Friday, April 29, 2016

Feedly:We Live Security » Languages » English. Security Bulletin: Steps you should take to fix a Java SE security risk on your computer



from We Live Security » Languages » English

Steps you should take to fix a Java SE security risk on your computer, a message from Oracle, broadcast by ESET, as requested by the FTC.

The post Security Bulletin: Steps you should take to fix a Java SE security risk on your computer appeared first on We Live Security.

Feedly:Darknet – The Darkside. Empire – PowerShell Post-Exploitation Agent



from Darknet – The Darkside

Feedly:Virus alerts. April 2016 mobile malware review from Doctor Web



from Virus alerts

April 29, 2016

This April was marked by a noticeable increase in activity of aggressive advertising modules—they once again turned out to be the most frequently detected malicious applications. Besides, Doctor Web security researchers discovered a new Trojan designed to install various software, together with a Trojan incorporated into more than 190 Android applications.

PRINCIPAL TRENDS IN APRIL

  • Increase in activity of aggressive advertising modules for Android
  • Detection of a Trojan in more than 190 Google Play apps
  • Emergence of a new Trojan that covertly installs various software

Mobile threat of the month

Yet another threat was detected on Google Play in April—Android.Click.95. This Trojan infected more than 190 applications that were distributed by at least 6 developers. The total number of downloads has exceeded 140,000.

screen #drweb

Android.Click.95 checks whether an application specified by the Trojan is on the device. Depending on the result, the Trojan opens a bogus website with the warning and prompts the user to install the relevant software to solve the problem. To ensure its downloading, the Trojan displays this website every 2 minutes, which makes it almost impossible to use the device normally. If the user agrees to install the program, it is redirected to the relevant Google Play section. For more information about this Trojan, refer to the review.

According to statistics collected by Dr.Web for Android

screen #drweb

An unwanted program module that is incorporated into the Android applications and is responsible for advertising on mobile devices.

Downloader Trojans

Today, one of the popular way of money making among cybercriminals is to contrive malicious programs that can download and install software picking up its rating. Yet another example of such-like application is Android.GPLoader.1.origin, which was detected in April. This Trojan comes with Android.GPLoader.2.origin that is masqueraded as an adult video player. Once launched, it prompts the user to install some multimedia codec that is, in fact, a malicious application containing Android.GPLoader.1.origin.

screen #drweb

When running, Android.GPLoader.1.origin prompts the user to grant it access to Accessibility Service. Then the Trojan connects to the server and receives a list of programs to install. When the device goes to sleep mode, and its home screen is off, Android.GPLoader.1.origin opens Google Play and starts to download and install specified applications, which automatically picks up their rating.

Such-like malicious and unwanted applications become more and more widespread. If you want to reduce the risk of your device being infected, Doctor Web strongly recommends you not to download dubious applications and to protect your mobile devices with anti-virus software.

Protect your Android device with Dr.Web now

Buy online Buy on Google Play Free download

Feedly:Virus alerts. April 2016 virus activity review from Doctor Web



from Virus alerts

April 29, 2016

April 2016 began with a new version of the Gozi Trojan, which now could create peer-to-peer botnets. Later this month, cybercriminals started to spread a backdoor for Linux via a hacker utility. Besides, security researchers detected the intensified activity of Internet scammers who have already tricked a big number of gullible users by creating fake online stores.

PRINCIPAL TRENDS IN APRIL

  • New version of the Gozi Trojan
  • New backdoor for Linux
  • Intensified activity of Internet scammers

Threat of the month

Instead of contriving brand new banking Trojans, attackers prefer to modify old versions of popular financial malware programs—for example, Trojan.Gozi, which is able to carry out a wide range of malicious activities: it can steal information entered by the user into web data forms and perform web injections and keylogging functions. In addition, the Trojan is also designed to get remote access to the user’s machine by means of Virtual Network Computing (VNC). Moreover, upon a command, the Trojan can run the SOCKS proxy server and download and install various plug-ins.

screen #drweb

However, unlike its counterparts, Trojan.Gozi can also generate peer-to peer (P2P) botnets, which allows the Trojan to transmit encrypted information directly to the infected machines. You can find more about this malware program in the news article published by Doctor Web.

According to statistics collected by Dr.Web CureIt!

screen #drweb

  • Trojan.InstallCore.1903

    A Trojan that can install unwanted and malicious applications.
  • Trojan.StartPage

    A malware family that can modify the home page in the browser settings.
  • Trojan.Zadved

    This Trojan displays fake search results in the browser window and imitates pop-up messages from social networking sites. In addition to this, the malware can replace advertisements displayed on different Internet resources.
  • Trojan.DownLoader

    A family of malicious programs designed to download other malware to the compromised computer.

According to Doctor Web statistics servers

screen #drweb

  • Trojan.InstallCore.1903

    A Trojan that can install unwanted and malicious applications.
  • BackDoor.IRC.NgrBot.42

    A fairly common Trojan, which is known to information security researchers since 2011. Malicious programs of this family are able to execute intruder-issued commands on infected machine controlled by cybercriminals via the IRC (Internet Relay Chat) text-messaging protocol.
  • JS.Redirector

    A family of malicious scripts that are written in JavaScript and designed to redirect users to different (including malicious and fraudulent) webpages.
  • JS.Downloader

    A family of malicious scripts that are written in JavaScript and designed to download and install other malware programs on the computer.
  • Trojan.Zadved

    This Trojan displays fake search results in the browser window and imitates pop-up messages from social networking sites.

Statistics concerning malicious programs discovered in email traffic

screen #drweb

  • JS.Downloader

    A family of malicious scripts that are written in JavaScript and designed to download and install other malware programs on the computer.
  • Trojan.InstallCore.1903

    A Trojan that can install unwanted and malicious applications.
  • Trojan.PWS.Stealer

    A family of Trojans designed to steal passwords and other confidential information stored on the infected computer.

