Microsoft has averted a massive and widespread campaign that would have seen tens of thousands of machines impacted. The software giant reported that on March 6, “Windows Defender AV blocked more than 80,000 instances of several sophisticated Trojans that exhibited advanced cross-process injection techniques, persistence mechanisms and evasion methods.” The Trojans, which are new variants […]
Almost half of organizations do not regularly make substantial changes to their security strategy, even after experiencing a cyber-attack. That’s according to the CyberArk Global Advanced Threat Landscape Report 2018, in which the security vendor surveyed 1300 IT security decision makers to explore the current state of enterprise security practices. The general theme of the report was […]
“RedDrop” Mobile Malware Records Ambient Audio
March 1, 2018
A newly detailed mobile malware can do more than steal data from infected devices: it can also record ambient audio and send the recordings to cloud storage accounts controlled by attackers. Dubbed RedDrop, the malware can also inflict financial costs on victims by sending SMS messages to premium services, security firm Wandera says. The U.K.-based […]
FBI WARNS OF SPIKE IN W-2 PHISHING CAMPAIGNS
February 27, 2018
The Federal Bureau of Investigation is warning businesses about a spike in phishing campaigns requesting W-2 information from payroll personnel. In a recent security advisory the FBI warned it has seen an increase since January in reports of compromised or spoofed emails involving W-2 forms. These emails, coming during the IRS’s tax filing season, can […]
Bad Actors Increase Focus on Cloud Services, Encryption
February 26, 2018
Malware sophistication is increasing as adversaries begin to weaponize cloud services and evade detection through encryption, which is being used as a tool to conceal command-and-control activity. That’s according to the Cisco 2018 Annual Cybersecurity Report (ACR). It also found that while encryption is meant to enhance security, the expanded volume of encrypted web traffic […]
UTORRENT USERS WARNED OF REMOTE CODE EXECUTION VULNERABILITY
February 25, 2018
Google Project Zero researchers are warning of two critical remote code execution vulnerabilities in popular versions of BitTorrent’s web-based uTorrent Web client and its uTorrent Classic desktop client. According to researchers, the flaws allow a hacker to either plant malware on a user’s computer or view the user’s past download activity. Project Zero security researcher […]
Fraud Campaign Targets Accounts Payable Contacts at Fortune 500 Firms
February 24, 2018
A new business email compromise (BEC) campaign is targeting accounts payable personnel at Fortune 500 companies in an attempt to trick victims into initiating fraudulent wire transactions to attacker-controlled accounts, IBM warns. As part of BEC scams, attackers take over or impersonate a trusted user’s email account to target other companies and divert funds to […]
REPORTED CRITICAL VULNERABILITIES IN MICROSOFT SOFTWARE ON THE RISE
February 23, 2018
The number of reported vulnerabilities in Microsoft software has mounted from 325 in 2013 to 685 last year, a rise of 111 percent, according to new research. Moreover, there has also been a 54 percent increase in critical Microsoft vulnerabilities since 2016, researchers at Avecto said in their report, which is based on data from […]
INTEL EXPANDS BUG BOUNTY PROGRAM POST-SPECTRE AND MELTDOWN
February 22, 2018
In the wake of the Spectre and Meltdown bugs, Intel has rolled out a significant expansion of its bug bounty program. Intel first launched the program in March 2017. The big changes include a shift from an invitation-only format to one that is open to all security researchers. One key addition is a program for […]
APPLE RUSHES FIX FOR LATEST ‘TEXT BOMB’ BUG AS ABUSE SPREADS
February 21, 2018
Apple said it is working on a fix for the latest text bomb bug that crashes a number of iOS and Mac apps that display specific Telugu language characters. The bug, first reported by Italian Blog Mobile World, impacts a wide range of Apple apps running on iOS and macOS. While some iPhone users are […]