RIG EK Remains Top of Heap, Turns to Cryptomining

Even after a precipitous drop in activity last quarter, security researchers say that the RIG Exploit Kit (RIG EK) still leads the pack when it comes to overall malicious campaigns. And some of them have found that the crooks are expanding their moneymaking horizons by using RIG to take advantage of the cryptocurrency craze bubbling […]

Cisco ETA solves one of the biggest cybersecurity problems

Last summer, Cisco announced a product called Encrypted Traffic Analysis (ETA), which solves one of the biggest cybersecurity problems — finding malware in encrypted traffic. The use of encrypted traffic continues to grow. In fact, it’s over half of all traffic today and will be well over 80 percent by 2020. The benefit of encrypting traffic is […]

Sneaky malware disguises itself as an Adobe Flash Player installer

A state-sponsored hacking operation is targeting diplomats, using a new attack that bundles malware with a legitimate software update. Uncovered by researchers at ESET, the attacks are targeting embassies and consulates in eastern European post-Soviet states and have been attributed to Turla, a well-known advanced persistent threat group. The hacking operation has a history of targeting government […]

Emailed Cyberattack Targets 2018 Pyeongchang Olympics

A fileless malware campaign was discovered targeting organizations associated with the upcoming 2018 winter Olympics being held in Pyeongchang, South Korea, report analysts at McAfee Advanced Threat Research. An unknown nation-state attacker is likely responsible. The campaign’s primary target was icehockey@pyeongchang2018.com with 337 South Korean organizations included on the BCC line. Most targets had some involvement in […]

PyCryptoMiner ropes Linux machines into Monero-mining botnet

A Linux-based botnet that has been flying under the radar has earned its master at least 158 Monero (currently valued around $63,000). The botnet is based on a crypto-miner written in the Python scripting language, a fact that serves to keep its existence on the down-low. “Unlike a binary malware alternative, a scripting language-based malware […]

LockPoS Malware Sneaks onto Kernel via new Injection Technique

A sneaky new injection technique delivers LockPoS malware straight into the kernel, researchers report. This “silent” method bypasses traditional antivirus software. LockPoS is a type of point-of-sale (PoS) malware designed to snatch credit card data from the memory of computers connected to PoS card scanners. It reads the memory of processes running on the system […]

Google Apps Script Vulnerability Exposes SaaS to URL-based Threats

Google Apps Script is vulnerable to exploits that could allow malware to be delivered via URLs. Attackers could automatically download arbitrary malware hosted in Google Drive to a machine — and the victim would have no idea it was happening. Researchers at Proofpoint discovered the vulnerability earlier this year while exploring the potential for abuse […]

36 fake security apps removed from Google Play

Google has recently pulled 36 fake security apps from Google Play, after they’ve been flagged by Trend Micro researchers. Posing as legitimate security solutions, and occasionally misusing the name of well-known AV vendors like Avast, the apps seemed to be doing the job: they showed security notifications and other messages, warned users about malicious apps, […]

Forever 21 Found Malware and Encryption Disabled on its PoS Devices

Forever 21’s investigation into a data breach first reported in November 2017 has revealed malware planted on the retailer’s point-of-sale systems (PoS) as well as encryption disabled on some of the devices. The retailer, which had been using encryption on its payment system since 2015, received a report in mid-October indicating unauthorized access to payment card data […]

The Future Of Cyber Threats Will Be Defined By Deception

The next 12 months will see major developments in the arms race between cyber attackers and security defenders as they continue to try to stay ahead of each other. Much of the cyber battle will revolve around the creation of new malware and defensive technology, but one of the defining factors of 2018 will be […]