Encryption ransomware

screen #drweb

Trojan.Encoder.858 is the most frequently detected Trojan in April 2016.

Dr.Web Security Space 11.0 for Windows
protects against encryption ransomware

This feature is not available in Dr.Web Anti-virus for Windows.

Data Loss Prevention
Preventive Protection Data Loss Prevention

Dangerous websites

During April 2016, Doctor Web added 749,173 URLs into the Dr.Web database of non-recommended sites.

March 2016 April 2016 Dynamics
+458,013 +749,173 +63.6%

April witnessed a big number of Internet users who fell victim to online shopping scams. Numerous fake online stores have all the typical features of real online shops. Yet, web design of these fraudulent websites is always identical.

screen #drweb

To learn more about how this scheme of online shopping fraud works, refer to the article.

Other threats

To illegally infiltrate computer systems and remote networks, attackers often use software vulnerabilities. Yet, incorrect configurations of server applications and other programs may pose a more dangerous threat. In April, Doctor Web specialists discovered some misconfiguration of hardware belonging to a large company that supplies DNS and web hosting services. Thus, its clients revealed a list of their registered subdomains—in particular, ones for internal use— to the world. These domains can be used to organize internal non-public servers, version control systems (VCS), bug trackers, various monitoring services, wiki resources, etc. Having this domain list, attackers can easily examine the network of a potential victim in order to find vulnerabilities. For more details, refer to the article.

Furthermore, Doctor Web security researchers detected a new backdoor for Linux—Linux.BackDoor.Xudp.1. Its key feature lies in the fact that it infiltrated the system via some hacker utility designed to send out UDP packets to a specified address. It means that the Linux user, in their attempts to attack a server, fell victim to the Trojan.

Security researchers registered that Linux.BackDoor.Xudp.1 can continuously send various requests to the specified remote server, carry out DDoS attacks, and execute arbitrary commands. In addition, it can scan ports within a specified range of IP addresses, run certain files, send any file to cybercriminals, and execute other functions. All the features of this Trojan are described in our review.

In the end of the month, security researchers detected Trojan.BPlug.1074, a malware program masquerading as a plug-in for Google Chrome which sent out spam messages to Facebook users. This Trojan was used to distribute other dangerous extensions for Chrome. As of April 29, 2016, more than 12,000 Facebook users have already fallen victim to Trojan.BPlug.1074. For more about this incident, refer to the news article.

Malicious and unwanted programs for mobile devices

According to the statistics collected by Dr.Web for Android, aggressive advertising modules became the most frequently detected programs among other malicious and unwanted applications in April. Such modules are often designed not only to display annoying advertisements but also to steal confidential information and to download and install various software, which helps cybercriminals make money from victims. In addition, a new Trojan named Android.GPLoader.1.origin, which was designed to covertly install other applications, was detected in the past month.

Among the most noticeable April events related to mobile malware, we can mention

  • Increase in activity of aggressive advertising modules for Android.
  • Emergence of a new Trojan that covertly installs various software.

Find out more about malicious and unwanted programs for mobile devices in our special overview.

Learn more with Dr.Web

Virus statistics Virus descriptions Virus monthly reviews Laboratory-live

Feedly:SANS Internet Storm Center, InfoCON: green. New release of PCI DSS (version 3.2) is available, (Fri, Apr 29th)



from SANS Internet Storm Center, InfoCON: green

A new version of the standard was releas ...(more)...

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. It's the year 2020...how's your cybersecurity?



from Security News - Software vulnerabilities, data leaks, malware, viruses

What if, in 2020, wearable devices did not care about how many steps you took, and instead were concerned with your real-time emotional state? With networked devices tracking hormone levels, heart rates, facial expressions, voice tone and more, the Internet could become a vast system of "emotion readers," touching the most intimate aspects of human psychology. What if these technologies allowed people's underlying mental, emotional and physical states to be tracked – and manipulated?

Feedly:Virus alerts. Facebook is attacked once again



from Virus alerts

April 29, 2016

The malicious plug-in for Google Chrome is detected as Trojan.BPlug.1074. If the plug-in affects the browser, it determines the identifier of the user (UID) when they log on to Facebook and modifies the appearance of the website by removing the Privacy Shortcuts menu located at the upper-right side of the Facebook window, together with other drop-down menus of the social network’s interface. Then the Trojan obtains the user’s friend list.

After that, Trojan.BPlug.1074 creates a new group named randomly. Using the group ID, the victim’s profile photo and the address of the webpage retrieved from a configuration file, the Trojan generates a “share a link” post and publishes it on the wall in specified intervals. What is more, the Trojan adds all the victim’s friends on Facebook to the post so this message is published on their walls too.

screen #drweb

If the user follows the specified link, they are redirected to some webpage whose appearance is identical to the Facebook web design. Yet, if another website was used to follow this link, the user is redirected to a blank webpage.

screen #drweb

The webpage is named “Hello please watch my video” and contains an allegedly standard video player. If the victim uses Chrome, they are prompted to download and install a browser plug-in that is, in fact, another copy of Trojan.BPlug.1074.

screen #drweb

Trojan.BPlug.1074 can use this method to spread other plug-ins for Google Chrome.

Doctor Web security researchers registered more than 12,000 cases involving the Trojan.BPlug.1074 malicious plug-in being installed by Facebook users as of April 28, 2016. Dr.Web Anti-virus successfully detects and removes this Trojan. Yet, our specialists recommend you to pay careful attention when installing extensions for the browser even if they are offered by such a popular website as Facebook.

More about this Trojan

Feedly:We Live Security » Languages » English. Cybercriminals ‘increasingly relying upon ransomware’



from We Live Security » Languages » English

Ransomware is being increasingly relied upon in cyberattacks, according to Verizon’s latest Data Breach Investigations Report.

The post Cybercriminals ‘increasingly relying upon ransomware’ appeared first on We Live Security.

