Tag Archives for " malware "

Cryptomining replaces ransomware as 2018’s top cybersecurity threat

Cryptomining has taken ransomware’s place as the top cybersecurity threat in 2018, according to Webroot’s Mid-Year Threat Report Update. Focusing on trends in the first half of 2018, the report discovered cyberattack vectors becoming increasingly advanced and sophisticated, according to the Tuesday press release for the report.

Full article: Cryptomining replaces ransomware as 2018’s top cybersecurity threat – TechRepublic

Thousands of WordPress sites backdoored with malicious code

Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.

All compromises seem to follow a similar pattern –to load malicious code from a known threat actor– although the entry vector for all these incidents appears to be different.

Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.

Source: Thousands of WordPress sites backdoored with malicious code | ZDNet

The 6 most popular cyberattack methods hackers use to attack your business

Cyberattacks show no sign of slowing down this year, according to a Wednesday report from Positive Technologies. Q2 2018 saw a 47% increase in cyberattacks over Q2 2017, with targeted attacks outnumbering mass campaigns as cybercriminals grow more sophisticated. Most cases involved targeted attacks on companies and their clients, as well as cryptocurrency exchanges, the report found. This article looks at six most popular cyberattack methods criminals used in Q2 2018, according to the report.

Read article: The 6 most popular cyberattack methods hackers use to attack your business – TechRepublic

Australia’s spyware law could expose phones to exploitation

Peter Dutton’s proposed legislation to expand the government’s surveillance capabilities into telecommunication devices through the inclusion of spyware risks could create “systemic weakness or vulnerability” that would be open to exploitation, Australia’s peak industry group has warned.

The Australian Industry Group has responded to the call for consultation on the assistance and access bill by warning of unintended consequences from the home affairs minister’s push to force telcos and tech giants, including Apple, Samsung, Google and Facebook, to include concealed “backdoors” into devices and messaging platforms.

Source: Australia’s spyware law could expose phones to exploitation, business group warns

Card-Skimming Malware Campaign Hits Dozens of Sites Daily

In the past six months, more than 7,000 sites that run Magento e-commerce software have been infected with malicious JavaScript designed to harvest customers’ payment card details as they finalize their orders.

So warns Willem de Groot, a security consultant and researcher based in the Netherlands, who says that online card-skimming software that communicates with a domain hosted in Moscow, magentocore[dot]net, is being used to infect 50 to 60 e-commerce sites a day.

Source: Card-Skimming Malware Campaign Hits Dozens of Sites Daily

Hackers Can Turn Body Cameras Into Malware Spewing Machines

Once lauded as tools to enhance police accountability, body cameras have been facing increasing scrutiny from privacy advocates, and now one researcher has identified them as cybersecurity time bombs.

Speaking to Wired ahead of a Def Con presentation, Josh Mitchell, a consultant at the security firm Nuix, demonstrated that many body cameras are vulnerable to hacking, making several different nightmare scenarios possible: officers themselves could be tracked while wearing the cameras, footage could be doctored or deleted entirely, and the cameras could be hijacked to spread ransomware or other malicious code throughout police networks.

Source: Hackers Can Turn Body Cameras Into Malware Spewing Machines, Security Expert Says

When malware turns artificial intelligence into a weapon

AI can be used to automatically detect and combat malware — but this does not mean hackers can also use it to their advantage. Cybersecurity, in a world full of networked systems, data collection, Internet of Things (IoT) devices and mobility, has become a race between white hats and threat actors.

Read article: DeepLocker: When malware turns artificial intelligence into a weapon – TechRepublic

BlackTech threat group steals D-Link certificates to spread backdoor malware

Researchers have uncovered a new malicious campaign which utilizes stolen D-Link certificates to sign malware. The same certificate was used to sign legitimate D-Link software. Malware includes a backdoor component and the exfiltration tool.

Source: BlackTech threat group steals D-Link certificates to spread backdoor malware – TechRepublic

Data indicates human error prevailing cause of breaches, incidents

Ransomware. Malware. Phishing. Given the types of high profile cyberthreats that carry the most coverage in the news, there is a tendency to assume incidents exposing sensitive, regulated data occur as a result of an organization being “under attack.” Seasoned privacy professionals, however, know that in reality, the majority of incidents are inadvertent and unintentional, and can be classified as human error. And these incidents still trigger the same regulatory obligations as intentional and malicious incidents.

Read full article: Data indicates human error prevailing cause of breaches, incidents

Hackers infect 500,000 consumer routers all over the world with malware

Hackers have infected more than 500,000 home and small-office routers around the world with malware that can be used to collect communications, launch attacks on others, and permanently destroy the devices with a single command.

Source: Hackers infect 500,000 consumer routers all over the world with malware | Ars Technica

1 2 3 4
>