0 Comments
Author: Brett Stone-Gross, Ph.D., Dell SecureWorks Counter Threat Unit Date: 7 August 2014 Overview Lurk is a malware downloader that uses digital steganography: the art of hiding secret information within a digital format, such as an image, audio, or video file. Lurk specifically uses an algorithm that can embed encrypted URLs into an image file
0 Comments
Politics and ransomware. No, it’s not a lost single from the Oasis back catalogue, but in fact a relatively recent tactic by ransomware developers looking to exploit the profiles of major politicians to install ransomware on victims’ computers. Donald Trump, Angela Merkel, and now Barack Obama all serve as lures for the unsuspecting. Despite its
0 Comments
The security and privacy issues with APIs and third-party app developers are something that’s not just Facebook is dealing with. A bug in Twitter’s API inadvertently exposed some users’ direct messages (DMs) and protected tweets to unauthorized third-party app developers who weren’t supposed to get them, Twitter disclosed in its Developer Blog on Friday. What
0 Comments
The White House published a comprehensive National Cyber Strategy detailing how the Trump administration aims to improve cybersecurity in government, critical infrastructure and the private sector, as well as tackling cybercrime and international issues. The National Cyber Strategy builds upon the cybersecurity executive order signed in May 2017 and the subsequent security audit reports submitted
0 Comments
There’s an episode in the latest season of the Hulu original series Casual, where the main character, Alex, tries his hand at dating in virtual reality. He quickly meets a woman and develops a big, adrenaline-inducing crush only to realize she’s a scammer out for his credit card information. The season takes place around 2021
0 Comments
Independence Blue Cross, a Philadelphia-based health insurer notified thousands of its members this week that a data breach had exposed some of their protected health information (PHI), according to Healthcare Informatics. On July 19, 2018, Independence Blue Cross’s privacy office announced a breach in which the personal information of approximately 17,000 members – fewer than
0 Comments
Author: Dell SecureWorks Counter Threat Unit™ Threat Intelligence Date: 27 August 2014 Overview In late February 2014, the Dell SecureWorks Counter Threat Unit™ (CTU™) research team analyzed a family of file-encrypting ransomware being actively distributed on the Internet. Although this ransomware, now known as CryptoWall, became well-known in the first quarter of 2014, it has
0 Comments
ESET researchers have discovered new DanaBot campaigns targeting a number of European countries Recently, we have spotted a surge in activity of DanaBot, a stealthy banking Trojan discovered earlier this year. The malware, first observed in campaigns targeting Australia and later Poland, has apparently expanded further, with campaigns popping up in Italy, Germany, Austria, and
0 Comments
Lime, the 18-month-old, San Francisco-based company whose bright green bicycles and scooters now dot cities throughout the U.S., launched a pilot program in Tacoma, Washington, today, but that tiny victory might have felt short-lived. The reason: on the opposite side of the country, a Lime rider was killed today by an SUV while tooling around Washington
0 Comments
As the cyber industry continues to evolve, it becomes increasingly difficult for organizations to stay ahead of the curve, making the ever-changing threat landscape a major concern for many businesses, according to the 2018 Travelers Risk Index published by The Travelers Indemnity Company. Evolving threats and new digital developments make cyber a top concern for large technology,
0 Comments
Author: Brett Stone-Gross and Pallav Khandhar, Dell SecureWorks Counter Threat Unit™ Threat Intelligence Date: 17 December 2014 Summary Threat actors regularly develop new Trojan horse malware to fuel their operations and to ensure the longevity of their botnets. After the takedowns of the Gameover Zeus and Shylock botnets, researchers predicted that a new breed of
0 Comments
The skimmer, injected into the store’s payment page, harvested credit-card details from the store’s online customers for more than a month The major electronics and computer hardware retailer Newegg has announced that attackers have compromised its online payments system, potentially scooping up buyers’ credit-card data over a period of more than a month. “Yesterday we
0 Comments
A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-days deadline. Discovered by Lucas Leong of the Trend Micro Security Research team, the zero-day vulnerability resides in Microsoft Jet Database
0 Comments
Researchers at the prestigious Salk Institute are reporting that they have managed to map the molecular structure of a CRISPR enzyme that could allow scientists to more precisely manipulate functions within cells. Over the past several years, CRISPR-Cas9 has seized the public imagination for its ability to edit genetic code in a way that may correct defects inside
0 Comments
The infamous Magecart code has struck again, with an attack group this time using it to skim card details from customers of online retailer Newegg for a full month, according to researchers. The US-based, tech-focused e-tailer has yet to release a statement on the news, but RiskIQ, which has been following Magecart closely over the past
0 Comments
Author: Dell SecureWorks Counter Threat Unit™ Threat Intelligence Date: 12 January 2015 Summary Dell SecureWorks Counter Threat Unit(TM) (CTU) researchers discovered malware that bypasses authentication on Active Directory (AD) systems that implement single-factor (password only) authentication. Threat actors can use a password of their choosing to authenticate as any user. This malware was given the
0 Comments
In response to the explosive increase in cryptomining campaigns in Q4 2017, the Cyber Threat Alliance has formed a cryptomining subcommittee to assess the threat. This committee comprises expert researchers from major cybersecurity companies, including McAfee. The committee has now released “The Illicit Cryptocurrency Mining Threat,” an in-depth report on the current state of unlawful
0 Comments
Atlanta-based consumer credit reporting agency Equifax has been issued a £500,000 fine by the UK’s privacy watchdog for its last year’s massive data breach that exposed personal and financial data of hundreds of millions of its customers. Yes, £500,000—that’s the maximum fine allowed by the UK’s Data Protection Act 1998, though the penalty is apparently
0 Comments
Omobola Johnson (Image: Flickr/World Economic Forum under a CC BY-NC-SA 2.0 TechCrunch Startup Battlefield is returning to Africa in December, this time in Lagos, Nigeria. We will have a day-long program full of our flagship Battlefield competition highlighting the best startups that Africa has to offer. Not only that, we’ll have panel discussions designed to