Thursday, April 28, 2016

Feedly:Malwarebytes Labs. Toy Maker Maisto Unwittingly Serves Up CryptXXX Ransomware



from Malwarebytes Labs

The website of popular American toy brand Maisto was caught pushing the Angler exploit kit eventually leading to ransomware infections.

Categories:

Tags:

(Read more...)

Feedly:TrendLabs Security Intelligence Blog. Locky Ransomware Spreads Via Flash and Windows Kernel Exploits



from TrendLabs Security Intelligence Blog

By Moony Li and Hugo Cao In early April of this year a zero-day exploit (designated as CVE-2016-1019) was found in Adobe Flash Player. This particular flaw was soon used by the Magnitude Exploit Kit, which led to an Adobe out-of-cycle patch. This flaw was being used to lead to drive-by download attacks with Locky ransomware as the payload. However, this did not...

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Locky Ransomware Spreads Via Flash and Windows Kernel Exploits

Feedly:SANS Internet Storm Center, InfoCON: green. Sysinternals Updated today - Updates to Sysmon, Procdump and Sigcheck. http://ift.tt/247mX7T , (Fri, Apr 29th)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:SANS Internet Storm Center, InfoCON: green. ISC Stormcast For Friday, April 29th 2016 http://ift.tt/26yWaA6, (Fri, Apr 29th)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:Malwarebytes Labs. Deceptive URL mentions “Nexus”, promises iPhone 6s



from Malwarebytes Labs

With rumors floating around of Google's new mobile product--an expected Apple iPad contender--many may start searching for more info online, and they may end up in dodgy destinations.

Categories:

Tags:

(Read more...)

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Ransomlock.AQ



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Malwarebytes Labs. Trump spam and torrents, oh my



from Malwarebytes Labs

Fake CNN Donald Trump spam claims riches are at hand - we see if the mail lives up to its promises...

Categories:

Tags:

(Read more...)

Feedly:. Tick cyberespionage group zeros in on Japan



from

Compromised websites and spear-phishing emails used to infect targets with Daserf Trojan
Blog Feature Image: 
Twitter Card Style: 
summary

Header_Tick.jpg

Contributor: Gavin O’Gorman

read more

Feedly:Fortinet Blog. Burgeoning Internet of Medical Things make you uneasy? It should



from Fortinet Blog

Twenty billion new connected devices in the coming year. The Internet of Medical Things (IoMT) is growing massively. And so are the threats. Roger Bailey Healthcare Solutions Architect at Fortinet spoke with us at HIMSS 2016 about the emerging &ldq...

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Ransomcrypt.AL



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Prociy



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Threats RSS Feed - Symantec Corp.. Downloader.Exopire



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:We Live Security » Languages » English. Ransomware is everywhere, but even black hats make mistakes



from We Live Security » Languages » English

Ransomware is everywhere. At least that might be the impression left by a seemingly endless stream of news reports on recent cyberattacks, reports ESET's Ondrej Kubovič.

The post Ransomware is everywhere, but even black hats make mistakes appeared first on We Live Security.

Feedly:We Live Security » Languages » English. Say goodbye to cyber stresses in the workplace



from We Live Security » Languages » English

On World Day for Safety and Health at Work, we’ve put together a brief guide on potential cyber stresses to avoid in the workplace.

The post Say goodbye to cyber stresses in the workplace appeared first on We Live Security.

Feedly:We Live Security » Languages » English. Malware found at a German nuclear power plant



from We Live Security » Languages » English

Malware has been found on a computer at Gundremmingen nuclear power plant in Germany, it has been revealed. It is not considered a threat as the infected computer is not connected to the internet.

The post Malware found at a German nuclear power plant appeared first on We Live Security.

Feedly:Securelist - Information about Viruses, Hackers and Spam. Kaspersky DDoS Intelligence Report for Q1 2016



from Securelist - Information about Viruses, Hackers and Spam

In Q1, resources in 74 countries were targeted by DDoS attacks. China, the US and South Korea remained the leaders in terms of number of DDoS attacks and number of targets. The longest DDoS attack in Q1 2016 lasted for 197 hours (or 8.2 days).

Feedly:Darknet – The Darkside. BeautifulPeople.com Leak Exposes 1.1M Extremely Private Records



from Darknet – The Darkside

Wednesday, April 27, 2016

Feedly:SANS Internet Storm Center, InfoCON: green. ISC Stormcast For Thursday, April 28th 2016 http://ift.tt/1Tf0TNL, (Thu, Apr 28th)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:SANS Internet Storm Center, InfoCON: green. DNS and DHCP Recon using Powershell, (Thu, Apr 28th)



from SANS Internet Storm Center, InfoCON: green

I recently had a client pose an interesting problem. They wanted to move all their thin clients t ...(more)...

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Godmodir



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Utah essential oil company announces third-party data breach



from Security News - Software vulnerabilities, data leaks, malware, viruses

Utah-based essential oil company doTERRA is warning customers and distributors that their personal information may have been compromised in a data breach in March.

Feedly:Malwarebytes Labs. Fake LastPass extension exposes users to ads and installs



from Malwarebytes Labs

This post is to remind our readers to keep a sharp eye on apps that claim to be the real thing but are actually rogue versions of those they're imitating.

Categories:

Tags:

(Read more...)

Feedly:Errata Security.



from Errata Security

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. FBI says it won't disclose how it accessed locked iPhone



from Security News - Software vulnerabilities, data leaks, malware, viruses

The FBI says it won't publicly disclose the method that allowed it to access a locked iPhone used by one of the San Bernardino attackers.

Feedly:Securelist - Information about Viruses, Hackers and Spam. Contributing to the Annual DBIR



from Securelist - Information about Viruses, Hackers and Spam

This year’s DBIR release from Verizon exposes valuable and well organized data on global incidents this past year. Our contributions on targeted attack activity and other areas to a report like this one over the past several years is important to help… Read Full Article

Feedly:We Live Security » Languages » English. Malware ‘used as part of a wider toolkit’ in Bangladesh Bank attack



from We Live Security » Languages » English

Malware used by cybercriminals to carry out one of the biggest cyberheists in history is thought to have been “part of a wider attack toolkit”, according to a BAE Systems’ security researcher.

