0 Comments
Summary In late 2015, Secureworks® Counter Threat Unit™ (CTU) researchers began tracking financially motivated campaigns leveraging SamSam ransomware (also known as Samas and SamsamCrypt). CTU™ researchers associate this activity with the GOLD LOWELL threat group. GOLD LOWELL typically scans for and exploits known vulnerabilities in Internet-facing systems to gain an initial foothold in a victim’s
0 Comments
Summary During 2017, the cryptocurrency market grew nearly 20-fold, reportedly increasing from approximately $18 billion to more than $600 billion (USD). Those gains amplified threat actors’ interest in accessing the computing resources of compromised systems to mine cryptocurrency. Secureworks® incident response (IR) analysts responded to multiple incidents of unauthorized cryptocurrency mining in 2017, and network
0 Comments
In an effort to deliver more robust application and data security solutions that protect enterprises against attacks from cyber-criminals, California-based Imperva Inc. announced that it will acquire the Los Angeles-based application security company Prevoty. The deal, which is expected to close in Q3 2018, has an estimated value of $140m. The Prevoty office will become an Imperva location.
0 Comments
A flaw in the website design for LifeLock, a company charged with protecting the identity of its online customers, resulted in millions of customer accounts being exposed, according to KrebsonSecurity. A vulnerability in the site, which reportedly lacked authentication and security, has been fixed, but the breach highlights the larger security concerns inherent in web application security. Of
0 Comments
Android users have been warned about another Exobot banking malware source code (v. 2.5) that was leaked online. It was first detected in May 2018 and has been dubbed “Trump Edition.” The leak is expected to result in a surge of malicious Android apps given that the malware source code is now available in dark
0 Comments
by Naked Security writer Happy SysAdmin Day! If you’re a System Administrator at work, then you’re definitely IT support at home as well. In fact, if you’re reading an article on Naked Security then you’re almost certainly the least non-technical user in your family, and that means you’re IT support at home too. And that
0 Comments
by Lisa Vaas Come the end of 2020, it will be time to stick a fork in Adobe Flash. That’s when, if you’ll forgive the mixed metaphor, the malware petri dish will officially be toast. Unfortunately, that doesn’t mean that government agencies are going to toss Flash into the compost pile After all, the government
0 Comments
by Paul Ducklin A few years ago – make that quite a few, actually – Sophos was a lot smaller than it is now. Recruitment was different too – back then we weren’t so much writing cybersecurity software as helping to invent the entire field of anti-malware research. One of the paradoxical things that’s important
0 Comments
by Danny Bradbury Google took its efforts to protect online accounts up a notch this week, announcing its own hardware-based security key. Announced at Google’s Cloud Next conference, the Titan keys are a two-factor authentication (2FA) solution, designed to combat one of the most prevalent forms of online attack: account hijacking. Without 2FA, attackers who
0 Comments
by Mark Stockley So you’re a sysadmin – blue team, red pill, grey hat. Your brain works at the speed of a hyperloop inside a rocket ship slingshotting around a black hole that’s slingshotting around another black hole. You make the impossible possible, you make the improbable into the everyday and for everything else there’s
0 Comments
Summary In 2017, Secureworks® Counter Threat Unit™ (CTU) researchers continued to track GOLD SKYLINE, a financially motivated Nigerian threat group involved in business email compromise (BEC) and business email spoofing (BES) fraud. During the investigation, CTU™ researchers discovered a previously unidentified BEC group that they have named GOLD GALLEON. Unlike other BEC groups, GOLD GALLEON
0 Comments
Dalton and Flowsynth help create and test packet captures Thursday, November 16, 2017 By: Counter Threat Unit Research Team When crafting intrusion detection system (IDS) and intrusion prevention system (IPS) rules for engines such as Suricata and Snort, it is imperative that the rules behave and perform as expected. Validation requires testing, but capturing the
0 Comments
In December 2017, Secureworks® incident response (IR) analysts responded to multiple incidents where threat actors compromised vulnerable Internet-facing Oracle WebLogic servers on Linux and Windows systems to deploy cryptocurrency software. The unauthorized activity significantly impacted the performance of business-critical and client-facing applications. The continued inquiries about this activity in January 2018 suggest that many organizations
0 Comments
Security services, IoT, integrated platforms, GDPR, skills shortage, detection and response, machine learning, automation and orchestration are just a few of the key themes in a vast array of industry analyst predictions about the changing security landscape for customers and vendors in 2018. Following are just a few of these predictions that highlight how cybersecurity
0 Comments
Threat actors continue to use opportunistic attacks to compromise networks and deploy SamSam ransomware to collect money from various types of organizations. Thursday, February 15, 2018 By: Counter Threat Unit Research Team On February 15, 2018, Secureworks® Counter Threat Unit™ (CTU) researchers published details about the tools and techniques used in a series of high-profile
0 Comments
By: Ruby, Digital Media Specialist It’s often assumed that interns are usually college undergraduates with a temporary assignment. I’m an exception to the rule in both respects. I started as a McAfee intern while I was a part-time graduate MBA student at Santa Clara University. Through my internship, I secured a full-time position on McAfee’s
0 Comments
It seems some malicious app developers have taken the phrase “fake it ‘til you make it” to heart, as fake apps have become a rampant problem for Android and iPhone users alike. Even legitimate sources, such as Google Play and Apple’s App Store, have been infiltrated with illegitimate applications, despite their own due diligence in