Malware

Malware / News Briefs

Sophisticated Maleware Found Aimed to Target Energy Companies

"The threat uses sophisticated techniques to evade detection and prepares the ground for more malware components," Lucian Constantin reporting in CIO: "Security researchers have discovered a new malware threat that goes to great lengths to remain undetected while targeting energy companies."

Documentary Balmes Israel for Stuxnet Malware Failure

Oscar-winning documentarian Alex Gibney's "Zero Days" -- coming out on Friday -- investigates the story of the classified Stuxnet attack on Iran by the US and Israel.

Google’s Project Zero Team Discovers Critical Vulnerabilities in Symantec and Norton

"These vulnerabilities are as bad as it gets," says Google's Information Security Engineer, Tavis Ormandy, in reference to multiple critical vulnerabilities discovered affecting Symantec, a popular vendor in the enterprise security market.

NASCAR Team Pays Ransomware Fee to Recover Its Critical Files

NASCAR team Circle Sport-Leavine Family Racing (CSLFR) disclosed today a ransomware infection incident that took place in April and nearly caused losing access to critical files worth about $2 million.

Cybercriminals Continuing to Exploit Human Nature, Increasing Reliance on Ransomware, Study Finds

Cybercriminals are continuing to exploit human nature and relying on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, according to Verizon 2016 Data Breach Investigations Report released today.

91.3% of Malware Use DNS as a Key Capability

Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently.

Hacking Increasingly Becoming a Physical Concern

If this past quarter's stories are any indication, we could very well be seeing the rise of a new wave of threats that will affect people in a more pronounced and physical level, reports Trend Micro in its Q2 Security Roundup Report.

Megaupload Domains Seized by FBI Now Link to Scam Ads and Malware Due to Renewal Failure

Sean Gallagher reporting in Ars writes: "Earlier this week, something suspicious started happening with Web addresses related to sites seized by the FBI from Megaupload and a number of online gambling sites."

Record Number of Malware Variants Detected in Q4 of 2014, Retail/Service Most Targeted

During the 4th quarter of 2014, a record number of malware variants were detected -- an average of 255,000 new threats each day, according a recent report by Anti-Phishing Working Group (APWG). The group further reports that the number of unique phishing reports submitted to APWG during Q4 was 197,252 -- an increase of 18 percent from the 163,333 received in Q3 of 2014.

Research Finds Mobile Malware Infections Overblown

Advanced threat detection company, Damballa has released findings of a new research on Wednesday, detailing the overblown nature of the mobile malware problem. According to the company, the research, based on Big Data (50% of US mobile traffic), was used to determine actual malware infection rates -- not just samples found, or vulnerabilities/theoretical attacks.

M3AAWG Releases Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

Jointly published by the Internet Infrastructure Coalition (i2C) and the Messaging, Malware and Mobile Anti-Abuse Working Group, the new document outlines proven activities that can help Web hosting services improve their operations and better protect end-users.

Google Announces Project Zero to Secure the Internet

Google today revealed a new initiative, named Project Zero, with the objective to "significantly reduce the number of people harmed by targeted attacks." To carry out the project, Google is recruiting a team of experienced hackers - "practically-minded security researchers" - to contribute 100% of their time toward improving security across the Internet.

Paul Vixie on How the Openness of the Internet Is Poisoning Us

In a video interview conducted during the NSCS ONE conference, Paul Vixie CEO of Farsight Security further discusses the topic of his presentation titled: "Defective by Design -- How the Internet's Openness is Slowly Poisoning Us".

Widespread Compromised Routers Discovered With Altered DNS Configurations

A widespread compromise of consumer-grade small office/home office (SOHO) routers has been discovered by threat intelligence group Team Cymru. According to the report, "attackers are altering the DNS configuration on these devices in order to redirect victims DNS requests and subsequently replace the intended answers with IP addresses and domains controlled by the attackers, effectively conducting a Man-in-the-Middle attack."

Rodney Joffe on Security Vulnerabilities of Modern Automobiles

Rodney Joffe, Senior Technologist at Neustar, explaines that vehicles (beginning with 1998 models) are vulnerable to hacking, but manufacturers have been unable to fix the problem. In the video below, Joffe explains the challenge to cars and the possible threats that exist for other machines connected to a network.