An identity threat company called 4iQ has recently published a report called "Identities in the Wild: The Tsunami of Breached Identities Continues." Unfortunately, the information in the report contains all bad news. Some of the details are simply confirmations of things we already knew, and some are shocking statistics that will leave you feeling dismayed. For instance: Cybercriminals and hackers are getting increasingly sophisticated - This isn't new, but it's even worse than that. … Read more
Hackers Can Use PDF Files To Access Windows Credentials
Security researcher Assaf Baharav from Check Point Security has discovered a new twist on an old, fairly well-known attack. He was able to essentially "weaponize" PDFs to steal Windows credentials stored in NTLM hashes. Unfortunately, no action other than simply opening the PDF is required for the hacker to gain access to the information. Baharav used the same methodology that hackers have used in the past, which amounts to instantiating SMB requests from inside the document. Hackers have … Read more
New Malware Takes Screenshots and Steals Your Passwords
Recently, a new strain of malware called "SquirtDanger" has been found by researchers at Palo Alto Networks Unit 42, and it's a particularly nasty one for a couple of reasons. First and foremost, the owner of the malware isn't orchestrating campaigns himself, but rather, selling his product as a commodity on the Dark Web. That has troubling implications because the malware is quite advanced, and since it's being sold to a broad cross-section of hackers, odds are excellent that it will be … Read more
Major Server Ring Distributing Malware Taken Down
Score one for the good guys. A researcher from BrilliantIT was recently able to figure out how infected computers would connect to EITest's command and control server, and using that information, was able to bring down their entire network. If you haven't heard of EITest before, the true significance of that statement might not be registering. EITest first appeared in 2011. In its original incarnation, it was little more than an annoyance. It was a collection of compromised servers used … Read more
Hacked Routers Being Used To Spread Malware
Beware of compromised routers spreading malware. This is according to both Kaspersky Labs and a recently released government report. Using hacked routers to spread malware is nothing new. Security insiders have known about it for years. However, since 2008, the number of instances where routers are being used to push malicious code has been steadily increasing. Researchers are observing marked increases in their use by APTs (Advanced Persistent Threat) around the world. APTs are nothing … Read more
Most “Wannacry” Hacks Were On Windows 7 Machines
Last year's Wannacry attack was bad, but in many ways, it was a self-inflicted wound. According Webroot's recently published "Annual Threat Report," almost all of the machines that succumbed to the Wannacry attack were running Windows 7. That attack is estimated to have caused in excess of $4 billion in total losses. The central problem is that businesses have been much slower than individuals to make the shift from Windows 7 to the much more secure Windows 10. For example, in January … Read more
Huge Spike in Malware With Mining Capabilities
There's a new type of hacking attack to be concerned with, and it's growing by leaps and bounds. Called "Crypto-Jacking," it's a process by which malicious code is placed on websites. When the sites are visited, the code secretly siphons off a portion of the affected user's PC, laptop, or smartphone's processing power and uses it to mine for various cryptocurrencies so that the hackers can profit from it. Kevin Haley, the Director of Symantec's Security Response Team, had this to say about … Read more
RottenSys Malware Has Infected 5M Android Devices Since 2016
There's a new threat on the horizon, according to security researchers from Check Point. A group of hackers in China are busy building a massive botnet that so far, totals almost five million Android smartphones. The hackers are quietly taking control of these devices using a strain of malware known as "RottenSys." While the malware is flexible and can be adapted to any number of purposes, in its present incarnation, it's being used to display copious numbers of advertisements. This … Read more
Massive Malware Attack Stemmed From Bittorent App
According to a Microsoft security researcher, a massive malware attack attempted to install a cryptocurrency mining software on more than 400,000 computers in less than twelve hours. The failed campaign is noteworthy because of the attack vector used. It was a supply chain attack implemented by compromising Bittorrent, a highly popular program used to share and download files. Until recently, security professionals discounted the very possibility of supply chain attacks, regarding them as … Read more
Beware Fake Craigslist Email Could Contain Ransomware
If you post ads on Craigslist for short term employment, be aware that there's a new malspam campaign that aims to distribute Sigma ransomware on the computers of unwary users. By all outward appearances, the emails seem to come from Craigslist in response to ads posted in Craigslist's "Gigs" section for short term employment. The emails will generally express interest in whatever job the user has posted and include a protected Word or RTF document which recipients will assume are … Read more