The post Malware ‘used as part of a wider toolkit’ in Bangladesh Bank attack appeared first on We Live Security.

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Pekelog



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Adupihan



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Large Qatari bank investigating alleged data breach



from Security News - Software vulnerabilities, data leaks, malware, viruses

Qatar's largest bank says it is investigating an alleged data breach involving customers' information.

Feedly:We Live Security » Languages » English. The perimeter is everywhere (so where is your data really?)



from We Live Security » Languages » English

It’s hard to protect what you don’t understand. It’s also hard to protect data if you don’t know where it is. ESET's Cameron Camp looks explores the challenges of data security.

The post The perimeter is everywhere (so where is your data really?) appeared first on We Live Security.

Feedly:Threats RSS Feed - Symantec Corp.. Exp.CVE-2016-2347



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:We Live Security » Languages » English. Companies fear data breaches caused by compromised credentials



from We Live Security » Languages » English

Two thirds of security professionals rate the risk of a future data breach, due to compromised credentials, as medium or high.

The post Companies fear data breaches caused by compromised credentials appeared first on We Live Security.

Feedly:Securelist - Information about Viruses, Hackers and Spam. Freezer Paper around Free Meat



from Securelist - Information about Viruses, Hackers and Spam

Instead of developing customized hacking tools or buying them from third-party suppliers on the criminal underground, cyberespionage threat actors are using tools available on the web for research purposes. Several cyberespionage campaigns utilizing such tools have been spotted recently by experts.

Feedly:We Live Security » Languages » English. Ransomware and the Internet of Things



from We Live Security » Languages » English

A report from the Institute for Critical Infrastructure Technology warns that ransomware could be hitting more than just your regular computer in future...

The post Ransomware and the Internet of Things appeared first on We Live Security.

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Encryption row spotlights fears on security, privacy



from Security News - Software vulnerabilities, data leaks, malware, viruses

Has encryption technology given the bad guys a way to operate in the dark? Or has the new tech age gifted law enforcement with unprecedented surveillance powers?

Tuesday, April 26, 2016

Feedly:SANS Internet Storm Center, InfoCON: green. Kippos Cousin Cowrie, (Wed, Apr 27th)



from SANS Internet Storm Center, InfoCON: green

We have mentioned Kippo a lot ...(more)...

Feedly:SANS Internet Storm Center, InfoCON: green. ISC Stormcast For Wednesday, April 27th 2016 http://ift.tt/1qRML5S, (Wed, Apr 27th)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:We Live Security » Languages » English. Data privacy and data protection: US law and legislation white paper



from We Live Security » Languages » English

This white paper on data privacy and data protection law and legislation in the US should prove to be a handy reference during ongoing privacy debates.

The post Data privacy and data protection: US law and legislation white paper appeared first on We Live Security.

Feedly:SANS Internet Storm Center, InfoCON: green. An Introduction to Mac memory forensics, (Tue, Apr 26th)



from SANS Internet Storm Center, InfoCON: green

Unfortunately when its come to the memory forensics Mac in environment doesnt have the luxury tha ...(more)...

Feedly:Errata Security. My next scan



from Errata Security

Feedly:Malwarebytes Labs. Malvertising On The Pirate Bay Drops Ransomware



from Malwarebytes Labs

Magnitude EK strikes again, this time on The Pirate Bay, and drops the Cerber Ransomware.

Categories:

Tags:

(Read more...)

Feedly:Microsoft Malware Protection Center. Digging deep for PLATINUM



from Microsoft Malware Protection Center

There is no shortage of headlines about cybercriminals launching large-scale attacks against organizations. For us, the activity groups that pose the most danger are the ones who selectively target organizations and desire to stay undetected, protect their investment, and maximize their ROI. That’s what motivated us – the Windows Defender Advanced Threat Hunting team, known...

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. FBI chief warns of 'costs' to strong encryption



from Security News - Software vulnerabilities, data leaks, malware, viruses

FBI Director James Comey called Tuesday for a discussion of the "costs" of strong encryption now that a legal battle over access to the iPhone used by a California attacker has ended.

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. FBI chief sees better cyber cooperation from China



from Security News - Software vulnerabilities, data leaks, malware, viruses

FBI Director James Comey said Tuesday he has seen some improvement in cooperation from China in fighting cybercrime following last year's bilateral agreement on the issue.

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. FBI chief: Agency still studying vulnerability on iPhone



from Security News - Software vulnerabilities, data leaks, malware, viruses

FBI Director James Comey says the FBI is still studying the software vulnerability that allowed the agency, with third party help, to access a locked iPhone used by one of the San Bernardino, California attackers.

Feedly:We Live Security » Languages » English. BeautifulPeople.com experiences data breach: 1m affected



from We Live Security » Languages » English

The personal data of around 1.1 million people could be sold off on the black market after BeautifulPeople.com experiences data breach.

The post BeautifulPeople.com experiences data breach: 1m affected appeared first on We Live Security.

Feedly:Threat Research Blog. RuMMS: The Latest Family of Android Malware Attacking Users in Russia Via SMS Phishing



from Threat Research Blog

Feedly:We Live Security » Languages » English. Insider threats: A persistent and widespread problem



from We Live Security » Languages » English

In this feature, we take a look at some of the key things you should be aware of to ensure that you are well-equipped to deal with insider threats.

The post Insider threats: A persistent and widespread problem appeared first on We Live Security.

Feedly:Securelist - Information about Viruses, Hackers and Spam. Malware and non-malware ways for ATM jackpotting. Extended cut



from Securelist - Information about Viruses, Hackers and Spam

Millions of people around the world now use ATMs every day to withdraw cash, pay in to their account or make a variety of payments. Unfortunately, ATM manufacturers and their primary customers – banks – don’t pay much attention to the security of cash machines.

