Malware & Vulnerabilities – Page 4 – Computer Security Articles

Credit to Author: Darlene Storm| Date: Wed, 19 Apr 2017 08:21:00 -0700

Since the emergence of Mirai, you may have wondered if your IoT device has ever been infected with malware; you even may have rebooted the device which would remove the infection. But if your IoT device becomes infected with BrickerBot, you will know because the malware will “brick” it. Just the same, some people will believe the hardware failed.

Radware security researchers previously said BrickerBot malware was responsible for permanent denial of service attacks (PDoS) that would “destroy” the infected devices. PDoS, also known as “phlashing,” is “an attack that damages a system so badly that it requires replacement or reinstallation of hardware. By exploiting security flaws or misconfigurations, this type of cyberattack can destroy the firmware and/or basic functions of system.”

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

1,175 hotels listed in payment card breach of Holiday Inn parent company

April 17, 2017 admin Cybercrime & Hacking, Malware & Vulnerabilities, Security

Credit to Author: Darlene Storm| Date: Mon, 17 Apr 2017 10:11:00 -0700

You may recall commercials for Holiday Inn Express that revolved around a “Stay smart” theme, but if you stayed in Holiday Inn Express, or other InterContinental Hotels Group-branded franchise hotel late last year, then you would be really smart if you keep an eye out for unexpected charges on your credit card.

IHG finally reported the findings from an investigation into a breach of the company’s payment systems. The company has over 5,000 hotels across 100 counties, with brands such as Holiday Inn, Holiday Inn Resort, Holiday Inn Express, Crowne Plaza, Hotel Indigo, InterContinental, Kimpton, Staybridge Suites and Candlewood Suites. Hackers managed to get malware into the front desk payment system at some IHG-branded franchise hotels in the United States and Puerto Rico and made off with payment card data.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

New ransomware demanded high score on anime-style shooter game not bitcoins

April 10, 2017 admin Emerging Technology, Malware & Vulnerabilities, Security

Credit to Author: Darlene Storm| Date: Mon, 10 Apr 2017 09:23:00 -0700

Never underestimate what a person can come up with when he or she is bored as was recently highlighted by the accidental release of a ransomware that required victims to reach an astronomically high score on an anime-style shooter game instead of paying an outrageous ransom in bitcoins.

The Malware Hunter Team was surprised to discover Rensenware; they said the ransomware did not ask “for any money, but to play a game until you reach a score – and it’s not a joke.”

Victims who wanted their files decrypted were required to score over 200 million points in the “lunatic” level of the game TH12 ~ Undefined Fantastic Object.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Email-based attacks exploit unpatched vulnerability in Microsoft Word

April 10, 2017 admin Enterprise Applications, Malware & Vulnerabilities, Security, Windows 10

Credit to Author: Lucian Constantin| Date: Mon, 10 Apr 2017 08:08:00 -0700

Attackers have been exploiting an unpatched vulnerability in Microsoft Word for the past few months to compromise computers and infect them with malware.

The first report about the attacks came Friday from antivirus vendor McAfee after the company’s researchers analyzed some suspicious Word files spotted a day earlier. It turned out that the files were exploiting a vulnerability that affects “all Microsoft Office versions, including the latest Office 2016 running on Windows 10.”

The flaw is related to the Windows Object Linking and Embedding (OLE) feature in Microsoft Office that allows documents to embed references and links to other documents or objects, the McAfee researchers said in a blog post.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

WikiLeaks: CIA used bits of Carberp Trojan code for malware deployment

April 7, 2017 admin Malware & Vulnerabilities, Security

Credit to Author: Michael Kan| Date: Fri, 07 Apr 2017 12:29:00 -0700

When the source code to a suspected Russian-made malware leaked online in 2013, guess who used it? A new release from WikiLeaks claims the CIA borrowed some of the code to bolster its own hacking operations.

On Friday, WikiLeaks released 27 documents that allegedly detail how the CIA customized its malware for Windows systems.

The CIA borrowed a few elements from the Carberp financial malware when developing its own hacking tool known as Grasshopper, according to those documents.

Carberp gained infamy as a Trojan program that can steal online banking credentials and other financial information from its victims’ computers. The malware, which likely came from the criminal underground, was particularly problematic in Russia and other former Soviet states.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

IoT malware begins to show destructive behavior

April 7, 2017 admin Internet of Things, Malware & Vulnerabilities, Security

Credit to Author: Lucian Constantin| Date: Fri, 07 Apr 2017 11:37:00 -0700

Hackers have started adding data-wiping routines to malware that’s designed to infect internet-of-things and other embedded devices. Two attacks observed recently displayed this behavior but likely for different purposes.

Researchers from Palo Alto Networks found a new malware program dubbed Amnesia that infects digital video recorders through a year-old vulnerability. Amnesia is a variation of an older IoT botnet client called Tsunami, but what makes it interesting is that it attempts to detect whether it’s running inside a virtualized environment.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

How to rescue your PC from ransomware

April 5, 2017 admin Cybercrime & Hacking, Malware & Vulnerabilities, Security

Credit to Author: Eric Geier| Date: Mon, 03 Apr 2017 17:51:00 -0700

With nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult.

You can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. In the past I’ve discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

A free decryption tool is now available for all Bart ransomware versions

April 4, 2017 admin encryption, Malware & Vulnerabilities, Security

Credit to Author: Lucian Constantin| Date: Tue, 04 Apr 2017 10:00:00 -0700

Users who have had their files encrypted by any version of the Bart ransomware program are in luck: Antivirus vendor Bitdefender has just released a free decryption tool.

The Bart ransomware appeared in June and stood out because it locked victims’ files inside ZIP archives encrypted with AES (Advanced Encryption Standard). Unlike other ransomware programs that used RSA public-key cryptography and relied on a command-and-control server to generate key pairs, Bart was able to encrypt files even in the absence of an internet connection.

To read this article in full or to leave a comment, please click here