DDoS Malware Targets AVTech CGI Vulnerability
A newly discovered Linux malware family is targeting products from surveillance technology company AVTech via a CGI vulnerability that was disclosed in October 2016, Trend Micro researchers warn. Detected as ELF_IMEIJ.A, the malware is the latest in a long list of Trojans targeting Linux ARM devices (such as Mirai, Umbreon rootkit, LuaBot, BashLite, and more)….
Samas Ransomware Uses Active Directory to Infect Entire Networks
The actors behind Samas, a ransomware family that emerged about a year ago, are using Active Directory to perform reconnaissance and then infect entire networks, Javelin Networks says. First detailed in March last year, Samas was observed employing publicly-available penetration testing tools for delivery, and its operators were said to have made $450,000 in ransom…
Fighting attackers in the era of data jacking
What we saw in the last few months is a rise in reports on database systems, new database technologies that are essentially being compromised; and where attackers will hack into a database, encrypt the data or sometimes delete or do something to the data, and essentially leave a message where they ask you for not…
Shamoon-Linked “StoneDrill” Malware Allows Spying, Destruction
Researchers at Kaspersky Lab have come across a new and sophisticated piece of malware that can be used for both cyber espionage and wiping an infected computer’s storage. Dubbed “StoneDrill,” the malware has been linked to the notorious Shamoon 2 and Charming Kitten, aka Newscaster and NewsBeef, a threat actor believed to be located in…
Attackers Employ Sneaky New Method to Control Trojans
A new malware sample shows threat actors have begun using DNS TXT record and queries for C2 communications, Cisco Talos says, Security researchers at Cisco’s Talos intelligence and research group have discovered what they describe as an extremely evasive and uncommon way for threat actors to command and to communicate with a Remote Access Trojan…
Ransomware spiked 752% in new families
2016 was truly the year of online extortion. Cyber threats reached an all-time high, with ransomware and Business Email Compromise (BEC) scams gaining increased popularity among cybercriminals looking to extort enterprises. A 752 percent increase in new ransomware families ultimately resulted in $1 billion in losses for enterprises worldwide, according to Trend Micro.
Trend Micro report: Ransomware booming
The profitability of ransomware made it the top cyber threat last year in two categories: the number of attacks and the amount of money generated for crooks, according to a Trend Micro lookback on data collected from customers. Not only is the ransomware business booming, it’s innovating, with Trend Micro researchers identifying 752 new families…
Cybercriminals Use Cracked Builder to Spawn Betabot Variants
Betabot, an old piece of malware that ensnares affected computers into a botnet, is now being distributed by attackers who managed to crack its builder, Sophos security researchers reveal. The malware previously functioned as a banking information stealing Trojan, then became a password stealing malware, and recently began capitalizing on infected bots to distribute ransomware.
Mac Malware Reaches New Highs
Two new malware threats in a week this past month, plus others in January, brings the 2017 Mac malware count up to 6 – and growing. On Valentine’s Day, Mac users got a special “treat” in the form of new malware. That same week, there were signs of yet another piece of malware looming. These threats…
New Unlock26 Ransomware and RaaS Portal Discovered
A recently discovered Ransomware-as-a-Service (RaaS) portal was found to be responsible for the distribution of a brand new ransomware family dubbed Unlock26. Dubbed Dot-Ransomware, the RaaS portal went live on February 19, and security researchers suggest that the Unlock26 ransomware was released the same day. Further, they reveal that the ransomware operation features a very…