Cybercrime not slowing down anytime soon
In Q3 2016, cybercriminals were increasingly more ingenious, using innovative technologies and new tools to spread their wares. This is confirmed by the 18 million new malware samples captured by PandaLabs in this quarter alone, an average of 200,000 each day. Measuring cybercrime is very complex. Cybersecurity professionals who combat these threats on a daily…
GM Bot: Alive and Upgraded, Now on Android M
IBM X-Force Research detected a recently updated version of the GM Bot mobile banking malware designed to deploy on Android 6 operating systems and bypass new security applied to the platform. Android officially released this Marshmallow OS, code-named M, in October 2015. The GM Bot version we analyzed can work on all Android versions up…
Hackers changing tactics, techniques and procedures
Organizations need to conduct better penetration testing to combat continual changes in hackers’ tactics, techniques and procedures (TTPs), according to NTT Security. “Our Q3 2016 report confirms that hackers are relentless and constantly employing new means to penetrate networks to steal confidential data,” said Rob Kraus, Director, Security Research and Strategy, NTT Security. “Organizations’ first…
Week in review: DNS DDoS, Linux kernel zero-day, VeraCrypt audited
Here’s an overview of some of last week’s most interesting news, reviews and articles: Dirty COW Linux kernel zero-day exploited in the wild is now patched Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm.
IDG Contributor Network: Fasten your seatbelt in the IoT cybersecurity race
Using very old and simple techniques such as brute force attacks, cybercriminals are gaining control over a population of insecure internet of things (IoT) devices with arsenals of malware. Brian Krebs’ website was recently targeted in the largest ever distributed denial-of-service (DDoS) attack. The source code that powered the IoT botnet responsible for the attack…
Extensive DDoS attack against Dyn restarts, could indicate a new use of old criminal tech
Attacks against DNS service provider Dyn resumed today after a two and a half hour lull, and could indicate a new application of an old criminal technology, experts say. Dyn hasn’t shared details on the type of DDoS attacks used nor the size of those attacks that have affected access to sites including Amazon, Etsy,…
7 Imminent IoT Threats
Recent distributed denial-of-service (DDoS) attacks involving the use of thousands of compromised digital video recorders and IP cameras have highlighted the looming security threat posed by the Internet of Things (IoT). Analyst firm Juniper Research estimates that between now and the end of 2020, the number of “things” connected to the Internet will grow from…
Sarvdap Spambot Checks IP Blacklists
The Sarvdap spambot was recently observed checking the IP addresses of infected hosts against common blacklists, in an attempt to ensure that its spam email is successfully delivered, Palo Alto Networks security researchers reveal. While other spambots typically start sending spam emails as soon as a host has been infected, Sarvdap first checks to see…
MBRFilter: Cisco open sources tool to protect the Master Boot Record
Cisco’s Talos research team has open sourced MBRFilter, a tool that aims to prevent a system’s Master Boot Record (MBR) getting overwritten by malware. The latest malware families that use this tactic are HDDCryptor (aka Mamba) and Petya, two pieces of ransomware that not only encrypt victims’ files, but also effectively lock them out of…
Hacking 3D manufacturing systems demonstrated by researchers
Researchers from three universities combined their expertise to demonstrate the first complete sabotage attack on a 3D additive manufacturing (AM) system, illustrating how a cyber attack and malicious manipulation of blueprints can fatally damage production of a device or machine. In their paper titled “Dr0wned,” researchers from Ben-Gurion University of the Negev (BGU), the University…