojan spreads by Emotet worm which is able to spread from machine to machine inside a network via weak administrator passwords.

One of our malware research team members, Shawn Sharp,  decided to dig into this malware. IBM had already provided a detailed explanation of the infection part, so we decided to take a different approach and focused on analyzing the web injects on a number of websites.

The sample used to test was:

MD5 - a6531184ea84bb5388d7c76557ff618d59f951c393a797950b2eb3e1d6307013

Virus Total Detection - 49/67. The sad part is that only 1 of the 49 detection named it IcedID, which commonly happens when marketing departments name malware. (The only company to call it IcedID was ALYac, the anti-virus product from ESTSecurity Corp in Seoul, Korea.  ESET, Microsoft, and TrendMicro all call this a sample of Fareit malware.)

When Shawn launched the process, it didn't trigger on its own but a browser had to be launched to activate the banking trojan. 

Fig. 1: Activation of Banking Trojan IcedID
Once the trojan was activated, following financial institution strings were found in the memory of the running sample when checked through Process Hacker.

bbt
jpmorgan
americanexpress
bankofamerica
tdbank
chase
citigroup
discover
ebanking-services
etrade
citi
adp
usaa
wellsfargo

When we visited a few of these websites and provided them fake credentials, the webinject process modifies the user experience by asking the website visitor for extra details. It is noteworthy that these changes to the page happen in browser memory, meaning that the "https:" and "Secure" labels are still present, even though the page has been altered.   

Amazon - 

Fig. 2: Amazon Web-Inject asking for card number

Although we really are at Amazon.com, the malware is causing our browser to ask us for the details of our credit card!

Chase

Fig. 3: Chase Web-Inject asking for additional details
The malware makes Chase's website appear to ask us for not only our Card Number and Expiration Date, but also our CVV and PIN!

Citi

Fig. 4: Citi Web-Inject asking for additional details
Machines infected with IcedID will also ask for these details after a login attempt at Citi.com!

Discover

Fig. 5: Discover Web-Inject asking for additional details
The Discover.com website asks for card details, but also our Date of Birth and the last four digits of our Social Security Number!

Researchers will be diving in deep and try to reverse engineer the binary for additional information. Stay tuned for more updates.  In the meantime, if you hear of a friend complaining that their bank is asking them for too much information -- it may mean that they are infected with malware!




Malware spam: "Invoice RE-2017-09-21-00xxx" from "Amazon Marketplace"

This fake Amazon spam comes with a malicious attachment: Subject:       Invoice RE-2017-09-21-00794 From:       "Amazon Marketplace" [yAhbPDAoufvZE@marketplace.amazon.co.uk] Date:       Thu, September 21, 2017 9:21 am Priority:       Normal ------------- Begin message ------------- Dear customer, We want to use this opportunity to first say "Thank you very much for your purchase!"

Cyber Security Roundup for July 2017

Apologises for the delay in this month's Cyber Security Roundup release, I been away on holiday and taking a breach for monitor screens and keyboards for a couple of weeks.

The insider threat danger manifested at Bupa where an employee stole and shared 108,000 customer health insurance records. Bupa dismissed the employee and is planning to take legal action. The Bupa data breach was reported both to the FCA and the ICO, it remains to be seen if the UK government bodies will apportion any blame onto Bupa for the data loss. 

The AA was heavily criticised after it attempted to downplay a data compromise of over 13 gigabytes of its data, which included 117,000 customer records. The AA’s huge data cache was incorrectly made available online after an AA online shop server was “misconfigured” to share confidential data backup files.

A customer databreach for the World Wrestling Entertainment (WWE) should serve as a stark warning for businesses to adequately assure third parties and to secure hosted cloud systems. Three million WWE fan records were compromised after a third party misconfigured a cloud hosted Amazon server used by the WWE online shop.

The aftershock of Peyta \ NotPeyta rumbles on with, with malware still reported as disrupting firms weeks after the attack. There there are claims the mass media coverage of the attack have improved overall staff cyber security awareness.

It was found that over 1.6 million NHS patient records were illegally provided to Google's artificial intelligence arm, DeepMind, without patient concern meant the NHS and Google have breached the Data Protection Act.

A 29 year old British hacker named as Daniel K, but better known by his hacker handle "BestBuy" or "Popopret" admitted to hijack of 900,000 Deutsche Telekom routers in Germany after he was arrested at Luton airport in February. He said he made "the worst mistake of my life" when he carried out a failed attack in November for a Liberian client who paid him 8,500 Euros to attack the Liberian's business competitors. BestBuy used a variant of the Mirai malware to take advantage of a security vulnerability in Zyxel and Speedport model routers which were used by Germany Internet Service provider, with his intention to increase his botnet, and so the scale of DDoS attacks he could perform on behalf of clients.

A document from the National Cyber Security Centre (NCSC) was obtained by Motherboard and was verified by the BBC with NCSC as being legitimate. The document states some industrial software companies in the UK are "likely to have been compromised" by hackers, which is reportedly produced by the British spy agency GCHQ. The NCSC report discusses the threat to the energy and manufacturing sectors. It also cites connections from multiple UK internet addresses to systems associated with "advanced state-sponsored hostile threat actors" as evidence of hackers targeting energy and manufacturing organisations.

UniCredit Bank had over 400,000 customer loan accounts accessed through a third party. This is the second security breach at the Italian bank in a year.

Finally this blog was awarded with the Best Technology Blogs of 2017 by Market Inspector and by Feedspot this month.

NEWS
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
REPORTS