Welcome Guest | Sign In
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
IoT Could Become Playground for Botnets Gone Wild
October 6, 2016
The source code for Mirai, the malware behind the botnet that launched a massive attack on the Krebs on Security website -- the largest DDoS attack on record -- has been released in the wild, according to Brian Krebs. A hacker who goes by the handle "Anna-senpai," apparently because of increased scrutiny from the cybersec industry, last week announced the release on Hackforums, Krebs said.
Feds Probe Alleged Phone Hacks as Election Fears Surge
October 4, 2016
Federal authorities have been investigating reports that hackers targeted the mobile phones of a handful of Democratic Party staffers. The news follows a series of breaches in recent months that revealed emails and other personal information of party staffers and other Democratic officials. The FBI has launched an investigation into the attacks, which may be linked to Russia.
Hacking Elections Is Easy, Study Finds
September 30, 2016
It's no longer a question whether hackers will influence the 2016 U.S. elections -- only how much they'll be able to sway them. Leaked emails already have cost a Democratic Party chairperson her job, and the FBI last month issued a flash warning that foreign cyberadversaries had breached two state election databases. Those two states -- most likely Arizona and Illinois -- aren't alone.
Cisco Battles Shadow Broker Exploits
September 28, 2016
Cisco has swung into action to combat a hacker group's exploitation of vulnerabilities in its firmware. The group, known as the "Shadow Brokers," released online malware and other exploits possibly stolen from the Equation Group, which is believed to have ties to the U.S. National Security Agency. Cisco earlier this month disclosed the vulnerability, even though patches were not yet ready.
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
Election Season Spawns Scams With Political Twist
August 30, 2016
Dirty tricks during political campaigns are nothing new, but the Internet and the proliferation of mobile devices have allowed tricksters to up their games a notch. It came to light last week, for example, that Donald Trump's campaign app was hoovering the address books on his supporters' phones. Trump's app wasn't doing anything illegal. It wasn't even trying to hide what it was doing.
Apple Speeds iOS Patch to Bring Down Pegasus
August 26, 2016
Apple on Thursday issued a patch that addresses three recently discovered critical iOS zero-day vulnerabilities, and advised users to update their systems immediately. State-sponsored actors exploited the flaws to target United Arab Emirates human rights defender Ahmed Mansoor, and a Mexican journalist who reported on government corruption. Researchers have dubbed the flaws "Trident."
Super-Sophisticated Spyware Spotted After 5-Year Run
August 16, 2016
Symantec and Kaspersky Lab last week separately announced the discovery of a highly sophisticated APT that had eluded security researchers for at least five years. A previously unknown group called "Strider" has been using Remsec, an advanced tool that seems to be designed primarily for spying. Its code contains a reference to Sauron, the main villain in The Lord of the Rings.
Russia Plays the Cybervictim Card
August 11, 2016
Russia's FSB recently reported that it found a cyberspying virus in the computer networks of more than 20 state authorities and defense contractors. The claim that malware has infected various government and defense companies came in the midst of a flurry of accusations that Russia has engaged in cyberattacks against U.S. targets in an effort to impact the presidential election.
900 Million Androids Could Be Easy Prey for QuadRooter Exploits
August 9, 2016
Four newly identified vulnerabilities could affect 900 million Android devices, Check Point researchers disclosed. The vulnerabilities, which the researchers dubbed "QuadRooter," affect Android devices that use Qualcomm chipsets. They exist in the chipset software drivers. The drivers, which control communications between chipset components, are incorporated into Android builds.
Old Tech Can Create New Security Woes
August 3, 2016
"Patch your systems in a timely manner" is a mantra of security experts, but what happens when the patch well runs dry because a product's maker no longer supports it? That is a situation facing many large enterprises, and it's one that poses security risks. Between 30 percent and 50 percent of the hardware and software assets in the average large enterprise have reached their end-of-life date.
Public-Private Team Leads Assault on Ransomware
July 28, 2016
Ransomware has become a scourge on the Internet -- but two information security companies, along with a pair of law enforcement agencies, this week launched an initiative to do something about it. No More Ransom is the centerpiece of a collaborative effort involving Kapersky Lab, Intel Security, the Dutch National Police and Europol. The new portal aims to educate the public about ransomware.
Civil Rights Office Issues Ransomware Guidance
July 22, 2016
Ransomware infections are on the rise, and healthcare organizations are ripe targets, which may be why the federal government addressed the subject last week. Ransomware attacks have risen from about 1,000 a day last year to 4,000 a day this year, Symantec has reported. Many of those attacks are for small change, but some of the larger ones have been directed at healthcare providers.
The Internet of Medical Things, Part 3: Safety First
July 20, 2016
Though quick to capitalize on connected health devices and the coming Internet of Medical Things, hardware manufacturers may be moving too slowly when it comes to building the necessary protections into the back end. The National Security Agency last month told participants in a defense technology summit in Washington that it was looking into hacking connected medical devices.
Mobile Ransomware Has Mushroomed: Report
July 8, 2016
The number of mobile ransomware victims across the globe has increased fourfold compared to a year ago, suggests a Kaspersky Lab report. Kaspersky software protected 136,532 users targeted by ransomware from April 2015 to March 2016 -- up from 35,413. "The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend," the report notes.
HummingBad Mucks Up Android's Works
July 6, 2016
More than 85 million Android devices worldwide have been taken over by the Yingmob, a group of China-based cybercriminals who created the HummingBad malware, according to Check Point. HummingBad establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps. HummingBad reportedly has been generating revenue of $300,000 a month.
