Locky Ransomware Gets New Infection Vector, Improved Evasion
The developers behind the Locky ransomware are tireless in their quest to evade security controls and gain a higher infection rate, and they have recently implemented a variety of changes to the ransomware’s code to support their mission. read more more…UK businesses under attack from phishing scams
UK businesses are the most targeted by phishing attacks across the entire world, new research has found. In its latest annual Internet Security Threat Report, which examines global threat trends for the whole of the past year, the UK ranked number one for phishing attacks both in Europe and worldwide. The country also holds the […] more…InfiltrateCon 2016: A Lesson in Thousand-Bullet Problems
Last week vulnerability developers, security researchers, and even a couple of friendly govies descended upon my native Miami for two daily servings of novel implants, exploits, and the latest in offensive research. To contrast the relaxed bikini-clad environment, an adversarial tone was set by conference badges in the form of survival paracord bracelets with Infiltrate […] more…9 ways technology will change within the next 10 years
Ten years ago, there were no smartphones. It was the coffeeshop era of Wi-Fi, which meant that the Internet was just beginning to follow us out the door and into the world. Amazon first released EC2, to some confusion. Nowadays, of course, Wi-Fi and mobile data are almost ubiquitous, smartphones have hit market saturation in […] more…What We Can Learn From the Bangladesh Central Bank Cyber Heist
The reported hacking of Bangladesh’s central bank accounts with the U.S. Federal Reserve once again shows how bad the impact of cyber attacks to organizations, enterprises or even nation-states can be. Peel off all the other layers in this narrative for a moment—the amount of money stolen, the alleged players, the politics—and at its core, […] more…Amazon disabled encryption on its tablets and phones because nobody used it
Amazon caught flack on Wednesday for disabling the encryption capabilities of its Fire phones and tablets with a software update. The company says its reasoning was simple: people didn’t use it. “In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using,” Amazon spokeswoman Robin Handaly […] more…ATMZombie: banking trojan in Israeli waters
On November 2015, Kaspersky Lab researchers identified ATMZombie, a banking Trojan that is considered to be the first malware to ever steal money from Israeli banks. It uses insidious injection and other sophisticated and stealthy methods. The first method, dubbed “proxy-changing”, is commonly used for HTTP packets inspections. It involves modifying browser proxy configurations and […] more…DIMC and Electronic Account Activation Maintenance
On Wednesday, March 2, 2016, during the maintenance window (5:00-7:00 a.m.), Information Technology Services (ITS) will perform an update that affects Digital Identity Management Center (DIMC) sessions, including functionality for the Electronic Account Activation service. Changes that will take place during the maintenance window include edits to an Electronic Account Activation email notification and changes […] more…Operation Blockbuster revealed
Kaspersky Lab has joined industry alliance driven by Novetta to announce Operation Blockbuster. Just like the previous Operation SMN, this alliance brings together key players in the IT security industry, working together in an effort to disrupt and neutralize multiple cyberespionage campaigns that have been active for several years. Some of the targets of these […] more…Tor users increasingly treated like second-class Web citizens
The Internet is becoming harder to browse for users of Tor, the anonymity network that provides greater privacy, according to a new study. The blame can be placed largely on those who use Tor, short for The Onion Router, for spamming or cyberattacks. But the fallout means that those who want to benefit from the […] more…Google shutters Picasa to focus on Google Photos
Google announced on Thursday it’s shuttering Picasa, the dated photo organizer it purchased in 2004, to focus on Google Photos. “After much thought and consideration, we’ve decided to retire Picasa over the coming months in order to focus entirely on a single photo service in Google Photos,” Google wrote on its blog. “We believe we […] more…Nasdaq to use blockchain to record shareholder votes
Add shareholder voting to the list of applications for blockchain technologies. Later this year, Nasdaq plans to record stockholders’ electronic votes on its own blockchain system for companies listed on one of its exchanges. By digitizing the entire process, it expects to speed and simplify the proxy voting process. Blockchains — the best known of […] more…Poseidon Group: a Targeted Attack Boutique specializing in global cyber-espionage
During the latter part of 2015, Kaspersky researchers from GReAT (Global Research and Analysis Team) got hold of the missing pieces of an intricate puzzle that points to the dawn of the first Portuguese-speaking targeted attack group, named “Poseidon.” The group’s campaigns appear to have been active since at least 2005, while the very first […] more…Adwind: FAQ
Download full report PDF We have become aware of unusual malware that was found in some banks in Singapore. This malware has many names – it is known as Adwind RAT (Remote Access Tool), AlienSpy, Frutas, Unrecom, Sockrat, JSocket, and jRat. It is a backdoor available for purchase, and is written entirely in Java which […] more…Virtual Host Upgrades – February 9
Virtual Host upgrades will be completed during the ITS Maintenance Window (5:00 – 7:00 a.m.) on Tuesday, February 9. The upgrades will migrate Virtual Hosts from the ACE load balancer to the A10 load balancer. The transition is being completed in order to retire the ACE load balancer at a later date. Several services will […] more…How to secure Amazon Web Services like a boss
As cloud IT has proliferated, security concerns have diminished as a barrier to adoption. But that doesn’t mean you can ignore security in the cloud, since a major attack can have expensive — and potentially business-ending — consequences. More and more sensitive data is heading to the cloud. Genomic informatics company GenomeNext, for example, feeds raw […] more…More information
- Phishing Training is a Tool, Not a Solution
- How Low-level Hackers Access High-end Malware
- Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach
- Brave browser starts paying Bitcoins to adblocked sites
- Secretive Israeli Exploit Company Behind Wave of Zero-Day Exploits
- Ryuk Ransomware Damages Large Files Following Update
- White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021
- Microsoft Internet Explorer CVE-2014-2820 Remote Memory Corruption Vulnerability
- Scheduled Upgrade of Brandywine Core Router
- Dyre banking Trojan successor rears its ugly head