Research News, Articles and Updates

Video: ISF's Durbin advises orgs to protect mission critical info assets

Video: ISF's Durbin advises orgs to protect mission critical info assets

By

Information Security Forum Managing Director Steve Durbin sat down with SCMagazine.com Executive Editor Teri Robinson to discuss how organizations can better protect their mission critical information assets.

New RAA ransomware variant performs own encryption, attacks businesses

New RAA ransomware variant performs own encryption, attacks businesses

By

The ransomware RAA, which incorporates the information-stealing trojan Pony, has evolved to more effectively target companies, encrypting victims' files and stealing their data, most likely to infect their business contacts via spear phishing.

Paper: Only 200K mobile bots needed to impair U.S. 911 system with DDoS attack

Paper: Only 200K mobile bots needed to impair U.S. 911 system with DDoS attack

By

A few as 200,000 mobile bots would be enough to launch a successful DDoS attack against the U.S.' 911 infrastructure, significantly disrupting service nationwide, a new research paper from Ben-Gurion University reports.

What's behind backdoor #3? Mac version of Mokes malware follows Linux, Windows variants

What's behind backdoor #3? Mac version of Mokes malware follows Linux, Windows variants

By

Kaspersky Lab today released an analysis of a newly discovered version of Mokes - a malicious, cross-platform backdoor with spying functionality - this one targeting Apple's OS X operating system.

Luabot malware used to launch DDoS attacks

Luabot malware used to launch DDoS attacks

By

A Trojan that infects Linux platforms to launch distributed denial of service (DDoS) attacks was discovered by MalwareMustDie.

Gugi mobile banking malware reportedly tweaked to defeat Android 6 security permissions

Gugi mobile banking malware reportedly tweaked to defeat Android 6 security permissions

By

The developers of the mobile banking trojan Gugi have introduced new modifications to sidestep two key security features of Android, reports Kaspersky Lab researcher Roman Unuchek via the Securelist blog.

ShadowGate malvertising campaign casts giant shadow across multiple continents

ShadowGate malvertising campaign casts giant shadow across multiple continents

By

A globalized malvertising campaign was targeting users in the U.S., Europe, Asia Pacific and the Middle East, infecting victims with ransomware before researchers at Cisco's Talos division helped shut down the operation .

Survey: Hackers believe strongly in privacy... unless they're paid to crack passwords

Survey: Hackers believe strongly in privacy... unless they're paid to crack passwords

By

Four out of five surveyed hackers agreed that Apple was right to refuse the FBI's request for a backdoor into the San Bernardino shooter's iPhone. Yet 52 percent said they would help the FBI crack an iPhone's password for a fee.

IoT home routers used to launch application-level DDoS attack

IoT home routers used to launch application-level DDoS attack

By

Eight brands of IoT home routers were compromised and used to create botnets that launched an application-level DDoS attack against a website's multiple servers.

Misfortune cookie: Mr. Chow restaurants website hacked to distribute ransomware

Misfortune cookie: Mr. Chow restaurants website hacked to distribute ransomware

By

The website for the upscale Mr. Chow restaurants has been compromised to deliver CrypMIC ransomware to visitors via the Neutrino Exploit Kit.

AgentTesla campaign engages in cybersquatting to host and deliver spyware

AgentTesla campaign engages in cybersquatting to host and deliver spyware

By

Researchers recently discovered a new spyware campaign that used cybersquatting techniques to distribute the AgentTesla keylogger via a domain whose name was strikingly similar to the consulting firm Diode Technologies.

Creating a buzz: USBee software causes air-gapped computers to leak data via USB connections

Creating a buzz: USBee software causes air-gapped computers to leak data via USB connections

By

Researchers at Israel's Ben-Gurion University have created a software program that causes air-gapped computers to leak data via radio-frequency electromagnetic emissions generated through USB-connected devices.

Flaw in Facebook password resets could allow random account takeovers; severity of bug disputed

Flaw in Facebook password resets could allow random account takeovers; severity of bug disputed

By

An independent researcher found a way to theoretically take over random Facebook accounts by forcing millions of user password resets and then brute-forcing each reset request to check for a specific six-digit authorization code.

MedSec goes its own way with medical device flaw

MedSec goes its own way with medical device flaw

By

Eschewing the bug bounty route, a cybersecurity firm which detected a flaw in a medical device from St. Jude Medical, partnered with an investment firm to capitalize on its knowledge and short sell stock in the device manufacturer.

