The Necurs Botnet: A Pandora’s Box of Malicious Spam
This is the tale of a cybercrime botnet operation that, within about five years of its existence, has been named one of the largest botnets in the world. It’s called the Necurs botnet. It militarizes up to 6 million zombie endpoints, delivers some of the worst banking Trojans and ransomware threats in batches of millions…
Tens of thousands Windows systems implanted with NSA’s DoublePulsar
Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances are good that it has. What is DoublePulsar? DoublePulsar is a backdoor implant that enables the injection and running of DLLs – potentially malicious ones – on Windows computers. It was recently…
Locky ransomware makes a comeback, courtesy of Necurs botnet
The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims. The botnet, which flip-flops from sending penny stock pump-and-dump emails to booby-trapped files that lead to malware (usually Locky or Dridex), has been spotted slinging thousand upon thousand of emails in the last three or four days.
Safe online shopping and banking on your Mac
Macs are commonly believed to be safe from malware, but — setting aside the fact that they aren’t — what about other risks? When it comes to shopping online, phishing is the main problem. Phishing websites look just like real ones, but instead of selling goods or services, they steal your bank or credit card…
An untold cost of ransomware: It will change how you operate
Ransomware is unfortunately an IT reality. With the complexity and frequency of attacks, there is a good chance you or someone you know has been impacted. Many victims attacked are tempted to just pay the ransom and be done with it; a strategy that is more widely-used than you might think. Even the FBI has…
Organizations are not effectively dealing with open source security threats
Black Duck conducts hundreds of open source code audits annually, primarily related to Merger & Acquisition transactions. Its Center for Open Source Research & Innovation (COSRI) analyzed 1,071 applications audited during 2016 and found both high levels of open source usage – 96% of the apps contained open source – and significant risk to open…
Security and the human factor: Creating a positive user experience
Despite the myriad of security solutions deployed, breaches are still happening. Even with the most robust security solutions it seems that we’re failing with the fundamentals, with ever more sophisticated hacks infiltrating and bringing down networks or resulting in compromised data. For all the security solutions we can create, it’s people who are the first…
Mastercard introduces cards that work with fingerprints instead of PINs
Mastercard has added fingerprint sensors to its payment cards, in an attempt to make face-to-face payments more convenient and more secure.How does it work? “A cardholder enrolls their card by simply registering with their financial institution. Upon registration, their fingerprint is converted into an encrypted digital template that is stored on the card. The card…
Cyber risk issues resonating in boardrooms
The Cyentia Institute used in-depth surveys and interviews with corporate board members and CISOs to identify specific cyber risk issues resonating in boardrooms. CISOs report they spend most of their boardroom time “giving security guidance” on business enablement and loss avoidance. Surprisingly, CISO respondents reported they spend far less time discussing “data protection” and “brand…
Trump’s cybersecurity mystery: 90 days in, where’s the plan?
On Jan. 6, weeks before he was due to become president, Donald Trump sat down with U.S. intelligence officials for a two-hour briefing at Trump Tower on cyberattacks conducted during the U.S. election. The meeting resulted in a pledge: a plan to counter cyberattacks against the U.S. within 90 days of taking office. On Wednesday,…