Cybercrime tactics & techniques Q2 2018
A generally slow quarter reflects an overall lull in cybercrime, picking up where Q1 left off with cryptominers continuing to dominate, ransomware continuing to evolve through experimentation, and exploits making a small but significant comeback. In nearly every malware category for both business and consumer detections, we saw a decrease in volume, corroborating our general…
Catastrophic Cloud Attack Costs Would Rival that of Hurricane Damages
Lloyd’s of London estimates multi-billion-dollar loss figures in worst-case scenarios of a major zero-day exploit or massive cloud outage. WannaCry spread like wildfire in a matter of days reaching 150 countries and creating an anticipated $4 billion in losses, but if attackers were to launch a global, system-wide attack that hit a multitude of cloud-based companies,…
Free Scanner Finds 50,000 EternalBlue-Vulnerable Systems
More than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit were found by a free vulnerability scanner in recent weeks. Dubbed Eternal Blues, the tool was designed to provide network administrators with visibility into the EternalBlue-vulnerable machines in their networks, but without actually exploiting the flaw. In the wake of WannaCry, NotPetya, and other global infectionsleveraging the NSA-linked exploit, knowing whether…
How vulnerability research benefits both vendors and customers
Zero-day vulnerabilities – newly discovered exploits that haven’t been previously identified – are now emerging more often. Worse still is the fact that these dangerous flaws sometimes aren’t pinpointed until hackers have already exploited them. According to a prediction from Cybersecurity Ventures founder and Editor-in-Chief Steven Morgan, the frequency of zero-day exploits – which were a…
NSA Tools Behind WannaCry Being Used In Even Bigger Attack Campaign
Attackers have been using NSAs EternalBlue and Double Pulsar to distribute AdylKuzz cryptocurrency malware to hundreds of thousands of systems, Proofpoint says. The WannaCry ransomware outbreak this week garnered widespread attention for its sheer global scope and audacity but another likely even bigger attack leveraging the same stolen NSA exploits has been going on unnoticed…