Ransomware locks experts in debate over ethics of paying

Ransomware locks experts in debate over ethics of paying

By

The explosive growth in ransomware has once again heated up the debate as to whether infected organizations have an ethical responsibility to refuse payment. But are some companies exacerbating the problem by paying up even when they have viable data backups?

Spyware that Vietnam Airlines posed as McAfee antivirus

Spyware that Vietnam Airlines posed as McAfee antivirus

By

A Malwarebytes analysis of the espionage toolkit that recently infected Vietnam Airlines revealed a modular variant of the Korplug remote access trojan (RAT) that in this case disguises itself as a McAfee antivirus program.

Attacks increase as a result of DDoS-for-hire services

Attacks increase as a result of DDoS-for-hire services

By

DDoS attacks have increased in frequency, scale and complexity over the past year, driven by DDoS-for-hire services.

Researchers find seven classes of vulnerabilities in iOS sandbox security feature

Researchers find seven classes of vulnerabilities in iOS sandbox security feature

By

Researchers across three universities have discovered seven classes of vulnerabilities in the sandboxing feature of Apple's iOS operating system.

M&A deals bring added cybersecurity risks

M&A deals bring added cybersecurity risks

By

Security professionals are increasingly concerned by cybersecurity risks that arise as a result of mergers and acquisitions transactions, particularly the use of cyberespionage to gain information on the competition.

Twitoor first Android malware known to leverage Twitter for command and control

Twitoor first Android malware known to leverage Twitter for command and control

By

Researchers have found the first known Android mobile malware to use a Twitter account, rather than a traditional command-and-control server, to control infected devices.

GozNym malware is proficient in German, new malicious campaign proves

GozNym malware is proficient in German, new malicious campaign proves

By

Thirteen German financial institutions and their subsidiaries have recently felt the wrath of GozNym as the downloader and banking malware hybrid intensifies its campaign against European banking customers.

Trust exercise: Symantec's new website security expert is reaching out to hacker community

Trust exercise: Symantec's new website security expert is reaching out to hacker community

By

Tarah Wheeler, whom Symantec recently hired as principal security advocate and senior director of engineering for its Website Security team, is reportedly pledging to foster ties with the independent hacker community.

Threat to SMBs from ransomware on the rise, report

Threat to SMBs from ransomware on the rise, report

By

Ransomware is not going away, according to a new study from Arctic Wolf Networks.

Women receive significantly less compensation than men in IT sector, Census Bureau

Women receive significantly less compensation than men in IT sector, Census Bureau

By

Women continue to receive significantly less compensation than men in the IT security sector, according to a new report from the U.S. Census Bureau.

Marcher steps up game: Malware poses as security update, imitates popular apps

Marcher steps up game: Malware poses as security update, imitates popular apps

By

Looking to capitalize on mobile device owners' growing security fears, a new variant of the Android malware Marcher is infecting victims by fraudulently posing as a firmware security update.

Proxy authentication flaw affects Apple, Microsoft, Oracle, Opera

Proxy authentication flaw affects Apple, Microsoft, Oracle, Opera

By

Vulnerabilities affecting the implementation of proxy authentication could lead to an attacker launching man-in-the-middle attacks and intercepting HTTPS traffic possibly affecting including Apple, Microsoft, Opera, and Oracle products.

Half of enterprises ill-prepared for inside attack, study

Half of enterprises ill-prepared for inside attack, study

By

Nearly half of enterprises queried for a Mimecast survey were found to be ill-equipped to deal with threats from insiders.

PilotFish source codes selling on dark web, report

PilotFish source codes selling on dark web, report

By

In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.

WikiLeaks postings of Turkish emails included active links to malware

WikiLeaks postings of Turkish emails included active links to malware

By

WikiLeaks' practice of delivering unfiltered information to its readers backfired after a researcher discovered that its collection of leaked Turkish government emails contained over 300 active links to malware files hosted on the controversial site.

China launches first quantum satellite, aimed at creating "hack-proof" quantum communications

China launches first quantum satellite, aimed at creating "hack-proof" quantum communications

By

China launched an orbital carrier rocket early Tuesday morning carrying the 'Micius' satellite, believed to be the world's first quantum satellite.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US