Don’t Substitute CVSS for Risk: Scoring System Inflates Importance of CVE-2017-3735
I am a wry observer of vulnerability announcements. CVE-2017-3735—which can allow a small buffer overread in an X.509 certificate—presents an excellent example of the limitations of the Common Vulnerability Scoring System (CVSS). This scoring system is the de facto security industry standard for calculating and exchanging information about the severity of vulnerabilities. The problem is […] more…qkG Filecoder: Self-Replicating, Document-Encrypting Ransomware
by Jaromir Horejsi (Threat Researcher) We encountered a few interesting samples of a file-encoding ransomware variant implemented entirely in VBA macros called qkG (detected by Trend Micro as RANSOM_CRYPTOQKG.A). It’s a classic macro malware infecting Microsoft Word’s Normal template (normal.dot template) upon which all new, blank Word documents are based. Further scrutiny into qkG also […] more…The Uber Data Breach: What Consumers Need to Know
Ride-sharing apps are one of the most successful innovations of the modern digital age. Practically everyone who has a smart phone uses them. When it was discovered today that Uber, the leader in the ride-sharing space, was hit with a massive data breach back in 2016, all of our ears perked up. Let’s look at […] more…KRACKs Against Wi-Fi Serious But Not End of the World
On October 12, researcher Mathy Vanhoef announced a set of Wi-Fi attacks that he named KRACKs, for key reinstallation attacks. These attack scenarios are against the WPA2 authentication and encryption key establishment portions of the most recent set of protocols. The technique is through key reinstallation. The attack can potentially allow attackers to send attacker […] more…How KRACK Threatens Wi-Fi’s Security Underpinnings and What It Means for You
If you grew up before, or even during the 90s, you were familiar with a world of cords. A cord for the telephone, a cord for the CD player and a cord — of course — for the internet. But around the late 80s and early 90s, things started to change. Cashier systems gained a […] more…The importance of cyber self-defense education
As recent headlines have highlighted, one thing is clear; there is still a lot of work that needs to be done in the world of cybersecurity. Whether it is companies being breached or personal data being offered to the highest bidder, it is an incredibly challenging job to keep everyone safe online. In order to […] more…Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly
By Buddy Tancio Fileless malware can be a difficult threat to analyze and detect. It shouldn’t be a surprise that an increasing number of new malware threats are fileless, as threat actors use this technique to make both detection and forensic investigation more difficult. We recently found a new cryptocurrency miner (which we detect as TROJ64_COINMINER.QO) […] more…McAfee Survey: Parental Input on Tech Safety Declines as Kids Get Older
It’s natural for parents to gradually extend a child more freedom and responsibility as that child matures. Finding the magic formula of how much to hang on and how much to let go and in what areas is the holy grail of parenting tween or teenager. A recent McAfee survey echoed this dilemma when it comes […] more…Beware the next wave of cyber threats: IoT ransomware
Ransomware has become one of the most serious cyber threats plaguing organizations. Today, all of us – from home users to corporations and government organizations – are trying to protect ourselves from encryption viruses. But we are ignoring the beginning of the next wave of ransomware attacks – aimed at encrypting IoT devices. These attacks […] more…The 5-Minute Parents’ Guide To Snapchat
OK – we’ve all heard about Snapchat and know that our kids love it. But how many of us really know how it works? Well, read on. I’ve put together a 5-minute overview that will get you up to speed ASAP. So strap yourself in and let’s get hour heads around this together. What Is […] more…Mouse Over, Macro: Spam Run in Europe Uses Hover Action to Deliver Banking Trojan
by Rubio Wu and Marshall Chen (Threats Analysts) While many of today’s malware sport relatively new capabilities, most of their authors or operators still use old techniques to deliver them. Malicious macros and shortcut (LNK) files are still used in ransomware, banking Trojans, and targeted attacks, for instance. These methods may be tried-and-tested, but we’re […] more…What Interests Children Online
Today’s children and teenagers are integrated into cyberspace so tightly that discussions on the outright prohibition of using devices with Internet connectivity are nonsensical. It is more reasonable to teach children how to behave themselves correctly online and lend support by protecting them against undesirable content. To solve these problems, many parents use dedicated software […] more…IT threat evolution Q1 2017
Overview Targeted attacks and malware campaigns More wipers The aim of most targeted attack campaigns is to steal sensitive data. However, this isn’t always the goal. Sometimes attackers erase data instead of – or as well as – trying to gain access to confidential information. We’ve seen several wiper attacks in recent years. They include […] more…iPhone Phishing Scam Crosses Over Physical Crime
Last late April a friend of mine had his iPhone stolen in the streets—an unfortunately familiar occurrence in big, metropolitan areas in countries like Brazil. He managed to buy a new one, but kept the same number for convenience. Nothing appeared to be out of the ordinary at first—until he realized the thief changed his […] more…Spam and phishing in Q1 2017
Spam: quarterly highlights Spam from the Necurs botnet We wrote earlier about a sharp increase in the amount of spam with malicious attachments, mainly Trojan encryptors. Most of that spam was coming from the Necurs botnet, which is currently considered the world’s largest spam botnet. However, in late December 2016, the network’s activity almost ceased […] more…‘Aha’ Moments From the ‘Verizon 2017 Data Breach Investigations Report’
The annual Verizon Data Breach Investigations Report (DBIR) was published today. Once again, it is a hefty report that is sure to become one of the most referenced data breach reports in the world. That is because Verizon’s analysis is based on a broad set of real breach data collected from 65 law enforcement agencies, […] more…More information
- 5 Things About Doxing You Should Know
- “Those aren’t my kids!” – Eufy camera owners report video mixups
- Ask Sucuri: Common WAF Questions and Concerns
- US Has Recovered Ransom Payment Made After Pipeline Hack
- Google throws bug bounty bucks at mega-popular third-party apps
- Five steps to ultimate Firefox security
- Microsoft Internet Explorer and Edge CVE-2016-3325 Information Disclosure Vulnerability
- US intelligence officials: NSA reform bill is ‘flawed’
- Update: Planned network outage for VMHosting
- Freepik Discloses Data Breach Impacting 8.3 Million Users