Feedly:Bitdefender Labs. Attackers Pose as Account Owners via Facebook Login Flaw



from Bitdefender Labs

Facebook vulnerability breaks down the convenience of social login authentication.  Insufficient security validation allows attackers to impersonate Internet users and gain password-less access to any of their online accounts. Social logins are an alternative to traditional authentication. They offer users … Continue reading

Feedly:Fortinet Blog. Innovation Insights - 300 Patents and Counting...



from Fortinet Blog

It’s been said that the definition of technology innovation is creating significant positive change. This month marks a milestone in Fortinet’s efforts to create an entire culture dedicated to this sort of entrepreneurial innovation, with...

Monday, April 25, 2016

Feedly:SANS Internet Storm Center, InfoCON: green. ISC Stormcast For Tuesday, April 26th 2016 http://ift.tt/1MUsUxp, (Tue, Apr 26th)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:Malwarebytes Labs. A Week in Security (Apr 17 – Apr 23)



from Malwarebytes Labs

A compilation of notable security news and blog posts from April 17 to April 23.

Categories:

Tags:

(Read more...)

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Banswift



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Cryptolocker.AO



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Fortinet Blog. Innovation Insights: Why Content Processing Matters



from Fortinet Blog

Fortinet just announced the new tightly integrated Security Fabric, and the ninth generation of their content security processing ASIC, the CP9. The environment that spurs this sort of unprecedented innovation is focused on the following driving fact...

Feedly:Fortinet Blog. Advances in Advanced Threat Protection



from Fortinet Blog

This week Fortinet announced even more advances to our award-winning, ICSA-certified Advanced Threat Protection solution – because, apparently, awesome simply wasn’t good enough. What is Advanced Threat Protection? The unprecedented gro...

Feedly:Fortinet Blog. Networks are Changing. Security Needs to Keep Up.



from Fortinet Blog

Introducing the Fortinet Security Fabric Networks are currently undergoing dramatic change. Organizations are simultaneously wrestling with issues such as BYOD, IoT, virtualization, SDN, cloud, the proliferation of applications, Big Data, and the ex...

Feedly:Fortinet Blog. Securing the New Enterprise



from Fortinet Blog

Organizations are undergoing dramatic change, driven by their transformation to a digital business model and the resulting exponential increase in data, devices, users, applications, and transactions flooding their networks through the cloud. Managin...

Feedly:Fortinet Blog. Securing the Cloud



from Fortinet Blog

Securing the Cloud In the emerging digital economy, organizations are connecting users, devices, data, goods, and services to drive business value. Organizations that want to compete successfully in this new economy are having to adopt new architect...

Feedly:Darknet – The Darkside. Google Rapid Response (GRR ) – Remote Live Forensics For Incident Response



from Darknet – The Darkside

Feedly:. What you need to know about election apps and your personal data



from

Presidential primary apps can gather a lot of information and may expose sensitive data.
Twitter Card Style: 
summary

Header_1.png

Contributor: Shaun Aimoto

read more

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Your devices' latest feature? They can spy on your every move



from Security News - Software vulnerabilities, data leaks, malware, viruses

We now have dozens of smart devices in our houses and even on our bodies. They improve our lives in so many ways – from lowering energy consumption in our homes to egging us on to be active.

Feedly:Threats RSS Feed - Symantec Corp.. Infostealer.Boyapki.E



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:We Live Security » Languages » English. The security review: Dorkbot, encryption and buildings



from We Live Security » Languages » English

Welcome to this week’s security review, which includes Dorkbot, the importance of encryption and how buildings are at threat of cyberattacks.

The post The security review: Dorkbot, encryption and buildings appeared first on We Live Security.

Feedly:TrendLabs Security Intelligence Blog. New FAREIT Strain Abuses PowerShell



from TrendLabs Security Intelligence Blog

In 2014, we began seeing attacks or threats that abused the Windows PowerShell feature. At that time, it was uncommon to see threats leveraging this scripting tool as part of the malware’s capabilities. However, it’s also not surprising to see the proliferation of various threats using this feature. First of all, users cannot easily spot any malicious behavior on their infected systems since PowerShell runs in the background. Secondly, PowerShell has access to the services of the operating system (OS); and it can get usernames, passwords, and other system information. As such, this makes it a viable, if not a powerful arsenal for cybercriminals and attackers.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

New FAREIT Strain Abuses PowerShell

Saturday, April 23, 2016

Feedly:Fortinet Blog. Over 100,000 South Korean Users Affected by BlackMoon Campaign



from Fortinet Blog

Introduction The FortiGuard Virtualization Execution X (VEX) system – a behaviour-based, in-house framework designed to identify zero-day samples – has detected a previously undiscovered iteration of the BlackMoon Trojan. BlackMoon Troj...

Feedly:We Live Security » Languages » English. SMS phishing attackers continue to pursue Apple users



from We Live Security » Languages » English

You would be wrong to think that this is just an attempt by the criminals to steal your Apple ID password - bad as that would be. It's much worse than that.

The post SMS phishing attackers continue to pursue Apple users appeared first on We Live Security.

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Feds say they've accessed phone at center of Apple data case



from Security News - Software vulnerabilities, data leaks, malware, viruses

The U.S. Justice Department said it has withdrawn a request to force Apple to reveal data from a cellphone linked to a New York drug case after someone provided federal investigators with the phone's passcode.

Feedly:SANS Internet Storm Center, InfoCON: green. Angler Exploit Kit, Bedep, and CryptXXX, (Sat, Apr 23rd)



from SANS Internet Storm Center, InfoCON: green

Introduction

On Friday 2016-04-15, Proofpoint researchers spo ...(more)...

Friday, April 22, 2016

Feedly:Fortinet Blog. Your Gossip Is Public



from Fortinet Blog

From time to time, AV analysts encounter "funny" Android malware or PUA: Riskware/Secretmimi!Android is one of those.  This riskware is a social app used to share secrets (gossip). The "fun" part is that you certai...

