Research News, Articles and Updates

Survey: Infosec professionals work long shifts, yet feel rewarded

In a recent survey of 360 infosec professionals, 57 percent of respondents said that they work on weekends, while 29 percent said they work at least ten hours a day.

Majority of surveyed execs have inherited cybersecurity problems after acquiring a software company

In a recent M&A survey focused on the software industry, 52 out of 100 senior global executives confirmed that their companies inherited cybersecurity problems from a software business that they either merged with or acquired.

Dark web services getting attacked too, as Tor sites become less hidden

Despite their anonymity, sites and services hidden on the dark web are not immune to cyberattacks, as recently demonstrated by a group of researchers who coaxed cybercriminals into attacking fake Tor sites in order to study their behavior.

Survey: U.S. execs bearish on 2018 cybersecurity spending, despite increase in threats

Only 49 percent of surveyed U.S. executives expect to spend more on cybersecurity in a year's time, despite a 56-percent majority expecting the number of data breach attempts to rise in 2018, according to a new research study.

Paid in the USA: Americans more likely to pony up when infected with ransomware

The U.S. suffered 34 percent of global ransomware infections last year - and it's no wonder why, with 64 percent of Americans willing to pay to retrieve their encrypted files, compared to 34 percent of victims worldwide, according to Symantec.

Side-channel attack technique steals PINs by analyzing smart device sensor readings

Researchers in the UK have uncovered a technique for malicious websites to spy on smart device owners and even decipher their screen touches and PIN number entries by secretly monitoring their devices' sensor data.

Survey: Americans overwhelmingly disapprove of ISPs sharing data without consent

In a recent poll of more than 1,200 Americans, 92 percent agreed that Internet providers should not be allowed to monitor their activity online and sell that data to third parties without consent -- a strong indictment of Senate Joint Resolution 34, which lifted FCC restrictions that would have prevented ISPs from engaging in this practice.

Are West Africa's 'Yahoo boys' and BEC scammers creating the next cybercrime hotbed?

West Africa may be on the verge of developing its own fully realized underground cybercrime market, buoyed by a combination of traditional 419 advance-fee fraudsters and more sophisticated actors that prefer business email compromise and tax scams.

Analysis: Election hackers used many of the same techniques as Carbanak gang

An analysis of two DHS reports focusing on Russia's reputed interference in the 2016 U.S. election revealed common bonds between the infamous hacking campaign, dubbed Grizzly Steppe, and activity by the Carbanak cyber gang. However, an expert with ESET doesn't think the overlap is significant.

Survey explores the minds of hackers: 81% claim they can compromise target in under 12 hours

Eighty-eight percent of hackers surveyed at the 2016 DEF CON conference claimed they can compromise a target in less than 12 hours, while 81 percent said they can identify and exfiltrate a target's data in the same amount of time.

Kaspersky: Banking malware attacks up 30.6% in 2016; finance sector phishing also more prevalent

The number of cyberattacks targeting financial institutions and their customers soared to new heights in 2016, according to Kaspersky Lab, which observed nearly 1.09 million banking trojan attacks on users in 2016.

Malware targeting banks contains apparent false flags designed to frame Russians

Malware samples recovered from watering hole attacks recently targeting banks across the globe contain false flags that fraudulently suggest Russian actors are behind the campaign, even though the most likely culprit is the Lazarus Group.

Downeks and Quasar malware combine in attack linked to Gaza Cybergang

A recent spate of attempted malware attacks intended to infect government entities in the Middle East with a customized version of the Quasar remote access trojan appears to be linked to the Hamas-linked Gaza Cybergang.

Video: 300 billion passwords by 2020, report predicts

A new report predicts that the number of passwords used among humans and machines worldwide will grow to 300 billion by 2020 - all of which will require cyber protection.

Survey: Organizations deploying emerging tech without ensuring data security first

In a classic case of putting the cart before the horse, too many organizations are deploying emerging technologies before they can shore up appropriate levels of data security, according to a new report from Thales e-Security and 451 Research.

Terdot Zloader/Zbot combo abuses certificate app to pull off MITM browser attacks

The downloader Terdot Zloader and its accompanying Zbot banking trojan payload abuse a legitimate certificate application to spy on users and modify web content via man-in-the-middle attacks against browsers, an in-depth code analysis shows.

SC Media Exclusive: Rootnik Android malware variant designed to frustrate researchers

A newly identified version of the Android malware "Rootnik" features anti-debugging and anti-hooking capabilities designed to hinder analysts' efforts to reverse engineer it.

Researchers tentatively link Greenbug cyberspy group to Saudi Shamoon attackers

Researchers may have found a tenuous link between a cyberespionage organization's credentials-stealing trojan and the Shamoon hacking group that's been targeting Saudi energy companies with Disttrack disk-wiping malware.

Facebook alerted to remote code execution bug, search engine privacy issue

A security researcher discovered a remote code execution vulnerability on Facebook's website that earned him a $40,000 bounty, while another uncovered a privacy issue that reveals private phone numbers linked to Facebook users' accounts.

Dueling malwares: Researchers explain what happens when two codes collide

A new research report from website security firm Sucuri provides an inside look at what happens when two competing malicious codes battle for the same territory.

Unhappy meal: McDonald's website doesn't securely protect passwords, researcher finds

Registered users of McDonald's website are susceptible to credential theft due to the combination of a cross-site scripting (XSS) vulnerability and a cryptographic storage vulnerability, a researcher has found.

Pair of ad fraud campaigns linked to defacement attacks by Indonesian hackers

Researchers have discovered two connected advertising fraud campaigns that compromise legitimate web sites and abuse Google AdSense, using tactics that are almost polar opposites of each other.

ElTest malware campaign changes tactics, scraps use of gates and obfuscation

The long-lived ElTest malware campaign that infects victims through compromised websites evolved once again in the last quarter of 2016, ending its use of exploit kit gates and obfuscation, according to researchers with Palo Alto Networks' Unit 42 threat research team.

You lose, Grinch: DeriaLock ransomware discovered on Christmas Eve, but researchers devise decryptors

A rapidly evolving ransomware family called DeriaLock made its ignominious debut over the 2016 holidays, but researchers quickly created decryptor software to rescue the files of those unlucky enough to receive this unwanted "gift."

Researcher: Subcontractor leaks data on military health care professionals

Personal data belonging to health care professionals working for the U.S. military was sitting exposed on an insecure server operated by a medical services subcontractor, a security researcher from MacKeeper reported on Saturday.

New variant of KillDisk wiper threatens industrial control networks with ransomware

The KillDisk disk-wiper program that was used in conjunction with BlackEnergy malware to attack Ukrainian energy utilities now includes a ransomware component, according to researchers at CyberX.