While many email providers, clients, and anti-spam engines have become adept at detecting spam, malicious messages sent via high-profile, legitimate providers are much harder to catch. Threat actors continue to look for new ways to bypass these engines and, in the latest example of innovative approaches to malware distribution, have managed to co-opt PayPal services […]
A new trojan potentially threatens as many as 2.8 million Android users with unwanted mobile advertisements. On 29 July, researchers at the Russian computer security firm Doctor Web published an alert about the trojan, which goes by the name “Android.Spy.305.origin” The malware is an updated version of sorts of “Android.Spy.277.origin,” which appeared back in April […]
WikiLeaks’ latest DNC email data dump is part one of organization’s new Hillary Leaks series — However, it also contains personal and financial data of innocent donors. The world looks at WikiLeaks as a source for exclusive information from the secret world of governments running the world and the world’s elite — While there is absolutely no […]
The Internet is a great place to do business and cybercriminals are aware of that fact so how can you protect your networks, systems and communications from cyber threats like ransomware? Let’s talk about that! Symantec’s newest threat report claims that email phishing scams have substantially declined in the last three years, but incidences where crypto-ransomware was used to encrypt […]
A few months ago, United States General Vincent Brooks warned the Senate about the growing threat from North Korean cyber-attacks, saying, “While I would not characterize them as the best in the world, they are among the best in the world, and the best organized.” Kim Jong on Computer (Courtesy of the BBC) In the […]
In part one of our web shell series we analyzed recent trends, code bases, and explored defensive mitigations. In part two we investigate a new web shell created by Chinese-speaking actors. On March 26, 2016, Recorded Future’s natural language processing (NLP) engine produced an alert for Cknife. Recorded Future alert showing Cknife reference. Background A […]
The actors behind Dridex 220 and Locky Affid=3 have introduced a new ransomware called “Bart”. They are using the RockLoader malware to download Bart over HTTPS. Bart has a payment screen like Locky but encrypts files without first connecting to a command and control (C&C) server. Analysis On June 24, Proofpoint researchers detected a large […]
Two mobile variants of Triada and Horde malware have been spotted in the wild by Check Point Software Technologies researchers who warn the latest samples have adopted dangerous new techniques including the ability to evade Google’s security on some OS versions. The Android Trojan called Triada, researchers say, now is capable of infecting the Android default […]
Ransomware! Ransom Software! Encrypting Ransomware! AHHH! No doubt the last year exposed you to this term numerous times and I doubt any of it was in reference to a good event. So, you might wonder why you have been hearing about it so much, truth be told Ransomware has been a pain in the side of […]
An ELOFANT is an “Employee Left Or Fired, Access Not Terminated” and these ghost account insiders can undermine your organization’s information security, as recent DBIR stats suggest.
RANSOMWARE IS A multi-million-dollar crime operation that strikes everyone from hospitals to police departments to online casinos. It’s such a profitable scheme that experts say traditional cyberthieves are abandoning their old ways of making money—stealing credit card numbers and bank account credentials—in favor of ransomware. But now that lawmakers on Capitol Hill are in the […]
Simple attacks plus user willingness to pay ransoms to get their files back means ransomware is on the rise, warn Kaspersky researchers. Ransomware has replaced advanced persistent threat (APT) network attacks as the most problematic cyberthreat — and early indications suggest that they’ll be the main problem for 2016 as a whole, cybersecurity researchers from […]
Short Bytes: According to a recent revelation, a hacking group called Armada Collective collected more than $100,000 just by sending a DDoS threat in an email to online businesses. The spooked businesses were asked to pay the amount in Bitcoin in the form of a protection money. A hacking group called the Armada Collective has earned […]
In this feature, we take a look at some of the key things you should be aware of to ensure that you are well-equipped to deal with insider threats.
Coinbitclip Trojan: Is it really A Grave Threat to BitCoin Processor — Going by the precautionary tactics adopted by Bitcoin, it certainly is a threat Infostealer Coinbitclip, a Trojan that has been developed primarily to access and steal the Bitcoin Wallets, is emerging as a grave threat to the peer-to-peer, decentralized virtual currency exchange Bitcoin. […]
According to a recent report, Germany nuclear plants are vulnerable to terrorists and there needs to be some serious dealing with this problem. According to a recently released report, Germany is not adequately equipped to prevent terrorist attacks in its nuclear plants. According to the Deutsche Presse-Agentur (DPA) news agency, the report was presented by Oda Becker, […]
In an era when children are becoming digital natives, using and understanding technology from an early age, safety risks that have existed for some time could also affect them, if we fail to take the necessary precautions.
Short Bytes: In a recent interview, Facebook Founder and CEO Mark Zuckerberg has expressed his concern over the threats made against him in an ISIS video. The video claimed that ISIS has hacked more than 10,000 Facebook accounts, 150 Facebook groups and 5,000 Twitter profiles, saying ISIS would ultimately take down Facebook and Twitter, as well […]
ESET’s Pablo Ramos takes a closer a look at the most common threats facing companies today and the impact that they can have.
Security researchers show how an attacker can access Nissan Leaf electric car by exploiting vulnerability in APIs By using the Application Program Interface or the list of protocols to be kept in mind while building a new software, by the car manufacturing giant Nissan, some security researchers have detected vulnerabilities in the mobile management APIs […]
Researchers at Blue Frost Security firm discovered a flaw in the FireEye Virtual Execution Engine (VXE) that allows an attacker to completely bypass virtualization-based dynamic analysis and whitelist malware. Security researchers at Blue Frost Security have found a high severity vulnerability in FireEye products that allowed an attacker to bypass the company’s detection engine and […]