Free tools and resources for Data Protection Officers!

Tag Archives for " malware "

Report reveals the dangers and trends of malware through 2018

Last year, the arrival of the EU’s General Data Protection Regulation sent shockwaves through the world of data protection. Big corporates registered record-breaking data breaches, while pre-GDPR transgressions such as those committed in the Facebook/Cambridge Analytica scandal fell under heightened scrutiny of a more privacy-conscious age.

Full article: Report reveals the dangers and trends of malware through 2018

NSA will open source a tool for malware disassembly and reverse engineering

Dubbed GHIDRA, the tool will allow folks au fait with cyber security to pick apart binaries for Windows, macOS, Android and iOS, and turn them into code that can then be perused to figure out what malware has been up to, or take a deep dive into seemingly legit software carrying out eyebrow-raising activity.

Full article: NSA will open source a tool for malware disassembly and reverse engineering

Cybersecurity in 2019

While you prepare your defenses against the next big thing, also pay attention to the longstanding threats that the industry still hasn’t put to rest.

Will 2019 be the year we see a nation-state take down a large-scale industrial installation? How much of the world’s cryptocurrency will be mined by hackers using unsuspecting endpoints? What kind of damage can we expect from well-intentioned but misguided vigilantes? And what does it all mean to you?

Full article: Cybersecurity in 2019: From IoT & Struts to Gray …

New malware pulls its instructions from code hidden in memes posted to Twitter

Security researchers said they’ve found a new kind of malware that takes its instructions from code hidden in memes posted to Twitter.

The malware itself is relatively underwhelming: like most primitive remote access trojans (RATs), the malware quietly infects a vulnerable computer, takes screenshots and pulls other data from the affected system and sends it back to the malware’s command and control server.

What’s interesting is how the malware uses Twitter as an unwilling conduit in communicating with its malicious mothership.

Full article: New malware pulls its instructions from code hidden in memes posted to Twitter | TechCrunch

Widely used open source software contained bitcoin-stealing backdoor

A hacker or hackers sneaked a backdoor into a widely used open source code library with the aim of surreptitiously stealing funds stored in bitcoin wallets. The malicious code was inserted in two stages into event-stream, a code library with 2 million downloads that’s used by Fortune 500 companies and small startups alike.

In stage one, version 3.3.6, published on September 8, included a benign module known as flatmap-stream. Stage two was implemented on October 5 when flatmap-steam was updated to include malicious code that attempted to steal bitcoin wallets and transfer their balances to a server located in Kuala Lumpur. The backdoor came to light last Tuesday with this report from Github user Ayrton Sparling.

Full article: Widely used open source software contained bitcoin-stealing backdoor | Ars Technica

6 mobile security threats you should take seriously in 2019

While it’s easy to focus on the sensational subject of malware, the truth is that mobile malware infections are incredibly uncommon in the real world — with your odds of being infected significantly less than your odds of being struck by lightning, according to one estimate.

However, the more realistic mobile security hazards lie in some easily overlooked areas, all of which are only expected to become more pressing in the coming year.

Full article: 6 mobile security threats you should take seriously in 2019 | CSO Online

Cryptomining replaces ransomware as 2018’s top cybersecurity threat

Cryptomining has taken ransomware’s place as the top cybersecurity threat in 2018, according to Webroot’s Mid-Year Threat Report Update. Focusing on trends in the first half of 2018, the report discovered cyberattack vectors becoming increasingly advanced and sophisticated, according to the Tuesday press release for the report.

Full article: Cryptomining replaces ransomware as 2018’s top cybersecurity threat – TechRepublic

Thousands of WordPress sites backdoored with malicious code

Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.

All compromises seem to follow a similar pattern –to load malicious code from a known threat actor– although the entry vector for all these incidents appears to be different.

Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.

Source: Thousands of WordPress sites backdoored with malicious code | ZDNet

The 6 most popular cyberattack methods hackers use to attack your business

Cyberattacks show no sign of slowing down this year, according to a Wednesday report from Positive Technologies. Q2 2018 saw a 47% increase in cyberattacks over Q2 2017, with targeted attacks outnumbering mass campaigns as cybercriminals grow more sophisticated. Most cases involved targeted attacks on companies and their clients, as well as cryptocurrency exchanges, the report found. This article looks at six most popular cyberattack methods criminals used in Q2 2018, according to the report.

Read article: The 6 most popular cyberattack methods hackers use to attack your business – TechRepublic

Australia’s spyware law could expose phones to exploitation

Peter Dutton’s proposed legislation to expand the government’s surveillance capabilities into telecommunication devices through the inclusion of spyware risks could create “systemic weakness or vulnerability” that would be open to exploitation, Australia’s peak industry group has warned.

The Australian Industry Group has responded to the call for consultation on the assistance and access bill by warning of unintended consequences from the home affairs minister’s push to force telcos and tech giants, including Apple, Samsung, Google and Facebook, to include concealed “backdoors” into devices and messaging platforms.

Source: Australia’s spyware law could expose phones to exploitation, business group warns

1 2 3 5
>