Nowadays, cybercriminals seem to prefer Fileless Malware Attacks on organizations. Most malware attacks can be detected, blocked and removed using malware removal tools or applications. However, Fileless Malware Attacks are non-malware attacks that utilize legitimate existing programs and applications and are hence able to bypass most endpoint protection systems. Further, the malware resides only in… Continue reading Increasing Fileless Malware Attacks
CyberWire Daily Podcast – WikiLeaks, Enigma Software, Kirk ransomware
Did careless cyber criminals working for the FSB blow the gaffe on the Yahoo! hack? WikiLeaks offers to share Vault 7 vulnerabilities with vendors, but it wants something in return. A look at the Atlantic Council’s recently concluded Cyber 9/12 competition. Does cabin fever increase the risk of being hacked? Enigma Software saw… Continue reading CyberWire Daily Podcast – WikiLeaks, Enigma Software, Kirk ransomware
“Swearing Trojan” Tactics Could Become Global Threat: Researchers
By Ionut Arghire on March 21, 2017 Check Point security researchers have warned that tactics employed by a mobile Trojan targeting users in China might become a worldwide threat when adopted by Western malware. Called the “Swearing Trojan”, the threat was discovered not long ago by Tencent Security researchers, who revealed that the threat… Continue reading “Swearing Trojan” Tactics Could Become Global Threat: Researchers
Microsoft Edge declared 'least secure' browser in hacking event as Chrome emerges unscathed
21st March 2017 By Usama Jawad It’s been tough times for Microsoft Edge lately; it currently sports a user base of just over 5%, Google’s Project Zero keeps revealing the browser’s vulnerabilities, and new extensions are coming at a snail’s pace. Now, at the Pwn2Own 2017 hacking event, Edge has been… Continue reading Microsoft Edge declared 'least secure' browser in hacking event as Chrome emerges unscathed
World's worst botnet fiends switch from ransomware to stock scam spam
IT LIVES! 21 Mar 2017 John Leyden Cybercriminals behind the Necurs botnet have reactivated the zombie network and returned to their original business of using compromised machines as conduits for spam distribution. In January, Cisco Talos reported that the Necurs botnet had gone offline, taking the typical volume of Locky… Continue reading World's worst botnet fiends switch from ransomware to stock scam spam
Canada and the U.K. hit by Ramnit Trojan in new malvertising campaign
March 21, 2017 by Jérôme Segura Over the last few days we have observed an increase in malvertising activity coming from adult websites that have significant traffic (several million monthly visits each). Malicious actors are using pop-under ads (adverts that load in a new browser window under the current active page) to surreptitiously redirect users to the RIG… Continue reading Canada and the U.K. hit by Ramnit Trojan in new malvertising campaign
New Technology Combines Lip Motion and Passwords to Authenticate Users
20th March 2017 By Catalin Cimpanu Scientists from the Hong Kong Baptist University (HKBU) have developed a new user authentication system that relies on reading lip motions while the user speaks a password out loud. The technology is a mixture of traditional authentication solutions with the new wave of biometrics-based solutions.… Continue reading New Technology Combines Lip Motion and Passwords to Authenticate Users
It Took Mozilla 22 Hours to Patch a Firefox Vulnerability Discovered at Pwn2Own
March 20th 2017 By Catalin Cimpanu Mozilla engineers released Firefox 52.0.1 to patch a security flaw that came to light last Friday, in the Pwn2Own 2017 hacking contest. All in all, it took Mozilla engineers only 22 hours from the time the bug was used during… Continue reading It Took Mozilla 22 Hours to Patch a Firefox Vulnerability Discovered at Pwn2Own
Chinese PUPs and backdoor drivers: making systems less secure since 2013
March 20, 2017 by Zammis Clark PUPs affect systems all across the world and are developed in many countries. A few weeks ago I came across an installer for a China-developed WiFi hotspot application, targeting English speakers, and being dropped by one of the major PUP bundler… Continue reading Chinese PUPs and backdoor drivers: making systems less secure since 2013
A simple command allows the CIA to commandeer 318 models of Cisco switches
Bug relies on telnet protocol used by hardware on internal networks. Dan Goodin – 3/20/2017 Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is… Continue reading A simple command allows the CIA to commandeer 318 models of Cisco switches