Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The compromise of an ESLint maintainer’s account resulted in malicious packages designed to steal login tokens from the npm software registry. [Read More]
Recently discovered cyber attacks targeting iPhone users have been using an open-source mobile device management (MDM) system to control enrolled devices, Talos reports. [Read More]
Ukraine’s security service says it has blocked a VPNFilter attack on a critical infrastructure organization (a chlorine station) and accused Russian intelligence of being behind the operation [Read More]
A user-maintained Arch Linux AUR (Arch User Repository) software repository was pulled earlier this week after it was found to contain malware. [Read More]
GandCrab ransomware is now attempting to infect Windows XP machines using the NSA-linked EternalBlue exploit. [Read More]
Researchers see new attacks on Palestinian Authority and the main suspect is the Gaza Cybergang/Molerats, which has been linked to Hamas [Read More]
The Rakhni ransomware family recently added the ability to deploy a crypto-currency miner instead of file encryptor, based on the victim machine’s configuration. [Read More]
A new piece of macOS malware has been observed being distributed via crypto-currency related Slack or Discord chat groups, security researchers warn. [Read More]
Two cyberespionage campaigns targeting the Tibetan community based in India appear to be the work of Chinese actors [Read More]
Cisco Talos releases free decryption tool to help victims of the Thanatos ransomware recover their files without paying the ransom [Read More]
- 1 of 165
- ››
FEATURES, INSIGHTS // Malware
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”
The FUD crypter service industry is giving a second life to a lot of old and kind-of-old malware, which can be pulled off the shelf by just about anybody with confused ethics and a Bitcoin account.
Cryptojacking malware grew from impacting 13% of all organizations in Q4 of 2017 to 28% of companies in Q1 of 2018, more than doubling its footprint.
A study found that over 98 percent of malware making it to the sandbox array uses at least one evasive tactic, and 32 percent of malware samples making it to this stage could be classified as “hyper-evasive".
The cost of electricity has led some to take shortcuts in the search for power sources - individuals and organizations are now being breached by cyber-criminals seeking to take advantage of corporate infrastructures.
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
There are several mitigation measures and best practices that you can adopt to improve your organization’s security posture and reduce the risk of supply chain infections.
- 1 of 13
- ››
SecurityWeek Daily Briefing
- Microsoft Addresses Serious Vulnerability in Translator Hub
- "MoneyTaker" Hackers Stole $1 Million From Russian Bank
- Trump-Putin Meeting Puts Finland on Cyber-Attack Target List
- DOJ Cybersecurity Task Force Outlines Plans for Protecting Elections
- A Cyber Axis of Evil is Rewriting the Cyber Kill Chain
- Singapore Says Hackers Stole 1.5 Million Health Records in Massive Cyberattack
- Adobe Patches Vulnerability Affecting Internal Systems
- HR Services Firm ComplyRight Suffers Data Breach
- The Path to Securing IoT Ecosystems Starts at the Network
- Robocalling Firm Exposes U.S. Voter Records
Copyright © 2018 Wired Business Media. All Rights Reserved. Privacy Policy