Welcome Guest | Sign In
ECommerceTimes.com
Report: Cybersecurity Dangerously Lax at Mar-a-Lago
May 19, 2017
Internet security at Mar-a-Lago -- the private club President Trump owns and has dubbed the "Southern White House" -- is weak, based on a recent investigation. Trump has used the resort to meet with staffers and foreign heads of state on official business. In February, he took a call about a North Korean ballistic missile launch in Mar-a-Lago's dining room, with members and waiters present.
Massive Ransomware Attack Reaps Meager Profits
May 17, 2017
The WannaCry ransom attack that quickly circled the globe last week is not yet fully contained. So far, it has impacted more than 300,000 computers in 150 countries. However, one of the remarkable things about it is that only a trifling $100,000 in ransom, give or take, apparently has been paid. That represents a surprisingly low response from an attack generally considered the biggest ever.
Microsoft Bashes NSA Following Massive Ransomware Attacks
May 15, 2017
Microsoft this weekend unleashed its wrath on the National Security Agency, alleging it was responsible for the ransomware attack that began last week and has spread to thousands of corporate, government and individual computer systems around the world. Microsoft Chief Legal Officer Brad Smith launched a blistering attack on the NSA and governments worldwide.
British Hospitals, FedEx Among Thousands Hit by Ransomware
May 13, 2017
Authorities are investigating a massive ransomware attack that reportedly hit more than 45,000 computers in 74 countries worldwide, including the UK's NHS England national health service, international delivery service FedEx, and Spanish telecom firm Telefonica. Security experts have linked the exploit to an earlier leak by the Shadow Brokers, who allegedly pilfered hacking tools from the NSA.
The IoT's Scramble to Combat Botnets
May 11, 2017
With shadowy botnet armies lurking around the globe and vigilante gray-hat actors inoculating susceptible devices, the appetite for Internet of Things security is stronger than ever. "If you throw IoT on a con talk, you've got a pretty good chance to get in," remarked information security professional Jason Kent, as he began his presentation at Chicago's Thotcon conference last week.
Millions May Have Picked Up FalseGuide Malware at Google Play Store
April 26, 2017
As many as 2 million Android users might have downloaded apps that were infected with the FalseGuide malware, security research firm Check Point warned on Monday. The oldest of the infected apps could have been uploaded to Google Play as long ago as last November, having successfully remained hidden for five months, while the newest may have been uploaded as recently as the beginning of April.
New Strain of Linux Malware Could Get Serious
April 25, 2017
A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat. Eset disclosed the threat, which represents a new Lua family unrelated to previously seen LuaBot malware. Linux/Shishiga uses four protocols -- SSH, Telnet, HTTP and BitTorrent -- and Lua scripts for modularity, wrote Detection Engineer Michal Malik and Eset researchers.
WikiLeaks Exposes CIA's Device Surveillance Tricks
March 23, 2017
WikiLeaks has released more Vault 7 documentation online, including details about several CIA projects to infect Apple's Mac computer firmware and operating system. The site unloaded its first batch of stolen Vault 7 data earlier this month. The CIA's Embedded Development Branch developed malware that could persist even if the targeted computer were reformatted and its OS were reinstalled.
Malware Found Preinstalled on Dozens of Android Phones
March 13, 2017
Malware has been discovered preinstalled on 36 Android phones belonging to two companies, security software maker Check Point reported. "In all instances, the malware was not downloaded to the device as a result of the users' use -- it arrived with it," noted Oren Koriat, a member of Check Point's Mobile Research Team. The malicious apps were added somewhere along the supply chain.
Microsoft Seeks Global Cybersecurity Accord
February 18, 2017
Microsoft has called on governments around the world to create a "digital Geneva Convention" as a way to normalize international cybersecurity rules and protect civilian use of the Internet. President Brad Smith, who is also Microsoft's chief legal officer, addressed the issue at the annual RSA conference held earlier this week, saying that governments need to establish international rules.
Hackers Targeted DC Police Cams Days Before Inauguration
January 31, 2017
A ransomware attack darkened the video surveillance system of the District of Columbia's police department eight days before the presidential inauguration of Donald J. Trump. Video storage devices for 70 percent of the CCTV system reportedly were unable to record anything between Jan. 12 and Jan. 15, as police techies scrambled to combat malicious software found on 123 of 187 networked video recorders.
Microsoft Hardens Latest Windows Version Against Hackers
January 17, 2017
Microsoft has fortified the latest version of Windows to make it more secure than previous editions, but the strongest protections will be available only to those willing to pay a steep price for them. Windows 10 Anniversary Update has introduced many mitigation techniques in core Windows components and the Microsoft Edge browser, researchers Matt Oh and Elia Florio wrote in a blog post last week.
Las Vegas Captures Ransomware Crown
January 7, 2017
Las Vegas is arguably the gambling capital of the world, but it's also the king city for ransomware, based on recent research. Among the world's nations, the United States ranked highest in ransomware incidents, according to a Malwarebytes report on the prevalence and distribution of extortion apps. The area of the country that logged the most incidents was the Las Vegas-Henderson, Nevada, region.
Ransomware Fighters Get New Free Tool
December 7, 2016
Ransomware has become a gold mine for digital criminals. In the first three months of this year, electronic extortionists squeezed $209 million from victims desperate to recover their data after it was scrambled by the malicious software, based on FBI estimates. At that rate, ransomware could funnel as much as $1 billion into criminal coffers this year.
