SecurityWeek

Malware developers have made some significant improvements to the Marcher Trojan, which is now also being leveraged by cybercriminals to target the customers of major banks in the United Kingdom.

FireEye has come across a mysterious piece of malware that appears to be designed to target industrial control systems (ICS), but which could just be part of someone’s research efforts.

Throughout history Operations Security (OPSEC) has been a key tactic used by commercial and military organizations to protect privacy and anonymity. When done well, it denies adversaries information they could use to do harm to an organization or individual. But criminals also use OPSEC as a means to an end – avoiding detection, maintaining availability of their attack infrastructure, and retaining access to environments they have compromised. 

During a meeting last week in Belgium with Koen Van Impe, a security analyst with federal cyber emergency team, CERT.be, he recommended I look at a report involving a cyber espionage case involving the firm RUAG.

New Android spyware, apparently targeting government security job seekers, has been detected in Saudi Arabia. The code is poor but the malware works efficiently, claims McAfee in a report published yesterday.

Chinese Cyber Spies Hack Taiwan Ruling Party: Security Firm Mainland hackers were likely to be behind an attack on the website of Taiwan's ruling party, a US-based security firm said Thursday, as the island warns of growing cyber threats.

Law enforcement officers have arrested 50 hackers across Russia involved in bank fraud using the Lurk trojan, following 86 raids in 15 regions. Fourteen main participants including the three primary organizers were arrested in the Sverdlovsk region. An estimated $45 million has been stolen by the gang, while a further $30 million loss has been prevented by the police. The investigation of the Lurk banking trojan gang was assisted by Kaspersky Lab.

Cisco informed customers on Wednesday that it has released patches for several medium and high severity vulnerabilities affecting its Prime Network Analysis Module products.

Many users have complained that their computers were accessed by hackers via the popular remote access and support tool TeamViewer, but the company says its systems have not been breached.

The third known and second successful attack against banks using the SWIFT money transfer network impacted an Ecuadorian bank between January 12 and January 22, 2015. During this period at least 12 fraudulent transfer requests instructed San Francisco-based Wells Fargo to send $12 million belonging to Ecuador's Banco del Austro (BDA) to accounts in Hong Kong, Dubai and the US. Wells Fargo complied.

Switzerland-based power and automation technologies provider ABB has released a software update for one of its substation automation products to address several vulnerabilities related to the storage of passwords.

Scrum.org informed users on Tuesday that their account information might have been compromised after hackers exploited a new vulnerability in third party software used to operate the website.

More than 19 months after it was patched by Drupal developers, a critical SQL injection vulnerability in the popular content management system is still being exploited by malicious actors to hack websites.

Software update and support tools preinstalled on PCs from some of the world’s biggest original equipment manufacturers (OEMs) introduce serious vulnerabilities that expose users to remote attacks.

To respond to mounting cyber-attacks, advanced persistent threats, and insider leaks, enterprises and government entities need reliable, real time visibility into their IT security posture. Unfortunately, it can take weeks or months to detect intrusions using traditional methods, during which time attackers can exploit vulnerabilities to compromise systems and extract data.

A large number of ransomware families have emerged over the past several months, and a new one is now making the rounds, Microsoft researchers warn.

Trustwave SpiderLabs has discovered a 0-day Windows exploit being offered for sale on an underground forum for Russian speaking cyber criminals. Although the researchers cannot be absolutely certain that the exploit is genuine, they suspect it is - and further expect that the exploit will find its way into criminal hands.

Recently released version 6.0 of the Tor (The Onion Router) browser brings along multiple privacy and security improvements, along with other fixes.

As attackers have become better at evading traditional signatures and malware sandboxes, security teams are increasingly turning to behavior-based detection models to find the signs of an active cyber attack. This behavioral approach to finding threats comes with a lot of advantages.

Two Japanese men were arrested Tuesday for allegedly stealing money from an ATM, with local media reporting they were part of a coordinated nationwide heist that netted millions of dollars earlier this month.