researchers Archives - Cyber Security Minute

Fileless Powershell malware uses DNS as covert communication channel

Issued by: CSO

Targeted attacks are moving away from traditional malware to stealthier techniques that involve abusing standard system tools and protocols, some of which are not always monitored. The latest example is an attack dubbed DNSMessenger, which was analyzed by researchers from Cisco Systems’ Talos team. The attack starts with a malicious Microsoft Word document distributed through…

Malware & Threats

Cybercriminals Use Cracked Builder to Spawn Betabot Variants

Issued by: Security Week

Betabot, an old piece of malware that ensnares affected computers into a botnet, is now being distributed by attackers who managed to crack its builder, Sophos security researchers reveal. The malware previously functioned as a banking information stealing Trojan, then became a password stealing malware, and recently began capitalizing on infected bots to distribute ransomware.

Vulnerabilities

Hard Drive LED Allows Data Theft From Air-Gapped PCs

Issued by: Security Week

Researchers at Ben-Gurion University of the Negev in Israel have disclosed yet another method that can be used to exfiltrate data from air-gapped computers, and this time it involves the activity LED of hard disk drives (HDDs). Many desktop and laptop computers have an HDD activity indicator, which blinks when data is being read from…

Malware & Threats

Google Paid Out $9 Million in Bug Bounties Since 2010

Issued by: Security Week

Google has awarded researchers more than $9 million since the launch of its bug bounty program in 2010, including over $3 million paid out last year. According to the company, more than 1,000 payments were made last year to roughly 350 researchers from 59 countries. The biggest single reward was $100,000 and over $130,000 were…

Network Security

Google researchers help developers test cryptographic implementations

Issued by: CSO

Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations. The company’s Project Wycheproof, which was released on GitHub, contains more than 80 test cases for widely used cryptographic algorithms, including RSA, AES-GCM, AES-EAX, Diffie-Hellman, Elliptic Curve Diffie-Hellman (ECDH), and the digital signature algorithm…

Vulnerabilities

Microsoft’s EMET Protects Apps Better Than Windows 10, Researcher Says

Issued by: Security Week

While packed with a load of new security features, Window 10 doesn’t offer some of the additional protections that Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) brings, CERT vulnerability analyst Will Dormann warns. Released in 2009, EMET was meant to provide mitigation against certain zero-day software vulnerabilities, filling a gap created by the release of major…

Vulnerabilities

Researchers Demo Method For Turning A PC Into An Eavesdropping Device

Issued by: Dark Reading

Researchers at Israel’s Ben-Gurion University of the Negev have devised a way to turn any computer into an eavesdropping device by surreptitiously getting connected headphones or earphones to function like microphones. In a paper titled “SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit,” the researchers this week described malware they have developed for reconfiguring…

Application Security, Malware & Threats

Malware asks for a selfie as it steals your information

Issued by: Linux Blog

Not content with stealing your financial details, personal information, and login credentials, there’s now an Android banking Trojan that also asks victims to take a selfie with their ID cards. McAfee Labs’ Mobile Research Team discovered the malicious application, which is a new variant of the Acecard Trojan Malware (aka Torec) that was first identified…

Network Security

Thousands of WordPress sites with malware highlight need for comprehensive security

Issued by: Trend Micro Blog

While everyone was worrying about the holiday influx of POS malware, a cyber criminal group quietly exploited a plug-in vulnerability with the mysterious SoakSoak malware and infected at least 100,000 sites utilizing WordPress’s content management system. Researchers with security firm Sucuri discovered the malware campaign in mid-December, noting that it leveraged a flaw within a…

Software Security

Researchers build undetectable rootkit for programmable logic controllers

Issued by: CIO Security

Researchers have devised a new malware attack against industrial programmable logic controllers (PLCs) that takes advantage of architectural shortcomings in microprocessors and bypasses current detection mechanisms. The attack changes the configuration of the input/output pins that make up the interface used by PLCs to communicate with other devices such as sensors, valves, and motors.