Confucius Update: New Tools and Techniques, Further Connections with Patchwork
by Daniel Lunghi and Jaromir Horejsi Back in February, we noted the similarities between the Patchwork and Confucius groups and found that, in addition to the similarities in their malware code, both groups primarily went after targets in South Asia. During the months that followed in which we tracked Confucius’ activities, we found that they […] more…Kick Off Your Digital Spring Cleaning Efforts During World Backup Day
As spring blossoms into full-force, millions of people will start to shed the heavy baggage and gear that kept them warm during winter by partaking in a tried and true practice: spring cleaning. While whipping yourself into a cleaning frenzy around your home, take a moment to extend your spring cleaning efforts into your digital […] more…Security Firm Under Fire Over Disclosure of AMD Chip Flaws
AMD is investigating claims that its processors are affected by more than a dozen serious vulnerabilities, and the company that found the flaws is facing backlash over its disclosure method. Israel-based CTS Labs on Tuesday published a report claiming that it has found 13 critical vulnerabilities and backdoors in AMD’s EPYC, Ryzen, Ryzen Pro, and […] more…Deciphering Confucius’ Cyberespionage Operations
by Daniel Lunghi and Jaromir Horejsi In today’s online chat and dating scene, romance scams are not uncommon, what with catfishers and West African cybercriminals potently toying with their victims’ emotions to cash in on their bank accounts. It’s quite odd (and probably underreported), however, to see it used as a vector for cyberespionage. We stumbled upon the Confucius hacking group while delving […] more…Janus Android App Signature Bypass Allows Attackers to Modify Legitimate Apps
Android’s regular security update for December 2017 included a fix for a serious vulnerability that could allow attackers to modify installed apps without affecting their signature. This would allow an attacker to gain access to the affected device (indirectly). First found by researchers in July, this vulnerability (designated as CVE-2017-13156, and also called the Janus vulnerability) affects versions of […] more…Digmine Cryptocurrency Miner Spreading via Facebook Messenger
by Lenart Bermejo and Hsiao-Yu Shih We found a new cryptocurrency-mining bot spreading through Facebook Messenger, which we first observed in South Korea. We named this Digmine based on the moniker (비트코인 채굴기 bot) it was referred to in a report of recent related incidents in South Korea. We’ve also seen Digmine spreading in other […] more…What To Do If Your Email Is Hacked
I think I could count on my hand the people I know who have NOT had their email hacked. Maybe they found a four-leaf clover when they were kids! Email hacking is one of the very unfortunate downsides to living in our connected, digital world. And It’s often a situation that even the savviest tech […] more…How the IoT supports the world’s largest industries
The Internet of Things (IoT) has already helped to connect our world in so many ways, bringing huge improvements and convenience to our lives, homes and health. But we’re often guilty of taking it for granted and failing to celebrate the many ways in which being connected supports some of the world’s largest industries, such […] more…Razer made a smartphone, and it’s an all-black version of the Nextbit Robin
Nearly a year after Razer bought Nextbit, we now know what the startup smartphone company has been working on while under the gaming company’s leadership. Razer debuted its first smartphone today, the Razer Phone, and it’s clearly born from the ashes of the Nextbit Robin. Mobile gaming continues to be important to all types of […] more…A Closer Look at North Korea’s Internet
By Vladimir Kropotov, Philippe Z Lin, Fyodor Yarochkin and Feike Hacquebord Introduction North Korea’s presence on the internet is commonly perceived as something that only goes one way: hackers go out, nothing gets in. Incidents like the Sony Pictures hack in 2014 and a couple of global bank heists were reported to be the work of North […] more…Staying Anonymous on the Blockchain: Concerns and Techniques
With Bitcoin at one point valued at more than $5,000 per unit, cryptocurrencies have excited a lot of interest from individuals, businesses, and hackers. One of the selling points of Bitcoin and others of its type is anonymity. Yet there are concerns that online currency transactions may not be as anonymous as many wish. In […] more…McAfee Labs Threats Report Explores WannaCry/Petya, Threat Hunting, Script-Based Malware
Today we published the McAfee Labs Threats Report: September 2017. This quarter’s report shows off a new design. We hope you will find it attractive as well as informative. The report contains three highly educational topics, in addition to the usual set of threats statistics: Earlier this year, WannaCry malware infected more than 300,000 computers […] more…The Do You Knows of DDoS Attacks
“Where’s my phone?” In a blink of an eye, my home is suddenly flipped upside down—couch cushions overturned, drawers – askew and papers shuffled. After a few repeating buzzes I realize that it’s right under my nose. Relief floods my body. How could I last a day without my phone? With the rise of social […] more…Get Schooled on Security
It’s hard to imagine what college would have been like if I had today’s technology in my arsenal. With spell check, search engines and online resources, meeting deadlines for my assignments would have been a breeze. Late nights in the library would have been condensed to a few quick clicks on the web, but at […] more…The Dark Web: What Every Parent Should Know
Mention the Dark Web in conversation and groans will inevitably ensue. Most of us realise it is a dangerous part of the net that should be given a very wide berth but probably haven’t had the time to investigate exactly why. So, here’s my 5-minute guide to ensure you are fully informed about the Dark […] more…Recent Phishing Attacks Target Google Chrome Extensions, Spread Adware to 1 Million Users
Browser extensions help us out with our grammar, they allow us to video chat online, they even permit us to play games. Their intent is to extend the functionality of a web browser. Unfortunately, they’re also being leveraged by cybercriminals to extend the functionality of their own malicious campaigns. In fact, this past week we’ve seen […] more…More information
- How America Can Beat Russia in Cyber War, Despite Trump
- Flaw in WordPress Plugin Grants Access to Google Search Console
- Industrial cybersecurity threat landscape
- Gugi: from an SMS Trojan to a Mobile-Banking Trojan
- Resolved: ANGEL to be unavailable from 5 a.m. – 6 a.m. ET on Wednesday, 3/29
- FBI Warns of Phishing Attacks Targeting US Election Officials
- Why You Should Care About Fitness Tracker Security
- RSA Conference 2024 – Announcements Summary (Day 4)
- Facebook to Offer ‘Bounty’ for Reporting Data Abuse
- NASA releases dozens of patents into the public domain