These attack ways ar valid presumptuous that the target had designed their couple implementation to “fail open”. this can be really quite common, because it is that the default setting. If a system has couple 2FA designed to fail closed and that they lose net property or have problems with DNS, they get utterly barred out of their workstations/servers. this can be not acceptable for about many organizations and so fail open is that the commonest selection.

Wired has an excellent article on China’s APT10 hacking group. Specifically, on how they hacked managed service providers in order to get to their customers’ networks.

HOW CHINA’S ELITE HACKERS STOLE THE WORLD’S MOST VALUABLE SECRETS
https://www.wired.com/story/doj-indictment-chinese-hackers-apt10/

the country’s elite APT10—short for “advanced persistent threat”—hacking group decided to target not just individual companies in its long-standing efforts to steal intellectual property, but instead focus on so-called managed service providers. They’re the businesses that provide IT infrastructure like data storage or password management. Compromise MSPs, and you have a much easier path into all these clients. They’re the super.

“MSPs are incredibly valuable targets. They are people that you pay to have privileged access to your network,” says Benjamin Read, senior manager for cyberespionage analysis at FireEye. “It’s a potential foothold into hundreds of organizations.”

The malware was spread through well-written phishing email trying to impersonate a senior partner of one of the major Brazilian business law firms: “Veirano Advogados”.

Security researchers disclosed new work at the Chaos Communication Congress showing how hackers can bypass vein based authentication.

Devices and security systems are increasingly using biometric authentication to let users in and keep hackers out, be that fingerprint sensors or perhaps the iPhone’s FaceID. Another method is so-called ‘vein authentication,’ which, as the name implies, involves a computer scanning the shape, size, and position of a users’ veins under the skin of their hand.

But hackers have found a workaround for that, too. On Thursday at the annual Chaos Communication Congress hacking conference in Leipzig, Germany, security researchers described how they created a fake hand out of wax to fool a vein sensor.

If you quit Facebook or never joined because of its data collecting practices the odds are good the social network is still tracking you – despite your protest.

Facebook collects data of non-users of its social network via dozens of mainstream Android apps that send tracking and personal information back to the social network. Some of the dozens of apps sharing data with Facebook include Kayak, Yelp and Shazam, according a report presented by Privacy International on Saturday here at 35C3.

Did malware disrupt newspaper deliveries in major US cities? Here’s what’s known about the incident so far and the leading suspect: Ryuk ransomware. Plus, advice on defending your organization against such attacks.

A cyberattack reportedly bearing the signature of Ryuk ransomware caused disruption over the weekend in printing and delivery of major newspapers in the US from Tribune Publishing and Los Angeles Times.

Among the publications affected by the attack include the Wall Street Journal, New York Times, Los Angeles Times, Chicago Tribune, and Baltimore Sun, Lake County News-Sun, Post-Tribune, Hartford Courant, Capital Gazette, and Carroll County Times.

Ryuk ransomware strain came to attention in August 2018 when it was reported to have made over $640,000 in Bitcoin to the group behind it. It is typically used in targeted attacks carried out through phishing, but it could also be planted through insecure remote desktop connections.

An analysis from security company Check Point shows code similarities with Hermes, a ransomware strain attributed to the North Korean hacker group Lazarus.

A statement explaining the incident from Los Angeles Times informs that it was caused by a computer breakdown.

The publication offered more details in a later article where it says that the outage was due to a “malware attack, which appears to have originated from outside the United States and hobbled computer systems and delayed weekend deliveries of the Los Angeles Times and other newspapers across the country.”

Malware attack disrupts delivery of L.A. Times and Tribune papers across the U.S.
https://www.latimes.com/local/lanow/la-me-ln-times-delivery-disruption-20181229-story.html