If anyone reading this works in InfoSec, as I do then you will know that a company’s internal network, once compromised, is now more likely to be ransacked by automated scripts using tools already on the network and white-listed than a piece of malware. This according to researchers with IBM’s X-Force, […]
malware
15 posts
E-commerce websites continue to be targeted by online criminals looking to steal personal and payment information directly from unaware shoppers. Recently, attacks have been conducted via skimmer, which is a piece of code that is either directly injected into a hacked site or referenced externally. Its purpose is to watch for […]
A recent malware sample forwarded to our Threat Intelligence service had some very interesting properties which we think would be useful to share. The sample itself is a Word document which is emailed as part of a phishing attack. If the user interacts with the document, it would download a payload to run on […]
Hackers are impersonating recruitment agencies on LinkedIn in a bid to target companies with backdoor malware. Researchers at Proofpoint found that the malware campaigns primarily targeted US companies in various industries including retail, entertainment, pharmacy, and others that commonly employ online payments, such as online shopping portals. In a blog […]
Security researchers have discovered a new Malspam campaign exploiting the recently discovered WinRAR ACE flaw to install malware on the computer. Last week security researchers at Checkpoint disclosed a 19-year-old vulnerability in WinRARwhich can be exploited by attackers to execute malicious code on the targeted system. The flaw was a […]
Between the last week of January to February, we noticed an increase in hack tool installation attempts that dropped seemingly random files into the Windows directory. Initially appearing unrelated, analysis showed the final payload to be a Monero cryptocurrency-mining malware variant as it scans for open port 445 and exploit a Windows SMB […]
The UK Government’s Department of Digital, Culture, Media and Sport (DCMS) has announced that firms could face fines of up to £17m or 4% of global turnover if they fail to protect themselves from cyberattacks. The introduction of such financial penalties will be carried out by the data protection regulator, […]
Malware analysis is like defusing bombs. The objective is to disassemble and understand a program that was built to do harm or spy on computer users (oops, this is where the bomb analogy fails, but one gets the point). That program is often obfuscated (ie: packed) to make the analysis […]
A large Los Angeles hospital chose to pay hackers who were holding its computer network hostage, a move its CEO said was in its best interest and the most efficient way to end the problem. Hollywood Presbyterian Medical Center showed uncommon transparency in saying Wednesday that it paid the 40 bitcoins […]
GOOGLE’S SECURITY street gang Project Zero has been kicking sand in the face of Malwarebytes and picking the firm’s protection precautions apart. Malwarebytes usually wears the boot in this kind of thing, but Project Zero has taken a punt in the security firm’s direction and accused it of all sorts […]
There are over 10,000 machines that are currently infected by malware in Nasa, showing that the US space agency definitely does not have the best possible cybersecurity practices and needs to completely overhaul how it secures its internal network, a leading security firm has warned. On Monday 1 February, IBTimes […]
So I have had my kippo honeypot running for a while and got some pretty good statistics from it. But after a while I got bored and turned it all off. I decided to fire it back up again and got some interesting hits from 125.88.177.248. It seems to be trying […]
SYMANTEC is reporting about Linux.Wifatch They are suggesting that it might be a good guy type of internet threat that wants to solve problems with the Internet of Things. I know that this sounds a little strange, and not your usual computer infection, It’s like a cyber Batman helping people out. […]
uTorrent is a firm favorite when it comes to BitTorrent clients, making its money through in-app ads and bundled software offered during installation. But it seems that this software may be causing some problems for uTorrent, which is now being flagged as ‘harmful’ by association. As TorrentFreak reports, uTorrent is […]
Worried that you might have been targeted with Hacking Team spyware, but don’t know how to find out for sure? IT security firm Rook Security has released Milano, a free automated tool meant to detect the Hacking Team malware on a computer system. It does so by looking for files […]