Feedly:Malwarebytes Labs. Tech Support Scammers Bring Back FakeAV



from Malwarebytes Labs

FakeAV is dead, right? No, tech support scammers are bringing it back.

Categories:

(Read more...)

Feedly:Malwarebytes Labs. GsearchFinder hijackers add extra Firefox profile



from Malwarebytes Labs

Gsearchfinder search hijackers called YesSearches and HohoSearch are adding an extra Firefox profile on affected systems.

Categories:

Tags:

(Read more...)

Feedly:Threat Research Blog. New Downloader for Locky



from Threat Research Blog

Feedly:Darknet The Darkside. SamParser Parse SAM Registry Hives With Python



from Darknet – The Darkside

Feedly:SANS Internet Storm Center InfoCON: green. Honeyports powershell script (Fri Apr 22nd)



from SANS Internet Storm Center, InfoCON: green

If its happen that you like to run your honeypot on a Windows system then Honeyport is something ...(more)...

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Lithuania govt websites hit by cyberattacks for third time



from Security News - Software vulnerabilities, data leaks, malware, viruses

Lithuanian officials say government websites have been hit by cyberattacks for the third time this month.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Retinal scans and fingerprint checks: High tech or high risk?



from Security News - Software vulnerabilities, data leaks, malware, viruses

Having a smartphone unlock once it recognises your face or using a paypass machine that needs your fingerprint to finalise a purchase are becoming increasingly common, but are these the best way to stay secure?

Feedly:Securelist - Information about Viruses Hackers and Spam. Spammers all geared up for Euro 2016!



from Securelist - Information about Viruses, Hackers and Spam

Major football tournaments such as the World Cup and the European Championship, traditionally attract a lot of spammer activity. Euro 2016 will be held this summer in France, and it's not only the fans and players who are getting ready but also Internet fraudsters. The latter have started sending out fake notifications about lottery wins dedicated to the upcoming tournament.

Feedly:We Live Security Languages English. Two-factor authentication coming to PlayStation Network



from We Live Security » Languages » English

Two-factor authentication (2FA) is to be added to the PlayStation Network, offering members even greater security.

The post Two-factor authentication coming to PlayStation Network appeared first on We Live Security.

Thursday, April 21, 2016

Feedly:Microsoft Malware Protection Center. A brief discourse on Changing browsing experience



from Microsoft Malware Protection Center

In response to questions we’ve received from the software distribution and monetization industry, and following our blog announcing our browser modifier policy update, we’d like to provide some details on what we refer to in our policy as “changing browsing experience”. For us, “changing browsing experience” means behaviors that modify the content of webpages. We...

Feedly:SANS Internet Storm Center InfoCON: green. ISC Stormcast For Friday April 22nd 2016 http://ift.tt/1Sxr4S2 (Fri Apr 22nd)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Phytob



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. FBI head suggests agency paid more than $1M to access iPhone



from Security News - Software vulnerabilities, data leaks, malware, viruses

FBI Director James Comey has hinted that the FBI paid more than $1 million to break into the locked iPhone used by one of the San Bernardino attackers.

Feedly:We Live Security Languages English. Australian government spends $230m on new cybercrime strategy



from We Live Security » Languages » English

The Australian government has set aside $230 million in a new cybercrime strategy with a five-pronged plan of action.

The post Australian government spends $230m on new cybercrime strategy appeared first on We Live Security.

Feedly:Threat Research Blog. PowerShell used for spreading Trojan.Laziok through Google Docs



from Threat Research Blog

Feedly:Malwarebytes Labs. COMELEC breach data released online fully searchable



from Malwarebytes Labs

The COMELEC hack, which involved a breach of up to 55 million people's personal information in the Philippines, is now fully searchable.

Categories:

Tags:

(Read more...)

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Exedapan



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:SANS Internet Storm Center InfoCON: green. Decoding Pseudo-Darkleech (Part #2) (Thu Apr 21st)



from SANS Internet Storm Center, InfoCON: green

Please refer to the

Feedly:We Live Security Languages English. Encrypt or face a huge fine



from We Live Security » Languages » English

The ICO, the UK’s independent authority that oversees data privacy, recently released a new guidance on encryption best practices. The key message - encrypt or face a big fine.

The post Encrypt – or face a huge fine appeared first on We Live Security.

Feedly:TrendLabs Security Intelligence Blog. Looking Into a Cyber-Attack Facilitator in the Netherlands



from TrendLabs Security Intelligence Blog

A small webhosting provider with servers in the Netherlands and Romania has been a hotbed of targeted attacks and advanced persistent threats (APT) since early 2015. Starting from May 2015 till today we counted over 100 serious APT incidents that originated from servers of this small provider. Pawn Storm used the servers for at least 80 high profile attacks against various governments in the US, Europe, Asia, and the Middle East. Formally the Virtual Private Server (VPS) hosting company is registered in Dubai, United Arab Emirates (UAE). But from public postings on the Internet, it is apparent that the owner doesn’t really care about laws in UAE. In fact, Pawn Storm and another APT group, attacked the government of UAE using servers of the VPS provider through highly targeted credential phishing. Other threat actors like DustySky (also known as the Gaza hackers) are also regularly using the VPS provider to host their Command and Control (C&C) servers and to send spear phishing e-mails.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Looking Into a Cyber-Attack Facilitator in the Netherlands

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Philippines arrests alleged election website hacker



from Security News - Software vulnerabilities, data leaks, malware, viruses

Philippine officials said Thursday they have arrested a suspect in the hacking of the national election agency's website ahead of next month's presidential polls.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Australia admits government hack attacks boosts cyber security



from Security News - Software vulnerabilities, data leaks, malware, viruses

Australia unveiled a multi-million-dollar cyber scheme to combat hacking on Thursday, as Prime Minister Malcolm Turnbull acknowledged an attack on the country's weather bureau but stopped short of blaming it on China.

