Tag Archives for " malware "

Card-Skimming Malware Campaign Hits Dozens of Sites Daily

In the past six months, more than 7,000 sites that run Magento e-commerce software have been infected with malicious JavaScript designed to harvest customers’ payment card details as they finalize their orders.

So warns Willem de Groot, a security consultant and researcher based in the Netherlands, who says that online card-skimming software that communicates with a domain hosted in Moscow, magentocore[dot]net, is being used to infect 50 to 60 e-commerce sites a day.

Source: Card-Skimming Malware Campaign Hits Dozens of Sites Daily

Hackers Can Turn Body Cameras Into Malware Spewing Machines

Once lauded as tools to enhance police accountability, body cameras have been facing increasing scrutiny from privacy advocates, and now one researcher has identified them as cybersecurity time bombs.

Speaking to Wired ahead of a Def Con presentation, Josh Mitchell, a consultant at the security firm Nuix, demonstrated that many body cameras are vulnerable to hacking, making several different nightmare scenarios possible: officers themselves could be tracked while wearing the cameras, footage could be doctored or deleted entirely, and the cameras could be hijacked to spread ransomware or other malicious code throughout police networks.

Source: Hackers Can Turn Body Cameras Into Malware Spewing Machines, Security Expert Says

When malware turns artificial intelligence into a weapon

AI can be used to automatically detect and combat malware — but this does not mean hackers can also use it to their advantage. Cybersecurity, in a world full of networked systems, data collection, Internet of Things (IoT) devices and mobility, has become a race between white hats and threat actors.

Read article: DeepLocker: When malware turns artificial intelligence into a weapon – TechRepublic

BlackTech threat group steals D-Link certificates to spread backdoor malware

Researchers have uncovered a new malicious campaign which utilizes stolen D-Link certificates to sign malware. The same certificate was used to sign legitimate D-Link software. Malware includes a backdoor component and the exfiltration tool.

Source: BlackTech threat group steals D-Link certificates to spread backdoor malware – TechRepublic

Data indicates human error prevailing cause of breaches, incidents

Ransomware. Malware. Phishing. Given the types of high profile cyberthreats that carry the most coverage in the news, there is a tendency to assume incidents exposing sensitive, regulated data occur as a result of an organization being “under attack.” Seasoned privacy professionals, however, know that in reality, the majority of incidents are inadvertent and unintentional, and can be classified as human error. And these incidents still trigger the same regulatory obligations as intentional and malicious incidents.

Read full article: Data indicates human error prevailing cause of breaches, incidents

Hackers infect 500,000 consumer routers all over the world with malware

Hackers have infected more than 500,000 home and small-office routers around the world with malware that can be used to collect communications, launch attacks on others, and permanently destroy the devices with a single command.

Source: Hackers infect 500,000 consumer routers all over the world with malware | Ars Technica

Chinese government is behind a decade of hacks on software companies

Researchers said Chinese intelligence officers are behind almost a decade’s worth of network intrusions that use advanced malware to penetrate software and gaming companies in the US, Europe, Russia, and elsewhere.

The hackers have struck as recently as March in a campaign that used phishing emails in an attempt to access corporate-sensitive Office 365 and Gmail accounts. In the process, they made serious operational security errors that revealed key information about their targets and possible location.

Source: Report: Chinese government is behind a decade of hacks on software companies | Ars Technica

Sophisticated Android malware tracks all your phone activities

An advanced type of malware can spy on nearly every Android smartphone function and steal passwords, photos, video, screenshots and data from WhatsApp, Telegram and other apps. “ZooPark” targets subjects in the Middle East and was likely developed by a state actor, according to Kaspersky Lab, which first spotted and identified it.

Source: Sophisticated Android malware tracks all your phone activities

Cloud computing highlights new security challenges in hybrid IT

During the recent Tech Field Day 16 event, Forcepoint teased the beginning of what I believe is a much-needed shift in hybrid IT security. At the VMware-sponsored FutureNet conference, a Verizon spokesman shared the fundamental challenge with hybrid IT security: There isn’t a consistent construct on which to build a security enforcement plan across the public and private cloud.

The traditional approach to enterprise security relies on network access control (NAC). NAC has proven a crutch for enterprise security for years, as security professionals could loosely base identity on the node where traffic originates.

Source: Serverless computing highlights new security challenges in hybrid IT – TechRepublic

Ditch The False Sense Of Security And Take Charge Of Your Online Privacy

On Consumer Rights Day, we’re reminded that the digital marketplace is where scams, fraud and identity theft to flourish.

According to a recent survey put out by TD Canada Trust, nearly three-quarters of Canadian millennials say they feel at risk of becoming a victim of cybercrime — and they should be.

Source: Ditch The False Sense Of Security And Take Charge Of Your Online Privacy

1 2 3 4
>