Like ransomware, doxware encrypts files, but also involves purloining copies   By Rishi Bhargava, Co-founder and VP Marketing, Demisto Network World | February 27, 2017   This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.   As if ransomware wasn’t bad enough,… Continue reading The latest ransomware threat: Doxware

See Also – Russia Arrests Top Kaspersky Lab Security Researcher on Charges of Treason   26th February 2017  By Jack Stubbs and Svetlana Reiter   Treason charges brought in December against two Russian state security officers and a cyber-security expert in Moscow relate to allegations made by a Russian businessman seven years ago, according to… Continue reading Treason charges against Russian cyber experts linked to seven-year-old accusations

February 25th 2017  By Catalin Cimpanu   A new Ransomware-as-a-Service (RaaS) portal named Dot-Ransomware is behind the Unlock26 ransomware discovered this past week. First spotted two days ago, this ransomware operation is quite unique as it features a very minimal and direct style, with little-to-no instructions and simple-designed ransom notes and ransom payment portal. Based… Continue reading New RaaS Portal Preparing to Spread Unlock26 Ransomware

February 26, 2017  By Pierluigi Paganini   The analysis conducted by Arbor Networks on the Shamoon 2 malware has shed light on the control infrastructure and the infection process.   Security researchers from Arbor Networks’ Security Engineering and Response Team (ASERT) have conducted a new analysis of the Shamoon 2 malware discovering further details on the tools… Continue reading Shamoon 2 malware, ASERT has shed light on the C2 and the infection process

25th February 2017 By Mark Wilson   Not content with publishing details of an unpatched Windows bug, Google has now gone public with a security vulnerability in both Microsoft Edge and Internet Explorer. Going under the description of “Type confusion in HandleColumnBreakOnColumnSpanningElement”, the bug has the potential to allow an attacker to execute malicious code.… Continue reading Google releases details of unpatched Internet Explorer and Microsoft Edge vulnerability

February 25, 2017  By Pierluigi Paganini   The carder forum CVV2Finder claims to have more than 150 million logins from several popular services, including Netflix and Uber.   The carder forum CVV2Finder claims to have more than 150 million logins, from several popular services, including Netflix and Uber. The operators in the forum are offering the precious commodity… Continue reading Carder forum claims 150 million logins for sale from CloudBleed case

By Ionut Arghire on February 24, 2017   Thousands of MySQL databases are potential victims to a ransom attack that appears to be an evolution of the MongoDB ransack campaign observed a couple months ago, GuardiCore warns.   As part of the attack, unknown actors are brute forcing poorly secured MySQL servers, enumerate existing databases… Continue reading MySQL Databases Targeted in New Ransom Attacks

A new campaign of Adwin is extremely widespread   Feb 24, 2017 13:22 GMT  ·  By Gabriela Vatu   Adwind Remote Access Tool is being put to use again in an attack against over 1,500 organizations in 100 countries and territories.   According to Kaspersky Lab, the attacks impact various industrial sectors, retail, and distribution… Continue reading Adwind Malware Targets 1,500 Organizations from 100 Countries

Something happening here, what it is ain’t exactly clear                                         24 Feb 2017 at 17:31, John Leyden   A substantial number of Gmail users have been affected by a potential but unconfirmed hack of unknown origin or purpose. El Reg learnt of the issue following… Continue reading Mysterious Gmail account lockouts prompt hack fears

Report: Siri, internal development servers affected by fake firmware patch. Sean Gallagher (US) – 24/2/2017   A mid-2016 security incident led to Apple purging its data centers of servers built by Supermicro, including returning recently purchased systems, according to a report by The Information. Malware-infected firmware was reportedly detected in an internal development environment for… Continue reading Apple deleted server supplier after finding infected firmware in Siri servers