Wednesday, April 20, 2016

Feedly:SANS Internet Storm Center InfoCON: green. ISC Stormcast For Thursday April 21st 2016 http://ift.tt/1TkhTEA (Thu Apr 21st)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:SANS Internet Storm Center InfoCON: green. Have you seen any spam/phishing/scams related to the recent earthquake in Ecuador? If so let us know http://ift.tt/15xUGX1 (Thu Apr 21st)



from SANS Internet Storm Center, InfoCON: green

---
Johannes B. Ullrich, Ph ...(more)...

Feedly:Threats RSS Feed - Symantec Corp.. Packed.Generic.501



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:SANS Internet Storm Center InfoCON: green. Decoding Pseudo-Darkleech (#1) (Thu Apr 21st)



from SANS Internet Storm Center, InfoCON: green

Im currently going through a phase of WordPress dPression. Either my users are exceptionally adep ...(more)...

Feedly:Threat Research Blog. Follow The Money: Dissecting the Operations of the Cyber Crime Group FIN6



from Threat Research Blog

Feedly:Threats RSS Feed - Symantec Corp.. JS.Proxybrowse



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Threats RSS Feed - Symantec Corp.. JS.Ransomcrypt



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:TrendLabs Security Intelligence Blog. SpyEye Creator Sentenced to 9 Years in Federal Prison



from TrendLabs Security Intelligence Blog

The creator of the banking malware SpyEye, Aleksandr Andreevich Panin, has just been sentenced on charges related to creating and distributing SpyEye. In early 2014, he pleaded guilty to charges related to creating and distributing SpyEye. Information provided by Trend Micro was used to help find the real identities of Panin and his accomplices.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

SpyEye Creator Sentenced to 9 Years in Federal Prison

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Creator of malware used to drain bank accounts gets 9 years



from Security News - Software vulnerabilities, data leaks, malware, viruses

The Russian creator of a computer program that enabled cybercriminals to infect millions of computers and drain bank accounts in multiple countries was sentenced Wednesday to serve 9 ½ years in federal prison.

Feedly:The Citizen Lab. Christopher Parsons on the RCMPs BlackBerry encryption key



from The Citizen Lab

Recent reports have indicated that the Royal Canadian Mounted Police (RCMP) has had a key to unlock encrypted messages sent between BlackBerry users since 2010. Citizen Lab Postdoctoral Fellow Christopher Parsons commented on the significance of the revelations in an interview with VICE Motherboard.

The post Christopher Parsons on the RCMP’s BlackBerry encryption key appeared first on The Citizen Lab.

Feedly:The Citizen Lab. Chilling Effects: Insights on how laws and surveillance impact people online



from The Citizen Lab

April 27 - Boston, Massachusetts

The post Chilling Effects: Insights on how laws and surveillance impact people online appeared first on The Citizen Lab.

Feedly:Malwarebytes Labs. Fake Social Button Plugin Redirects to Angler EK



from Malwarebytes Labs

Websites' third party plugins can be deceiving, especially when they are used to redirect to malware.

Categories:

Tags:

(Read more...)

Feedly:Fortinet Blog. Industry Q&A: What is Top of Mind for Communication Service Providers (CSPs) and MSSPs in Cybersecurity Today?



from Fortinet Blog

For communication carriers today, it seems there are always fresh opportunities to deliver new and possibly lucrative network services for businesses and consumers. The growth of IoT alone holds tremendous potential for business opportunities. Howeve...

Feedly:Threats RSS Feed - Symantec Corp.. Infostealer.Multig!gm



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Darknet The Darkside. Apple Will Not Patch Windows QuickTime Vulnerabilities



from Darknet – The Darkside

Feedly:Bitdefender Labs. MBR-Encrypting Ransomware Petya Gets Bitdefender Vaccine



from Bitdefender Labs

The Petya ransomware that has been encrypting the NTFS Master File Table has recently been analyzed by the Bitdefender research team and found to sport similarities with other ransomware families, such as Chimera and Rokku. This information could point to … Continue reading

Feedly:Threats RSS Feed - Symantec Corp.. Infostealer.Multigpos



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:We Live Security Languages English. Dorkbot: 5 years since detection



from We Live Security » Languages » English

In the half-decade that has lapsed since Dorbot was first identified, millions of innocent victims, going about their everyday business, have been affected in over 190 countries. It has, quite literally, wormed its malicious way into computer systems throughout the world.

The post Dorkbot: 5 years since detection appeared first on We Live Security.

Feedly:We Live Security Languages English. Buildings at risk of cyberattacks



from We Live Security » Languages » English

Buildings are increasingly susceptible to cyberattacks, with the Internet of Things presenting cybercriminals with new opportunities to exploit.

The post Buildings at risk of cyberattacks appeared first on We Live Security.

Feedly:Threats RSS Feed - Symantec Corp.. SONAR.Heur.RGC!g112



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Feedly:Threats RSS Feed - Symantec Corp.. SONAR.Downloader!gen2



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Tuesday, April 19, 2016

Feedly:Threats RSS Feed - Symantec Corp.. Exp.CVE-2016-0164



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:SANS Internet Storm Center InfoCON: green. ISC Stormcast For Wednesday April 20th 2016 http://ift.tt/1MH5TxY (Wed Apr 20th)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:SANS Internet Storm Center InfoCON: green. Oracle critical updates released (Wed Apr 20th)



from SANS Internet Storm Center, InfoCON: green

Oracle has released their critical updates list. Looking through it there is a very wide range of ...(more)...

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Exploz.C



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan, Virus.

Feedly:Threats RSS Feed - Symantec Corp.. W32.Exploz.C



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Virus.

Feedly:Threats RSS Feed - Symantec Corp.. BBOS.Stealthgenie



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Apple denies handing source code over to China



from Security News - Software vulnerabilities, data leaks, malware, viruses

Apple on Tuesday denied providing Chinese authorities with special access to its devices, as the iPhone maker defended its position on encryption and cooperation with US law enforcement.

