Malware

Emergency Patch Issued for Samba, WannaCry-type Bug Exploitable with One Line of Code

The team behind the free networking software Samba has issued and emergency patch for a remote code execution vulnerability. more

WikiLeaks Releases CIA Malware Implants Called Assassin and AfterMidnight

The recent heavy news coverage of WannaCry has overshadowed the latest WikiLeaks release of critical CIA malware documentation: user manuals for two hacking tools named AfterMidnight and Assassin. more

WannaCry: Patching Dilemma from the Other Side

WannaCry, originated firstly in state projects but spread by other actors, has touched upon myriads of infrastructure such as hospitals, telecommunication, railroads that many countries have labelled as critical. IT engineers are hastily presenting patching codes in various localized versions. The other patch needed, however, is more than technical. It is normative and legislative. The coding of that patch for a situation like this is in two layers of dilemma. more

WannaCry Ransomware Cyberattack Spreading to Countries Across the World, 45K Attacks Reported So Far

Security researchers are reporting a massive attack today, dubbed "WannaCry", which has reached 45,000 attacks in 74 countries around the world so far, mostly in Russia. more

New Chapter Working Groups Open Closed Doors

One thing was clear from a recent presentation by the new leaders of the SF-Bay Internet Society (ISOC) Chapter Working Groups: inclusion and collaboration will be the key to these groups' success. As Dr. Brandie Nonnecke, the Internet Governance Working Group (WG) Chair said, "We haven't yet cracked the code on what 'multistakeholder' means." But that won't stop her and Dr. Jaclyn Kerr, the Data Protection, Privacy, and Security WG Chair, from trying. more

WikiLeaks Releases CIA Documents on Grasshopper Framework for Building Customized Malware Payloads

WikiLeaks on Friday released a new set of leaks -- Vault 7 "Grasshopper" -- containing 27 documents from the CIA's Grasshopper framework, a platform used to build customized malware payloads for Microsoft Windows operating systems. more

Notes from NANOG 69

NANOG 69 was held in Washington DC in early February. Here are my notes from the meeting. It would not be Washington without a keynote opening talk about the broader political landscape, and NANOG certainly ticked this box with a talk on international politics and cyberspace. I did learn a new term, "kinetic warfare," though I'm not sure if I will ever have an opportunity to use it again! more

Cyber-Terrorism Rising, Existing Cyber-Security Strategies Failing, What Are Decision Makers to Do?

While conventional cyber attacks are evolving at breakneck speed, the world is witnessing the rise of a new generation of political, ideological, religious, terror and destruction motivated "Poli-Cyber™" threats. These are attacks perpetrated or inspired by extremists' groups such as ISIS/Daesh, rogue states, national intelligence services and their proxies. They are breaching organizations and governments daily, and no one is immune. more

CircleID’s Top 10 Posts of 2016

The new year is upon us and it's time for our annual look at CircleID's most popular posts of the past year and highlighting those that received the most attention. Congratulations to all the 2016 participants and best wishes to all in the new year. more

‘Avalanche’ Network Dismantled in an International Cyber Operation Including Europol and the FBI

After over four years of investigation, the international criminal infrastructure platform known as 'Avalanche' is reported to have been dismantled via a collaborative effort involving Public Prosecutor's Office Verden and the Lüneburg Police (Germany) in close cooperation with the United States Attorney's Office for the Western District of Pennsylvania, the Department of Justice and the FBI, Europol, Eurojust and global partners. more

Germany’s Leading ISP Deutsche Telekom Under Cyberattack, Close to 900K Customers Affected

Close to a million Deutsche Telekom customers have had trouble getting online since Sunday afternoon which the company on Monday confirmed to be the result of an "outside" attack. more

Several Models of Android Devices Discovered Collecting and Transmitting Sensitive Personal Data

Several models of Android mobile devices discovered containing firmware that collect sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users' consent. more

U.S. Department of Transportation Issues Federal Cybersecurity Guidance to Automotive Industry

U.S. Department of Transportation issues Federal guidance to the automotive industry for improving motor vehicle cybersecurity. The guidance covers cybersecurity best practices for all motor vehicles, individuals and organizations manufacturing and designing vehicle systems and software. more

Over 3.2 Million Debit Cards May Have Been Compromised, Says National Payment Corporation of India

A total of 3.2 million debit cards across 19 banks may have been compromised as a result of a suspected malware attack. The breach, possibly largest of its kind in India, was confirmed by the National Payment Corporation of India (NPCI) in a statement today. more

IoT Botnet Source Code Responsible for Historic Attack Has Been Publicly Released

The source code for the IoT botnet 'Mirai' has been released," warns security expert Brian Krebs whose own website was targeted with the same botnet resulting in the historically large DDoS attack last month. more