Nowadays, cybercriminals seem to prefer Fileless Malware Attacks on organizations. Most malware attacks can be detected, blocked and removed using malware removal tools or applications. However, Fileless Malware Attacks are non-malware attacks that utilize legitimate existing programs and applications and are hence able to bypass most endpoint protection systems. Further, the malware resides only in… Continue reading Increasing Fileless Malware Attacks

    Did careless cyber criminals working for the FSB blow the gaffe on the Yahoo! hack? WikiLeaks offers to share Vault 7 vulnerabilities with vendors, but it wants something in return. A look at the Atlantic Council’s recently concluded Cyber 9/12 competition. Does cabin fever increase the risk of being hacked? Enigma Software saw… Continue reading CyberWire Daily Podcast – WikiLeaks, Enigma Software, Kirk ransomware

By Ionut Arghire on March 21, 2017   Check Point security researchers have warned that tactics employed by a mobile Trojan targeting users in China might become a worldwide threat when adopted by Western malware.   Called the “Swearing Trojan”, the threat was discovered not long ago by Tencent Security researchers, who revealed that the threat… Continue reading “Swearing Trojan” Tactics Could Become Global Threat: Researchers

21st March 2017 By Usama Jawad                                               It’s been tough times for Microsoft Edge lately; it currently sports a user base of just over 5%, Google’s Project Zero keeps revealing the browser’s vulnerabilities, and new extensions are coming at a snail’s pace.   Now, at the Pwn2Own 2017 hacking event, Edge has been… Continue reading Microsoft Edge declared 'least secure' browser in hacking event as Chrome emerges unscathed

IT LIVES!                            21 Mar 2017  John Leyden   Cybercriminals behind the Necurs botnet have reactivated the zombie network and returned to their original business of using compromised machines as conduits for spam distribution.   In January, Cisco Talos reported that the Necurs botnet had gone offline, taking the typical volume of Locky… Continue reading World's worst botnet fiends switch from ransomware to stock scam spam

March 21, 2017 by Jérôme Segura   Over the last few days we have observed an increase in malvertising activity coming from adult websites that have significant traffic (several million monthly visits each). Malicious actors are using pop-under ads (adverts that load in a new browser window under the current active page) to surreptitiously redirect users to the RIG… Continue reading Canada and the U.K. hit by Ramnit Trojan in new malvertising campaign

20th March 2017  By Catalin Cimpanu                    Scientists from the Hong Kong Baptist University (HKBU) have developed a new user authentication system that relies on reading lip motions while the user speaks a password out loud.   The technology is a mixture of traditional authentication solutions with the new wave of biometrics-based solutions.… Continue reading New Technology Combines Lip Motion and Passwords to Authenticate Users

March 20th 2017  By Catalin Cimpanu                                              Mozilla engineers released Firefox 52.0.1 to patch a security flaw that came to light last Friday, in the Pwn2Own 2017 hacking contest.   All in all, it took Mozilla engineers only 22 hours from the time the bug was used during… Continue reading It Took Mozilla 22 Hours to Patch a Firefox Vulnerability Discovered at Pwn2Own

March 20, 2017 by Zammis Clark                                                PUPs affect systems all across the world and are developed in many countries. A few weeks ago I came across an installer for a China-developed WiFi hotspot application, targeting English speakers, and being dropped by one of the major PUP bundler… Continue reading Chinese PUPs and backdoor drivers: making systems less secure since 2013

Bug relies on telnet protocol used by hardware on internal networks. Dan Goodin – 3/20/2017   Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is… Continue reading A simple command allows the CIA to commandeer 318 models of Cisco switches