Bradley Barth SC Media | Page 85 of 89
Bradley Barth

Bradley Barth

Senior Reporter

Most recent articles by Bradley Barth

Turkey main

Attackers use evolved code injection technique to target Turkey with Adwind RAT

A new spam campaign that debuted last August is attempting to infect Turkish targets with the Adwind 3.0 remote access tool, using a previously undiscovered variant of a code injection attack that exploits Microsoft’s Dynamic Data Exchange (DDE) data transfer protocol. A key improvement to this variant is that it features new techniques to avoid anti-malware software…

DDoS attack on education vendor hinders access to districts’ online portals

Multiple school districts are reportedly suffering the effects of a denial of service attack perpetrated against Blaine, Minn.-based Infinite Campus, a third-party online services provider. As a result, district residents may be unable to reliably use services such as the “Parent Portal, through which teachers, parents and students can access information such as grades, class…

Twitter fixes API bug that shared data with wrong developers

Twitter on Friday disclosed that it fixed a bug in its Account Activity API (AAAPI) for app developers that may have mistakenly sent certain user data and content to the wrong developers who were not authorized to see this information. The AAAPI, which enables developers build tools that help customers communicate via Twitter, contained the…

Report: Microsoft misses disclosure deadline to patch RCE bug in JET

Trend Micro’s Zero Day Initiative (ZDI) team disclosed a still-unpatched remote code execution vulnerability in Microsoft’s JET Database Engine yesterday, claiming the software giant failed to fix the flaw within its 120-day disclosure window. Discovered by Trend Micro researcher Lucas Leong, the zero-day bug is an out-of-bounds write issue pertaining to the management of indexes within…

White House unveils initiatives to combat botnets

White House touts release of National Cyber Strategy

Eager to demonstrate a commitment to cybersecurity amidst criticisms over vulnerable election infrastructure, the White House yesterday unveiled its National Cyber Strategy. The plan is divided four “pillars” of strategy: protecting the homeland by fighting cybercrime and fortifying defenses, promoting American prosperity by adding cyber jobs and defending intellectual property, preserving peace through strength by…

Report: Hackers used data mining tool, network sniffer to steal Click2Gov information

The malicious actor behind a year-old campaign targeting the web payment portal Click2Gov appears to have been using a malicious webshell, data mining utility program and network sniffer to steal information from users, according to a new report from FireEye researchers. The researchers note that while the perpetrator’s tools and techniques are “generally consistent with other financially…

Mirai creators sentenced to probation after assisting FBI with cyber investigations

Three young men who developed and deployed the original Mirai IoT botnet malware were sentenced on Tuesday in an Alaskan federal court to five years probation – a lenient punishment earned through extensive cooperation with FBI on other cyber investigations. Paras Jha, 22, of Fanwood, N.J.; Josiah White, 21, of Washington, Penn.; and Dalton Norman,…

Report: Cryptomining malware detections up more than 459 percent since 2017

Detections of cryptomining malware has increased by 459 percent since last year, according to a new report released today by the Cyber Threat Alliance (CTA), citing statistics collected from several of its member companies. Titled “The Illicit Cryptocurrency Cyber Threat,” the report warns that this dramatic year-over-year rise is no fluke, noting that illegal mining activity will likely…

Senate building

Bill to codify DHS cyber program introduced into Senate after passing House

Two weeks after it passed the U.S. House of Representatives, a bill that would codify and modernize the Department of Homeland Security (DHS) Continuous Diagnostics Mitigation (CDM) cybersecurity program was introduced into the Senate. Known as the Advancing Cybersecurity Diagnostics and Mitigation Act, the legislation was originally proposed last July by Rep. John Ratcliffe, R-Tex., and ushered into…

Quirky Fbot IoT botnet kills rival, communicates via blockchain-based DNS

There’s an odd new addition to the extended family of Mirai-inspired IoT botnets, and so far its only obvious victim is a competing botnet whose malware is targeted for removal from any infected devices. Dubbed Fbot, the malware is also unusual because rather than using standard DNS to communicate with the command-and-control server, it instead…

Next post in Cybercrime