ITCurated, Author at Cyber Security Minute

Fighting Advanced Ransomware Attacks Requires Game-Changing Technology

Issued by: Security Intelligence

Ransomware is one of the fastest-growing cyber-security threats facing organizations and individuals today. Attackers are holding everything from government records to health care equipment and even the keys to entire transit systems for ransom. According to new data from IBM, victims are paying up. More than half of the business executives that responded to the…

Malware & Threats

Goldeneye Ransomware – the Petya/Mischa combo rebranded

Issued by: Blog Malwarebytes

From March 2016 we’ve observed the evolution of an interesting low-level ransomware, Petya – you can read about it here. The second version (green) Petya comes combined with another ransomware, packed in the same dropper – Mischa. The latter one was deployed as an alternative payload: in case if the dropper was run without administrator…

Malware & Threats

BrandPost: New POS Malware Attacks Are Becoming More Aggressive

Issued by: CSO

Professionally written-malware is rarely unsubtle. Long, slow and stealthy attacks are generally the rule—but a rogue malware author has decided to break that rule by going fast and loud. What’s more, this approach is actually finding a great deal of success, which should have retailers worried in the lead up to the holiday season. How…

Vulnerabilities

Joomla vulnerability can be exploited to hijack sites, so patch now!

Issued by: Help Net Security

If you’re running a website on Joomla, you should update to the newly released 3.6.5 version as soon as possible – or risk your site being hijacked. The newest version of the popular CMS has been released on Tuesday (December 13), and it fixes three vulnerabilities, several bugs, and includes a number of new security…

Malware & Threats

Ransomware Report: Top Security Threat Expected to Continue Rising in 2017

Issued by: Security Intelligence

Digital extortion by means of ransomware or a systems breach was one of the most prominent threats to consumers and businesses in 2016. It seems IBM Security’s prediction materialized quite excessively this past year. Ransomware is a generic name for a family of computer bugs programmed to lock up endpoints, such as PCs, servers or…

Malware & Threats

Corporate Office 365 users hit with clever phishing attack

Issued by: Help Net Security

Corporate Office 365 users are being targeted by phishers using a clever new trick to bypass email filters and the default security protections of the Microsoft service. The attack comes in the form of fake emails, and the trick makes the user to see one URL in the link, anti-phishing filters another, and the actual…

Software Security

It’s Time For Organizations To Automate Security

Issued by: Dark Reading

Dishwashers are a great invention; they use automation to do a repetitive, high-value task that does not require much skill. It is time to bring your security team out of the 1970s and stop making them wash the cybersecurity dishes by hand. The addition of automation to washing dishes has several benefits, besides eliminating the…

Vulnerabilities

A closer look at a tech support screen locker

Issued by: Blog Malwarebytes

In this blog post, we are going to take a closer look at some of the code that the most predominant family of tech support screen lockers are currently using to frustrate their victims. This, which is dubbed VinCE because of the Program folder it creates for itself, is compiled in Microsoft Intermediate Language (MSIL),…

Vulnerabilities

Microsoft Patches Several Publicly Disclosed Flaws

Issued by: Security Week

Microsoft’s December 2016 Patch Tuesday updates include a total of 12 critical and important security bulletins that resolve vulnerabilities in Windows, Office, Internet Explorer and Edge. Several of the vulnerabilities patched this week have already been publicly disclosed. For instance, the critical bulletin MS16-144 fixes eight remote code execution, security bypass and information disclosure flaws….

Network Security

DDoS attacks via WordPress now come with encryption

Issued by: Help Net Security

Kaspersky Lab experts have noted an emerging trend – a growth in the number of attacks using encryption. Such attacks are highly effective due to the difficulty in identifying them amongst the overall flow of clean requests. Recently, the company encountered yet more evidence of this trend – an attack exploiting vulnerabilities in WordPress via…