Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
What appears to be the source code of hacking tools used by an Iranian cyber-espionage group (APT34) has been posted online along with information apparently stolen from victims. [Read More]
Cybersecurity researcher Marcus Hutchins, known for his actions that helped stop the WannaCry ransomware attack, admitted in a U.S. court to aiding in the development and distribution of a banking Trojan. [Read More]
A financially motivated threat actor believed to speak Russian has used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide. [Read More]
Hackers scrambled to erase their digital footprints after FireEye linked the Triton/Trisis malware to a Russian government research institute. [Read More]
Most of the malicious activity by Brazilian hackers is within Brazil against Brazilians, but this does not mean that Brazil lacks hacking capabilities, nor that the rest of the world can ignore Brazilian hackers. [Read More]
Iran-linked cyber-espionage group OilRig is making broad use of DNS tunneling across its tools portfolio, Palo Alto Networks security researchers reveal. [Read More]
The Scranos rootkit-enabled spyware operation has expanded reach outside of China to hit targets worldwide. [Read More]
A new variant of the HawkEye keylogger/information stealer is being leveraged in ongoing malware distribution campaigns. [Read More]
Garfield County, Utah, was recently affected by ransomware that apparently encrypted enough systems to require County officials to switch to paper administration. [Read More]
A recently patched Windows zero-day vulnerability tracked as CVE-2019-0859 had been exploited to deliver a PowerShell backdoor. [Read More]
- 1 of 183
- ››
FEATURES, INSIGHTS // Malware
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
- 1 of 13
- ››
SecurityWeek Daily Briefing
- BEC Fraud Losses Grew to $1.3 Billion in 2018: FBI
- DNSpionage Hackers Use New Malware in Recent Attacks
- Serious Vulnerabilities Found in Fujifilm X-Ray Devices
- Chrome 74 Patches 39 Vulnerabilities
- Rockwell Controller Flaw Allows Hackers to Redirect Users to Malicious Sites
- Britain 'Approves' Huawei Role in 5G Network
- 6 Ways Attackers Are Still Bypassing SMS 2-Factor Authentication
- Cyber Security's New Center Point: Zero Trust
- Kaspersky Links ShadowHammer Supply-Chain Attack to ShadowPad Hackers
- Banking Trojan Drive-by Download Leverages Trust in Google Sites
Copyright © 2019 Wired Business Media. All Rights Reserved. Privacy Policy