Crime Pays: Ransomware Bosses Make $90K Annually
June 14, 2016
If crime doesn't pay, Russian ransomware bosses wouldn't know it. The average Russian ransomware boss makes $90,000 a year -- or 13 times the average income for citizens in the country who stick to the "straight and narrow," according to a recent Flashpoint study. What does a ransomware honcho do for those rubles? Basically, the job calls for supporting and maintaining the malware.
Twitter Users Snared in Dark Web's Brisk Password Trade
June 10, 2016
Data stolen from more than 32 million Twitter users has been offered for sale on the dark web for 10 bitcoin, or around $5,800, LeakedSource reported Wednesday. LeakedSource has added the account and email information to its searchable repository of compromised credentials. The data set came from someone who has been connected to other large collections of compromised data.
Banking Trojans Take Backseat to Ransomware
June 4, 2016
The banking trojan -- a type of malware used to steal credentials for bank accounts -- has been a staple of cyberthieves for years. However, ransomware, which has proven both easy to use and highly successful, has started eroding its popularity. In a typical banking trojan attack, a robber mounts a phishing campaign to entice a target to open an attachment or click on a link.
Gang Surrenders Key to TeslaCrypt Ransomware Kingdom
May 20, 2016
Eset on Wednesday announced that it has fashioned a free tool that victims of all variants of the TeslaCrypt ransomware can use to unlock affected files. After the criminal gang behind TeslaCrypt recently abandoned support of the malicious software, an Eset analyst contacted the group anonymously, using the channel offered to ransomware victims, and asked for the universal master decryption key.
Flaw Puts a Billion Wireless Mice at Risk
May 20, 2016
Wireless mice and keyboards are the perfect accessories for a world in which devices increasingly are shuffling off their connection coils, but those accessories -- especially untethered rodents -- also can create new threats for those who use them. One such threat is Mousejack. The attack exploits a vulnerability found in 80 percent of wireless mice.
Reddit Tech Forum May Ban Sites That Circumvent Ad Blockers
May 11, 2016
A forum on Reddit, /r/ Technology, on Monday announced it was considering blocking links to websites that require visitors to turn off their ad blockers before viewing content on the site. "It has come to our attention that many websites such as Forbes and Wired are now requiring users to disable ad blockers to view content," said creq, the moderator of the site. "We see this as a security risk."
Feds to Take a Hard Look at Mobile Device Patch Practices
May 11, 2016
The U.S. Federal Trade Commission and the Federal Communications Commission on Monday announced a joint investigation into the issue of mobile device security updates. The FTC issued an order requiring Apple, BlackBerry, Google, HTC America, LG Electronics USA, Microsoft, Motorola Mobility and Samsung Electronics America to provide information about how they issue security updates.
ISIS Cyberthreat: Puny but Gaining Power
May 5, 2016
The Islamic State group's cyberwar capabilities are unsophisticated, but they won't be that way for long. That was the conclusion of a 25-page report released last week by Flashpoint. The report, "Hacking for ISIS: The Emergent Cyber Threat Landscape," found that the Islamic State's "overall capabilities are neither advanced nor do they demonstrate sophisticated targeting."
Researchers Hijack Samsung's SmartThings IoT System
May 4, 2016
Researchers at the University of Michigan on Monday announced they had uncovered a series of vulnerabilities in the Samsung SmartThings home automation system that essentially could have allowed hackers to take control of various functions and break into a user's home. The researchers, working with Microsoft, were able to perform four proof-of-concept attacks.
Supreme Court Grants Federal Agents Broader Surveillance Authority
May 3, 2016
The U.S. Supreme Court has approved a series of amendments to the federal rules of criminal procedure that would let judges issue search warrants for computers located outside their jurisdiction. Chief Justice John Roberts announced the changes in the Court's interpretation of the rules. They would allow a judge to issue warrants to search for electronic evidence at remote sites, for example.
New Attack Technique Hides Spread of RATs in Asia
April 27, 2016
SentinelOne last week announced that it has detected a technique being used in Asia to infect systems with remote access Trojans that ensures that the payload remains in memory throughout its execution and doesn't touch the victim's computer disk in an unencrypted state. Attackers remain hidden from antivirus and next-generation technologies that focus only on file-based threats.
Windows Users Warned to Dump QuickTime Pronto
April 16, 2016
The U.S. Department of Homeland Security on Thursday issued a warning to remove Apple's QuickTime for Windows. The alert came in response to Trend Micro's report of two security flaws in the software, which will never be patched because Apple has ended support for QuickTime for Windows. Computers running QuickTime are open to increased risk of malicious attack or data loss, US-CERT warned.
Adobe Issues Emergency Patch to Head Off Flash Ransomware Attacks
April 11, 2016
Adobe last week issued an emergency security patch to fix a vulnerability in Flash that could leave users vulnerable to a ransomware attack. The vulnerability exists in Adobe Flash Player and earlier versions for Windows, Macintosh, Linux and Chrome operating systems. It can cause a crash and leave the computer vulnerable to attackers, the company said.
See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS
What's your alarm level over cyberattacks on the Internet's infrastructure?
Red: A deadly cyberwar will occur -- It's when, not if.
Orange: A big one could be costly and threaten public safety.
Yellow: We need to improve cybersecurity at a faster pace.
Blue: Regional outages will become more frequent and more annoying.
Green: There's no way anyone could take out the entire Internet.