Flaws in Hyundai App Allowed Hackers to Steal Cars
South Korean carmaker Hyundai has released updates for its Blue Link mobile applications to address vulnerabilities that could have been exploited by hackers to locate, unlock and start vehicles. The Blue Link application, available for both iOS and Android devices, allows users to remotely access and monitor their car. The list of features provided by…
Security skills need to be deep and wide to mitigate critical risks
Businesses recognize security as a growing imperative, but many remain on the defensive, fighting cyber threats with dated tactics and training, according to CompTIA. Companies need to adopt proactive measures to identify weak links before they are exploited; broaden the security skills of their technology professionals; and implement top to bottom security training throughout the…
Phishing attacks responsible for three-quarters of all malware
With phishing now widely used as a mechanism for distributing ransomware, a new NTT Security reveals that 77% of all detected ransomware globally was in four main sectors – business & professional services (28%), government (19%), health care (15%) and retail (15%). While technical attacks on the newest vulnerabilities tend to dominate the media, many…
The Necurs Botnet: A Pandora’s Box of Malicious Spam
This is the tale of a cybercrime botnet operation that, within about five years of its existence, has been named one of the largest botnets in the world. It’s called the Necurs botnet. It militarizes up to 6 million zombie endpoints, delivers some of the worst banking Trojans and ransomware threats in batches of millions…
Tens of thousands Windows systems implanted with NSA’s DoublePulsar
Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances are good that it has. What is DoublePulsar? DoublePulsar is a backdoor implant that enables the injection and running of DLLs – potentially malicious ones – on Windows computers. It was recently…
Locky ransomware makes a comeback, courtesy of Necurs botnet
The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims. The botnet, which flip-flops from sending penny stock pump-and-dump emails to booby-trapped files that lead to malware (usually Locky or Dridex), has been spotted slinging thousand upon thousand of emails in the last three or four days.
Safe online shopping and banking on your Mac
Macs are commonly believed to be safe from malware, but — setting aside the fact that they aren’t — what about other risks? When it comes to shopping online, phishing is the main problem. Phishing websites look just like real ones, but instead of selling goods or services, they steal your bank or credit card…
An untold cost of ransomware: It will change how you operate
Ransomware is unfortunately an IT reality. With the complexity and frequency of attacks, there is a good chance you or someone you know has been impacted. Many victims attacked are tempted to just pay the ransom and be done with it; a strategy that is more widely-used than you might think. Even the FBI has…
Organizations are not effectively dealing with open source security threats
Black Duck conducts hundreds of open source code audits annually, primarily related to Merger & Acquisition transactions. Its Center for Open Source Research & Innovation (COSRI) analyzed 1,071 applications audited during 2016 and found both high levels of open source usage – 96% of the apps contained open source – and significant risk to open…
Security and the human factor: Creating a positive user experience
Despite the myriad of security solutions deployed, breaches are still happening. Even with the most robust security solutions it seems that we’re failing with the fundamentals, with ever more sophisticated hacks infiltrating and bringing down networks or resulting in compromised data. For all the security solutions we can create, it’s people who are the first…