Indexsinas SMB Worm Campaign Infests Whole Enterprises
The self-propagating malware's attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines. [...]
Showing only posts tagged malware. Show all posts.
Why MTTR is Bad for SecOps
Kerry Matre, senior director at Mandiant, discusses the appropriate metrics to use to measure SOC and analyst performance, and how MTTR leads to bad behavior. [...]
Zero-Day Used to Wipe My Book Live Devices
Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability. [...]
Microsoft digitally signs malicious rootkit driver
Enlarge Microsoft gave its digital imprimatur to a rootkit that decrypted encrypted communications and sent them to attacker-controlled servers, the company and outside researchers said. The blunder allowed the malware to be installed on Windows machines without users receiving a security warning or needing to take additional steps. For …
Users Clueless About Cybersecurity Risks: Study
The return to offices, coupled with uninformed users (including IT pros) has teed up an unprecedented risk of enterprise attack. [...]
Cobalt Strike Usage Explodes Among Cybercrooks
The legit security tool has shown up 161 percent more, year-over-year, in cyberattacks, having “gone fully mainstream in the crimeware world.” [...]
Attackers Breach Microsoft Customer Service Accounts
American IT companies and government have been targeted by the Nobelium state-sponsored group. [...]
Microsoft Signs Malware That Spreads Through Gaming
The driver, called "Netfilter," is a rootkit that talks to Chinese C2 IPs and aims to spoof gamers' geo-locations to cheat the system and play from anywhere, Microsoft said. [...]
John McAfee obituary
Controversial antivirus software pioneer who entered US politics and became a fugitive from justice As the inventor of the antivirus software that bears his name, John McAfee, who has died aged 75 after apparently taking his own life in a Spanish prison, turned paranoia into a fortune. He was …
FIN7 ‘Pen Tester’ Headed to Jail Amid $1B in Payment-Card Losses
One of the Carbanak cybergang's highest-level hackers is destined to serve seven years while making $2.5 million in restitution payments. [...]
Hackers Crack Pirated Games with Cryptojacking Malware
Threat actors have so far made about $2 million from Crackonosh, which secretly mines Monero cryptocurrency from affected devices. [...]
Spam Downpour Drips New IcedID Banking Trojan Variant
The primarily IcedID-flavored banking trojan spam campaigns were coming in at a fever pitch: Spikes hit more than 100 detections a day. [...]
Oh FCUK! Fashion Label, Medical Diagnostics Firm Latest REvil Victims
The infamous ransomware group hit two big-name companies within hours of each other. [...]
Pandemic-Bored Attackers Pummeled Gaming Industry
Akamai's 2020 gaming report shows that cyberattacks on the video game industry skyrocketed, shooting up 340 percent in 2020. [...]
REvil Ransomware Code Ripped Off by Rivals
The LV ransomware operators likely used a hex editor to repurpose a REvil binary almost wholesale, for their own nefarious purposes. [...]
Ahoy, there’s malice in your repos—PyPI is the latest to be abused
Enlarge (credit: Getty Images) Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found. The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked those …
Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer
Wired is reporting on a company called Mollitiam Industries: Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and microphone. Its …
Cryptominers Slither into Python Projects in Supply-Chain Campaign
These code bombs lurk in the PyPI package repository, waiting to be inadvertently baked into software developers' applications. [...]
Embryology Data Breach Follows Fertility Clinic Ransomware Hit
Approximately 38,000 of RBA's customers had their embryology data stolen by a ransomware gang. [...]
What’s Making Your Company a Ransomware Sitting Duck
What's the low-hanging fruit for ransomware attackers? What steps could help to fend them off, and what’s stopping organizations from implementing those steps? [...]
‘Oddball’ Malware Blocks Access to Pirated Software
Rather than steal credentials or hold data for ransom, a recent campaign observed by Sophos prevents people from visiting sites that offer illegal downloads. [...]
Newly discovered Vigilante malware outs software pirates and blocks them
Enlarge (credit: Getty Images ) A researcher has uncovered one of the more unusual finds in the annals of malware: booby-trapped files that rat out downloaders and try to prevent unauthorized downloading in the future. The files are available on sites frequented by software pirates. Vigilante, as SophosLabs Principal Researcher …
Clop Raid: A Big Win in the War on Ransomware?
Cops arrest six, seize cars and cash in splashy raid, and experts are applauding. [...]
Exclusive Ransomware Poll: 80% of Victims Don’t Pay Up
Meanwhile, in a separate survey, 80 percent of organizations that paid the ransom said they were hit by a second attack. [...]
Ransomware Poll: 80% of Victims Don’t Pay Up
Meanwhile, in a separate survey, 80 percent of organizations that paid the ransom said they were hit by a second attack. [...]
« newer articles | page 26 | older articles »