Connect with us

Security

IKEA faces massive phishing attack

Published

on

Cybercriminals exploit a vulnerability in Microsoft Exchange servers to distribute the Qakbot malware.

Global furniture giant IKEA has launched an investigation into an ongoing malware campaign targeting its computer systems. According to company representatives, evidence has been found that points to the compromise of Microsoft Exchange servers.

As reported by Bleeping Computer, which had a letter to IKEA employees, a “full-scale investigation” of the incident is ongoing and there are currently no signs of compromise of customer data. Other organizations, suppliers and business partners of IKEA were affected by the attack.

In a malicious campaign, criminals distributed emails disguised as a real response to an existing chain of letters. E-mail interception is one of the unique identifiers of the current SquirrelWaffle malicious spam campaign. Cybercriminals exploit ProxyShell and ProxyLogin vulnerabilities in Microsoft Exchange servers to distribute Qakbot malware.

The emails may come from allegedly trusted colleagues or third-party companies that the employee has previously interacted with, thereby increasing the likelihood of a socially engineered cyberattack being successful. “Our email filters can identify some of the malicious emails and quarantine them. Because an email can be a response to an ongoing conversation, it’s easy to think that the email filter has made a mistake and quarantine the email. Therefore, until further notice, we have disabled all employees’ ability to move emails out of quarantine, ”IKEA told its employees.

IKEA recommends that employees be extra vigilant when scanning their inbox for phishing emails, especially if they contain seven-digit links at the end.

When visiting URLs in malicious emails, the user will be redirected to download a file named charts.zip containing the malicious Microsoft Excel document. Recipients are prompted to click the “Include Content” or “Allow Editing” buttons, ostensibly to view it correctly. After clicking these buttons, malicious macros will be launched that download the files besta.ocx, bestb.ocx and bestc.ocx from a remote site and save them in the C: Datop folder. OCX files are renamed DL-L Libraries and run with regsvr32.exe to install the payload.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Bitcoin could be hacked by new quantum supercomputers

Published

on

Mark Webber of the University of Sussex, UK, and his colleagues studied how powerful a quantum computer would be needed to crack bitcoin in terms of the number of qubits, or quantum bits equivalent to conventional computational bits.

Every bitcoin transaction must be “confirmed” by a network of miners before it can be added to the blockchain. Each transaction is assigned a cryptographic key during this confirmation process, and cracking the key will allow you to become the owner of those bitcoins.

Transactions are declared and a key is associated with this transaction. There is a finite window of time during which this key is vulnerable, and it varies, but it is usually from 10 minutes to an hour, maybe a day.

Mark Webber

Bitcoin could be hacked by new quantum supercomputers

Webber’s team calculated that it would take a quantum computer with 1.9 billion qubits to break the bitcoin encryption in 10 minutes, and a machine with 317 million qubits to break in an hour. Even taking into account a whole day, this figure drops to only 13 million qubits.

This is encouraging news for bitcoin holders because IBM’s top quantum computer only has 127 qubits, so quantum computers need to become a million times more powerful to threaten the cryptocurrency. And this, according to Webber, is unlikely to happen within the next decade.

Continue Reading

Components

Fingerprint scanner for payment cards. Samsung introduced the industry’s first universal security chip for this purpose.

Published

on

Samsung has introduced what it calls an intelligent multi-functional fingerprint security chip for biometric payment cards. Simply put, this is a chip for implementing a fingerprint scanner on ordinary bank (and not only) cards.

Fingerprint scanner for payment cards.  Samsung introduced the industry's first universal security chip for this purpose.

The chip is called S3B512C. It is EMVCo and Common Criteria Evaluation Assurance Level (CC EAL) 6+ certified and operates in accordance with the latest Mastercard Biometric Evaluation Plan Summary (BEPS) specifications.

The S3B512C combines a fingerprint sensor, Secure Element (SE) and Secure Processor, adding an extra layer of authentication and security to payment cards. S3B512C is primarily intended for payment cards, but can also be used in cards requiring highly secure authentication such as student or employee identification, membership, or building access

Fingerprint scanner for payment cards.  Samsung introduced the industry's first universal security chip for this purpose.

Samsung claims it is the industry’s first all-in-one security chip that reads biometric information with a fingerprint sensor, stores and authenticates encrypted data with a tamper-resistant Secure Element, and parses and processes data with a secure processor. With three key features integrated into a single chip, the S3B512C can help card manufacturers reduce the number of chips needed and streamline their card development processes for biometric payment cards.

.

Continue Reading

Computers

Vulnerability in Dark Souls 3 allows attackers to take over any computer

Published

on

According to Dexerto and The Verge, a hacker discovered a security vulnerability in Windows that was opened using the game Dark Souls 3. It allows attackers to remotely take over and control a computer.

Famous streamers such as The_Grim_Sleeper have heard about the problem personally. In the case of The_Grim_Sleeper, the hacker fired up Microsoft PowerShell and ran a text-to-speech script, criticizing the streamer for his game.

Vulnerability in Dark Souls 3 allows attackers to take over any computer

At the same time, this hacker did not have malicious intent, he only showed a vulnerability and warned FromSoftware developers about the vulnerability that Dark Souls 3 has. FromSoftware studio and publisher Bandai Namco reacted to the discovered exploit. They have temporarily disabled PvP servers for Dark Souls 3 and its predecessors while the security team investigates the vulnerabilities.

It is not yet known when the servers will be back online, but FromSoftware and Bandai have made it clear that they will not restore service until they are reasonably confident that players are safe. Other hackers could use the vulnerability to steal sensitive information and do other harm.

Continue Reading

Most Popular