Malware & Vulnerabilities – Page 8 – Computer Security Articles

Credit to Author: Lucian Constantin| Date: Mon, 20 Feb 2017 07:00:00 -0800

The hackers behind a sophisticated attack campaign that has recently targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.

Researchers from cybersecurity firm BAE Systems have recently obtained and analyzed additional malware samples related to an attack campaign that has targeted 104 organizations — most of them banks — from 31 different countries.

They found multiple commands and strings in the malware that appear to have been translated into Russian using online tools, the results making little sense to a native Russian speaker.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Insecure Android apps put connected cars at risk

February 17, 2017 admin Car Tech, Malware & Vulnerabilities, Security

Credit to Author: Lucian Constantin| Date: Fri, 17 Feb 2017 09:08:00 -0800

Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could prevent tampering by hackers.

Researchers from antivirus vendor Kaspersky Lab took seven of the most popular Android apps that accompany connected cars from various manufacturers, and analyzed them from the perspective of a compromised Android device. The apps and manufacturers have not been named.

The researchers looked at whether such apps use any of the available countermeasures that would make it hard for attackers to hijack them when the devices they’re installed on are infected with malware. Other types of applications, such as banking apps, have such protections.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Experts at RSA offer up their best cybersecurity advice

February 16, 2017 admin Malware & Vulnerabilities, Security

Credit to Author: Michael Kan| Date: Thu, 16 Feb 2017 16:34:00 -0800

Come to the RSA show, and you’ll find plenty of cybersecurity technology. The top vendors from across the industry are here, showing products for fighting ransomware, preventing data breaches and more.

But even the best security software is useless if users and businesses aren’t taking the right steps to protect themselves. So we asked experts at the show for their best cybersecurity tips.

Joe Stewart, director of malware research at Dell SecureWorks

He advises everyone to set up two-factor authentication to protect their internet accounts, especially email. It can be particularly useful when stopping hackers who are trying to steal login passwords from users, whether through malware or email phishing schemes.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Israeli soldiers hit by Android malware from cyberespionage group

February 16, 2017 admin Android, Malware & Vulnerabilities, Security

Credit to Author: Lucian Constantin| Date: Thu, 16 Feb 2017 12:45:00 -0800

More than 100 members of the Israel Defense Forces (IDF), the majority of them stationed around the Gaza strip, fell victim to a cyberespionage attack that used malicious Android applications to steal information from their mobile devices.

The attack campaign started in July and continues to date, according to researchers from antivirus firm Kaspersky Lab, who cooperated in the investigation with the IDF Information Security Department.

The Israeli soldiers were lured via Facebook Messenger and other social networks by hackers who posed as attractive women from various countries like Canada, Germany, and Switzerland. The victims were tricked into installing a malicious Android application, which then scanned the phone and downloaded another malicious app that masqueraded as an update for one of the already installed applications.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Sophos CEO sounds the alarm on enterprise ransomware attacks

February 15, 2017 admin Cybercrime & Hacking, Malware & Vulnerabilities, Security

Credit to Author: Martyn Williams| Date: Wed, 15 Feb 2017 12:32:00 -0800

Ransomware is increasingly becoming a problem for companies, and the CEO of a leading computer security firm says he fears 2017 could see entire companies shut down until they pay up, or risk losing all their data.

Ransomware works by infiltrating a computer with malware and then encrypting all the files on the disk. The user is presented with a limited time offer: Lose all your data or send money with the promise your data will be unlocked. The fee typically varies from tens of dollars to hundreds of dollars and often has to be transmitted in Bitcoin.

The problem began on a fairly small scale, targeting individual users, but has been growing. Last year, a hospital in Los Angeles admitted to paying $17,000 to get its system unlocked, and a report in October said ransomware cases were on course to quadruple in 2016 over the previous year.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Hacker breached 63 universities and government agencies

February 15, 2017 admin Cybercrime & Hacking, Malware & Vulnerabilities, Security

Credit to Author: Darlene Storm| Date: Wed, 15 Feb 2017 09:33:00 -0800

A “Russian-speaking and notorious financially-motivated” hacker known as Rasputin has been at it again, hacking into universities and government agencies this time, before attempting to sell the stolen data on the dark web.

According to the security company Recorded Future, which has been tracking the cybercriminal’s breaches, Rasputin’s most recent victims include 63 “prominent universities and federal, state, and local U.S. government agencies.” The security firm has been following Rasputin’s activity since late 2016 when the hacker reportedly breached the U.S. Electoral Assistance Commission and then sold EAC access credentials.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Russian cyberspies blamed for U.S. election hacks are now targeting Macs

February 14, 2017 admin Apple Mac, Malware & Vulnerabilities, Security

Credit to Author: Lucian Constantin| Date: Tue, 14 Feb 2017 10:28:00 -0800

Security researchers have discovered a macOS malware program that’s likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year.

The group — known in the security industry under different names including Fancy Bear, Pawn Storm, and APT28 — has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent.

X-Agent variants for Windows, Linux, Android, and iOS have been found in the wild in the past, but researchers from Bitdefender have now come across what appears to be the first macOS version of the Trojan.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Experts worry that ransomware could hit critical infrastructure

February 13, 2017 admin Malware & Vulnerabilities, Security

Credit to Author: Michael Kan| Date: Mon, 13 Feb 2017 13:14:00 -0800

Expect ransomware to grow more aggressive in the coming years, including higher ransom payments and attempts to go beyond attacking data — by shutting down entire computer systems to utilities or factories.

“I see no reason for ransomware to stop,” said Neil Jenkins, an official with the U.S. Department of Homeland Security. “It’s shown to be effective.”

On Monday at the RSA cybersecurity conference, experts gave a grim outlook on the future of ransomware, which they fear will spread. Through the attacks, cybercriminals have already managed to rake in US$1 billion last year, according to one estimate.

To read this article in full or to leave a comment, please click here