Tens of thousands Windows systems implanted with NSA’s DoublePulsar

Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances are good that it has. What is DoublePulsar? DoublePulsar is a backdoor implant that enables the injection and running of DLLs – potentially malicious ones – on Windows computers. It was recently…

Brazilian Malware Never Sleeps: Meet EmbusteBot

IBM Research — Haifa Labs continually invests in the research and development of advanced malware analysis solutions that enhance IBM’s ability to quickly detect and neutralize malware as new and challenging threats arise. Our ongoing observations of the Brazilian cybercriminal landscape have revealed a perpetual rise in new malicious campaigns in this region of the…

The top 5 dumbest cyber threats that work anyway

The common conception of cyber attacks is kind of like bad weather: ranging from irritating to catastrophic, but always unpredictable. Hackers are simply too sophisticated to draw any reliable judgments on and we shouldn’t try. As it turns out, some hackers are fairly predictable in their successful use of really dumb attacks. Here’s a few.

Trump Extends Obama’s EO for Sanctioning Hackers

President Donald J. Trump has quietly extended for one year the “national emergency” executive order issued by his predecessor Barack Obama that ultimately led to the sanctions and retaliatory measures taken by the Obama administration against Russian officials for that nation’s role in hacking activities targeting the US election. In a Federal Register Notice published…

Most Android devices lack latest security patches

Nearly three-quarters of Android devices on the five biggest U.S. carriers are running on security patches that are at least two months old, putting them at greater risk of being hacked. That finding was made in an analysis released Thursday by Skycure, a mobile threat defense vendor. The report also found that the city of Boston…

A new approach is needed in the battle against cyber attacks

How do you search for something that’s invisible? An increase in the sophistication of cyber attacks means that it takes an average of 146 days before a corporate hack is discovered. Modern breaches are a mix of chameleonic deception and clever automation, enabling malicious code to be concealed deep inside the corporate network. In the…

Apple: Mac, iPhone Bugs That CIA Allegedly Exploited Were Fixed Years Ago

The Apple desktop and mobile product vulnerabilities that were revealed this week, in a WikiLeaks data dump of documents allegedly describing several secret CIA projects, were all fixed years ago, Apple said Friday. The leaked information on the Apple vulnerabilities is from a larger collection of documents that WikiLeaks has dubbed “Vault 7,” containing hitherto…