Warning: Crypto-Currency Mining is Targeting Your Android
Cryptocurrency, a virtual form of currency designed to work as a secure form of exchange, has gained a lot of traction in the world of finance and technology. But for many, the concept of obtaining cryptocurrency, or “crypto mining,” is obscure. Investopedia defines crypto-mining as, “the process by which transactions are verified and added to […] more…Lazarus Resurfaces, Targets Global Banks and Bitcoin Users
This blog was written with support and contributions provided by Asheer Maholtra, Jessica Saavedra Morales, and Thomas Roccia. McAfee Advanced Threat Research (ATR) analysts have discovered an aggressive Bitcoin-stealing phishing campaign by the international cybercrime group Lazarus that uses sophisticated malware with long-term impact. This new campaign, dubbed HaoBao, resumes Lazarus’ previous phishing emails, posed […] more…McAfee discovered ‘malicious documents’ targeting Winter Olympics ahead of opening ceremony ‘hack’
McAfee discovered ‘malicious documents’ targeting Winter Olympics ahead of opening ceremony ‘hack’ l33tdawg Mon, 02/12/2018 – 00:03 more…The Qubes high-security operating system gains traction in the enterprise
When nation-state adversaries frolic and gambol across your corporate network, playing hide-and-go-seek, sysadmins become central points of compromise. Savvy attackers know that if they can own sysadmins, they can own the network. “I hunt sysadmins,” an NSA operator brags in a slide leaked by Edward Snowden. Regardless of what one may think of Snowden, we […] more…Malwarebytes Delivers Buggy Update to Home, Enterprise Users
A protection update pushed out over the weekend by Malwarebytes to its home and enterprise users caused serious problems, including Web connection issues, excessive memory usage, and even system crashes. read more more…The moving target of IoT security
As the explosive growth of IoT tech continues; businesses, vendors and consumers all have to confront the issue that the world is more connected than ever before, with potentially gigantic consequences. The central problem with IoT security is that there is no central problem – IoT is a more complicated stack than traditional IT infrastructure […] more…Lazarus Campaign Targeting Cryptocurrencies Reveals Remote Controller Tool, an Evolved RATANKBA, and More
by CH Lei, Fyodor Yarochkin, Lenart Bermejo, Philippe Z Lin and Razor Huang Few cybercrime groups have gained as much notoriety—both for their actions and for their mystique—as the Lazarus group. Since they first emerged back in 2007 with a series of cyberespionage attacks against the South Korean government, these threat actors have successfully managed […] more…9 new products for the enterprise from CES 2018
Alexa on Windows 10 PCs at CES 2018 Image by HP At CES 2018 everyone was talking about — or talking to — Amazon.com’s Alexa digital assistant. It’s omnipresent — around the home and in phones, cars and, increasingly, offices. You’ll probably even find it in your next Windows 10 PC. It’s already in the […] more…North Korean Defectors and Journalists Targeted Using Social Networks and KakaoTalk
Recently, South Korean media wrote about North Korean refugees and journalists being targeted by unknown actors using KakaoTalk (a popular chat app in South Korea) and other social network services (such as Facebook) to send links to install malware on victims’ devices. This method shows that attackers are always looking for different ways to deliver […] more…New Mobile Malware Uses Layered Obfuscation and Targets Russian Banks
by Jordan Pan and Song Wang Last year, we saw the Fanta SDK malware target Russian bank Sberbank users and employ unique defensive measures. Now, another bank malware family has appeared, targeting even more Russian banks while using new and evolved obfuscation techniques. This family is named FakeBank, and so far the related samples we […] more…McAfee’s #RT2WIN CES Sweepstakes Terms and Conditions
We’re so excited to head to Las Vegas next week for CES! To celebrate, we’re giving fifteen people a chance to win a $200 Amazon Gift card. Not heading to CES this year? No problem! Simply retweet one of our contest tweets with the required hashtag between January 9th – 12th for your chance to […] more…Password managers grow up, target business users
Password managers began as free or low-cost apps for consumers, tracking passwords and sign-ins to websites and applications, making it possible for users to create and manage long, hard-to-guess and unique passwords for all their accounts. Most work by encrypting the password lists with a single master password that only the user knows, so that […] more…Russia’s Globex bank says hackers targeted its SWIFT computers
Russia’s Globex bank says hackers targeted its SWIFT computers l33tdawg Thu, 12/21/2017 – 21:08 more…Kremlin’s New Cyber Weapons Spark Fears and Fantasies
From Donald Trump’s election to Brexit and the Catalan crisis, accusations that the Kremlin is meddling in Western domestic affairs have heightened fears over Russian hackers, trolls and state-controlled media. read more more…CONFICKER/ DOWNAD 9 Years After: Examining its Impact on Legacy Systems
The banking trojan known as DOWNAD (Detected by Trend Micro as DOWNAD family) first appeared back in 2008, where it managed to be one of the most destructive malware at the time, infecting up to 9 million computers and gaining worldwide notoriety. Despite being nearly a decade old, and years past its peak, DOWNAD, also […] more…Code Execution Flaw Found in HP Enterprise Printers
Researchers have found a potentially serious remote code execution vulnerability in some of HP’s enterprise printers. The vendor claims to have already developed a patch that will be made available to customers sometime this week. read more more…More information
- Huawei: Separating fact from fiction
- Apple says iOS 14.5.1 and macOS 11.3.1 patch WebKit flaws that may have been actively exploited
- Google researchers find remote execution bug in FireEye appliances
- Facebook crushes 583 million fake accounts in 3 months
- Capgemini to Acquire Leidos Cyber
- Hack mobile point-of-sale systems? Researchers count the ways
- Sudan drops off Internet amid internal strife
- FBI: IC3 Received 6 Million Cybercrime Complaints Since Inception
- Unix & Security: 243 Days
- Library File in Certain Android Apps Connects to C&C Servers