Multinational Effort Halts Malware Avalanche
December 6, 2016
The DoJ on Monday released new details about the multinational takedown of Avalanche, a multimillion-dollar malware and money-laundering network, following a four-year probe led by German police and prosecutors. Assistant Attorney General Leslie R. Caldwell, Acting U.S. Attorney Soo C. Song and Assistant Director Scott S. Smith of the FBI's Cyber Division made the announcement in Pittsburgh.
Gooligan Ransacks More Than 1M Android Accounts
December 2, 2016
More than 1 million Google accounts have been breached by Android malware dubbed "Gooligan," Check Point reported Wednesday. The malware roots infected devices and steals authentication tokens that can be used to access data from various Google apps including Gmail, Google Docs, G Suite and Google Drive. It potentially affects devices running Android 4 and 5.
Facebook Denies Ransomware Infiltration
November 29, 2016
Facebook has denied that its network and Messenger app were being used to spread ransomware to its users, contradicting the claims of a security firm. Two Check Point researchers last week reported they had discovered a new method for delivering malicious code to machines, which they dubbed "ImageGate." Threat actors had found a way to embed malicious code into an image, they said.
SF Muni Hack a Wake-Up Call for Public Systems
November 28, 2016
The San Francisco Municipal Transportation Authority, or SF MTA, was hacked on Friday. "You Hacked, All Data Encrypted," was the message reportedly displayed on computer screens at the authority's stations throughout the city. "Contact for Key (cryptom27@yandex.com)ID:681 , Enter." Fare payment machines at underground stations were out of order, resulting in free rides.
Google Clamps Down on Sneaky Malicious Sites
November 16, 2016
Sites that repeatedly violate Google's safe browsing policies will be classified as repeat offenders, the company said. A small number of websites take corrective actions after Google displays alerts on their landing pages warning visitors that they're harmful. However, they typically revert to violating the policies after Google verifies that they're safe and removes the warnings.
Defeating Malware With Its Own DNA
November 11, 2016
It's widely known that human DNA evidence has had a major impact in the criminal justice system. Now another kind of DNA may have a similar impact in the fight to eradicate malicious software. Malware DNA, also known as "malware provenance," is the art and science of attributing elements of one object to another object. The technique has applications outside information security -- for example, in genetics, or to test the authorship of student papers.
Election Day Cybershenanigans Highlight Need to Shore Up Security
November 10, 2016
Hackers last week launched DDoS attacks against both presidential candidates' campaign websites. The attacks were routed through HTTP Layer 7 of the OSI protocol. There were at least four 30-second attacks reported. "The websites were not penetrated by a cyberintrusion," said John Costello, a senior analyst at Flashpoint. The attackers were unsophisticated hackers and not a nation-state.
Bot Armies Boost Candidates' Popularity on Twitter
October 29, 2016
Internet bots have many useful online purposes, but they have a dark side, too, as three researchers demonstrated in their analysis of Twitter traffic during the first presidential debate between Hillary Clinton and Donald Trump. Bots are used to automate functions on the Net. For example, if you belong to several social networks, you could use a bot to post a photo to all of them at once.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
IoT Could Become Playground for Botnets Gone Wild
October 6, 2016
The source code for Mirai, the malware behind the botnet that launched a massive attack on the Krebs on Security website -- the largest DDoS attack on record -- has been released in the wild, according to Brian Krebs. A hacker who goes by the handle "Anna-senpai," apparently because of increased scrutiny from the cybersec industry, last week announced the release on Hackforums, Krebs said.
Feds Probe Alleged Phone Hacks as Election Fears Surge
October 4, 2016
Federal authorities have been investigating reports that hackers targeted the mobile phones of a handful of Democratic Party staffers. The news follows a series of breaches in recent months that revealed emails and other personal information of party staffers and other Democratic officials. The FBI has launched an investigation into the attacks, which may be linked to Russia.
Hacking Elections Is Easy, Study Finds
September 30, 2016
It's no longer a question whether hackers will influence the 2016 U.S. elections -- only how much they'll be able to sway them. Leaked emails already have cost a Democratic Party chairperson her job, and the FBI last month issued a flash warning that foreign cyberadversaries had breached two state election databases. Those two states -- most likely Arizona and Illinois -- aren't alone.
Cisco Battles Shadow Broker Exploits
September 28, 2016
Cisco has swung into action to combat a hacker group's exploitation of vulnerabilities in its firmware. The group, known as the "Shadow Brokers," released online malware and other exploits possibly stolen from the Equation Group, which is believed to have ties to the U.S. National Security Agency. Cisco earlier this month disclosed the vulnerability, even though patches were not yet ready.
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
Election Season Spawns Scams With Political Twist
August 30, 2016
Dirty tricks during political campaigns are nothing new, but the Internet and the proliferation of mobile devices have allowed tricksters to up their games a notch. It came to light last week, for example, that Donald Trump's campaign app was hoovering the address books on his supporters' phones. Trump's app wasn't doing anything illegal. It wasn't even trying to hide what it was doing.
Apple Speeds iOS Patch to Bring Down Pegasus
August 26, 2016
Apple on Thursday issued a patch that addresses three recently discovered critical iOS zero-day vulnerabilities, and advised users to update their systems immediately. State-sponsored actors exploited the flaws to target United Arab Emirates human rights defender Ahmed Mansoor, and a Mexican journalist who reported on government corruption. Researchers have dubbed the flaws "Trident."
See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS
What best sums up your attitude toward Facebook?
It's a wonderful communications tool if used responsibly.
It has way too much power for any one company.
It does a lot of good beyond connecting people.
It has changed the world for the worse.
Can't live with it, can't live without it.
I don't have time for it.
I have no interest in it.