Feedly:SANS Internet Storm Center InfoCON: green. Kippo and dshield (Tue Apr 19th)



from SANS Internet Storm Center, InfoCON: green

In this diary I will talk about how to configure kippo honeypot and how to submit your kippos log ...(more)...

Feedly:Security News - Software vulnerabilities data leaks malware viruses. 'We have not provided source code to China': Apple



from Security News - Software vulnerabilities, data leaks, malware, viruses

Apple has not provided its underlying software instructions or "source code" to China, the company's top lawyer said Tuesday, seeking to quash rumors about the iPhone maker's data security.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Dutch police crack encrypted communications network



from Security News - Software vulnerabilities, data leaks, malware, viruses

Dutch police and prosecutors took down an encrypted communications network Tuesday believed to have been used by criminals in the Netherlands and possibly overseas.

Feedly:We Live Security Languages English. Cybercriminals could access calls and texts using just your phone number



from We Live Security » Languages » English

Your phone number holds the key that could give cybercriminals access to your location, phone calls and texts, according to a news report.

The post Cybercriminals could access calls and texts using just your phone number appeared first on We Live Security.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. FBI: Using third-parties to break encryption not solution



from Security News - Software vulnerabilities, data leaks, malware, viruses

A senior FBI official says she doesn't think hiring third parties to help the FBI hack into locked iPhones should be the solution.

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Cryptlock.AN!gm



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Apple report shows 30000 law enforcement data queries



from Security News - Software vulnerabilities, data leaks, malware, viruses

Apple received some 30,000 data requests from law enforcement agencies globally in the second half of 2015, and provided information in a majority of cases, the company's latest transparency report showed.

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Cryptolocker.AN



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:Security News - Software vulnerabilities data leaks malware viruses. Visa: new technology for chip cards to speed checkout times



from Security News - Software vulnerabilities, data leaks, malware, viruses

Visa says its improving its smart chip-embedded cards, which have been the source of grumbling from businesses and customers forced to wait for transactions to go through.

Feedly:Threat Research Blog. MULTIGRAIN Point of Sale Attackers Make an Unhealthy Addition to the Pantry



from Threat Research Blog

Feedly:Threats RSS Feed - Symantec Corp.. Trojan.Cryptolocker.AM



from Threats RSS Feed - Symantec Corp.

Risk Level: Very Low. Type: Trojan.

Feedly:TrendLabs Security Intelligence Blog. New Crypto-Ransomware JIGSAW Plays Nasty Games



from TrendLabs Security Intelligence Blog

The evolution of crypto-ransomware in terms of behavior takes a step forward, and a creepy one at that. We have recently encountered a nasty crypto-ransomware variant called JIGSAW. Reminiscent to the horror film Saw, this malware toys with users by locking and deleting their files incrementally. To an extent, it instills fear and pressures users into paying the ransom. It even comes with an image of Saw’s very own Billy the puppet, and the red analog clock to boot.

It’s no longer a surprise that crypto-ransomware is the prevalent threat in today’s computing landscape, given its promise of quick ROI for the cybercriminals behind it. It’s also not surprising that many have joined this bandwagon. These days, the name of the crypto-ransomware game is to add “unique” features or “creative” ways to instill fear and put more pressure to users to pay up, despite the fact that, when it comes to their technical routines, there’s not much difference among these malware. JIGSAW joins notable families like PETYA and CERBER that have emerged in the past couple of months alone.

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

New Crypto-Ransomware JIGSAW Plays Nasty Games

Monday, April 18, 2016

Feedly:SANS Internet Storm Center InfoCON: green. ISC Stormcast For Tuesday April 19th 2016 http://ift.tt/1MEzk3G (Tue Apr 19th)



from SANS Internet Storm Center, InfoCON: green

...(more)...

Feedly:Malwarebytes Labs. Magnitude EK Activity At Its Highest Via AdsTerra Malvertising



from Malwarebytes Labs

The Magnitude exploit kit is maximizing its leads via a large and uninterrupted malvertising campaign.

Categories:

Tags:

(Read more...)

Feedly:Malwarebytes Labs. A Week in Security (Apr 10 – Apr 16)



from Malwarebytes Labs

A compilation of notable security news and blog posts from April 10 to April 16.

Categories:

Tags:

(Read more...)

Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Manhattan DA, law officials push for encryption legislation



from Security News - Software vulnerabilities, data leaks, malware, viruses

Calling it an issue of victims' rights, the Manhattan district attorney urged Congress to pass legislation that would require tech companies to give law enforcement a way to access information on encrypted phones and other devices.

Feedly:Microsoft Malware Protection Center. JavaScript-toting spam emails: What should you know and how to avoid them?



from Microsoft Malware Protection Center

We have recently observed that spam campaigns are now using JavaScript attachments aside from Office files. The purpose of the code is straightforward. It downloads and runs other malware. Some of the JavaScript downloaders that we’ve seen are: TrojanDownloader:JS/Swabfex TrojanDownloader:JS/Nemucod TrojanDownloader:JS/Locky The same JavaScript downloaders are also responsible for spreading the following ransomware: Ransom:Win32/Tescrypt Ransom:Win32/Locky...

Feedly:Darknet – The Darkside. Recon-ng – Web Reconnaissance Framework



from Darknet – The Darkside

Feedly:Fortinet Blog. Get Threat Protection as Savvy as the Attackers Themselves



from Fortinet Blog

When it comes to cyber security, the healthcare industry is vulnerable. Providers face substantial regulation around privacy and data security. And hackers have much to gain; recent stats put the black market value of healthcare records at 10 times t...

Feedly:We Live Security » Languages » English. AI and humans successfully ‘predict most cyberattacks’



from We Live Security » Languages » English

Researchers from MIT’s CSAIL have developed an artificial intelligence platform that can ‘predict 85% of cyberattacks’ so long as it benefits from human input.

The post AI and humans successfully ‘predict most cyberattacks’ appeared first on We Live Security.

Web Analytics