Cyberthreats News, Articles and Updates

Curtain closes on Ransomware Encryptor RaaS, but with master key

Curtain closes on Ransomware Encryptor RaaS, but with master key

By

Those victims targeted over the past year by the ransomware as a service named Encryptor RaaS may be at a loss to ever recover their encrypted files.

Russians suspected of cybercampaign against journalism site

Russians suspected of cybercampaign against journalism site

By

A UK-based investigative journalism site has come under cyberattack, purportedly from Russia, for its articles critical of Russia's involvement in the shooting down of Malaysian Airlines Flight 17 and corruption.

End-of-support devices on networks weakening cyberdefenses, report

End-of-support devices on networks weakening cyberdefenses, report

By

Nearly three-quarters of businesses have end-of-support devices operating in their networks, and the consequences could prove dire, a new study found.

185M incidents bypassed perimeter defenses - report

185M incidents bypassed perimeter defenses - report

By

Two recent reports warn of the dangers of over-reliance on perimeter security as an enterprise defense method.

Cross border computer probes gets nod in Switzerland

Cross border computer probes gets nod in Switzerland

By

The Swiss intelligence service received permission to begin tapping phones and monitoring emails following a vote in the nation's parliament and approval by a public referendum.

RTCA airline recs aim to strengthen aviation cybersecurity

RTCA airline recs aim to strengthen aviation cybersecurity

By

A technical committee that provides guidance to the Federal Aviation Administration has reportedly developed drafting recommendations for strengthening the aviation industry's cybersecurity posture.

Hotel operation run by Donald Trump settles breach suit with $500K fine

Hotel operation run by Donald Trump settles breach suit with $500K fine

By

In a settlement, the hotel chain operated by Republican presidential candidate Donald Trump will fork over $500K in fines and improve the security of its computer network.

Cybercriminals already able to hack ATM biometric readers

Cybercriminals already able to hack ATM biometric readers

By

Even though biometric readers have not been rolled out on ATM's, cybercriminals have already developed tools to steal a person's fingerprint and other biological data.

House plans vote on bill to improve small business cyber preparedness

House plans vote on bill to improve small business cyber preparedness

By

The U.S. House of Representatives plans a vote on legislation that would task the SBA with assisting small businesses in improving preparedness against cyber threats.

Locky developers upgrade ransomware's ability to perform offline encryption

Locky developers upgrade ransomware's ability to perform offline encryption

By

A new analysis of Locky ransomware configurations by IT security firm Avira has revealed improved offline capabilities that enhance its ability to automatically encrypt victims' files, without interaction with a command-and-control server.

Crysis ransomware now attacking businesses in Australia and New Zealand

Crysis ransomware now attacking businesses in Australia and New Zealand

By

Australian and New Zealand businesses are being hit with a ransomware campaign.

Research reveals the opportunities EU employees are presenting to cyber-attackers on social media

Research reveals the opportunities EU employees are presenting to cyber-attackers on social media

Research from Blue Coat Systems shows how despite the increased use of social media, workers are still failing to fully protect themselves from complex social engineering techniques

Security advisories issued for VMware

Security advisories issued for VMware

By

"Multiple security issues" were patched for a number of VMware products.

Sites associated with both presidential contenders spring leaks

Sites associated with both presidential contenders spring leaks

By

Data theft knows no boundaries. Personal information has been siphoned out from databases connected to both presidential campaigns.

1 in 50 employees a malicious insider?

A survey recently conducted by Imperva showed that 36 percent of surveyed companies have experienced security incidents involving malicious employees in the past 12 months.

Cybersecurity enhancements proposed for financial firms in New York

Cybersecurity enhancements proposed for financial firms in New York

By

To better protect consumer data, banks and insurance companies in New York will soon be required to adhere to new cybersecurity guidelines.

Spike in malvertising attacks targeting adult websites

Spike in malvertising attacks targeting adult websites

By

A new Neutrino exploit kit invades a hack of a third-party ad server to deliver ransomware to adult website visitors.

New RAA ransomware variant performs own encryption, attacks businesses

New RAA ransomware variant performs own encryption, attacks businesses

By

The ransomware RAA, which incorporates the information-stealing trojan Pony, has evolved to more effectively target companies, encrypting victims' files and stealing their data, most likely to infect their business contacts via spear phishing.

Pentagon faulted for lack of cyber preparedness, GAO report

Pentagon faulted for lack of cyber preparedness, GAO report

By

The Department of Defense does not have the necessary visibility into the cyber capabilities of the National Guard, according to a report by the GAO.

Guccifer 2.0 again denies Russian connection, mocks reports linking hacker to APT groups

Guccifer 2.0 again denies Russian connection, mocks reports linking hacker to APT groups

By

An individual who self-identified as Guccifer 2.0 continues to deny reports by security firms that link the purported hacker or hacking group to Russian advanced persistent threat (APT) groups.

NIAS 2016 - responding to the Warsaw declaration

NIAS 2016 - responding to the Warsaw declaration

An extra €70 million is to be spent in the five years from 2017 on a major refresh of cyber-capabilities.

Army tests cyber intelligence gathering drone

Army tests cyber intelligence gathering drone

By

The U.S. Army recently tested a drone capable of collecting enemy cyber information on the battlefield.

WordPress update fixes XSS issues

WordPress update fixes XSS issues

By

Bloggers using the WordPress platform are "strongly encouraged" to update their sites immediately to address persistent XSS issues.

What's behind backdoor #3? Mac version of Mokes malware follows Linux, Windows variants

What's behind backdoor #3? Mac version of Mokes malware follows Linux, Windows variants

By

Kaspersky Lab today released an analysis of a newly discovered version of Mokes - a malicious, cross-platform backdoor with spying functionality - this one targeting Apple's OS X operating system.

Luabot malware used to launch DDoS attacks

Luabot malware used to launch DDoS attacks

By

A Trojan that infects Linux platforms to launch distributed denial of service (DDoS) attacks was discovered by MalwareMustDie.

Gugi mobile banking malware reportedly tweaked to defeat Android 6 security permissions

Gugi mobile banking malware reportedly tweaked to defeat Android 6 security permissions

By

The developers of the mobile banking trojan Gugi have introduced new modifications to sidestep two key security features of Android, reports Kaspersky Lab researcher Roman Unuchek via the Securelist blog.

Bilal Bot malware author carries marketing efforts to mainstream press

Bilal Bot malware author carries marketing efforts to mainstream press

By

An IBM researcher received a followup email from a person allegedly behind the creation of an Android malware app seeking redress to clarify some details.

ShadowGate malvertising campaign casts giant shadow across multiple continents

ShadowGate malvertising campaign casts giant shadow across multiple continents

By

A globalized malvertising campaign was targeting users in the U.S., Europe, Asia Pacific and the Middle East, infecting victims with ransomware before researchers at Cisco's Talos division helped shut down the operation .

Your own (not so) private Idaho

Your own (not so) private Idaho

By

A hacker, dubbing himself Mr. High, announced he had stolen the personal details of 6.5 million people across Idaho, Washington, Oregon and Kentucky.

IoT home routers used to launch application-level DDoS attack

IoT home routers used to launch application-level DDoS attack

By

Eight brands of IoT home routers were compromised and used to create botnets that launched an application-level DDoS attack against a website's multiple servers.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US