Nuclear facilities are wide open to cyber attacks You would think that, given the potential disastrous consequences of a successful hack, the computer systems and networks of nuclear facilities would be better secured against cyber intrusions. Unfortunately, you would be wrong. According to a Chatham House report published today, “the trend to digitization, when combined…
Scottrade Breach Affects 4.6 Million Customers Discount brokerage firm Scottrade began firing off emails late last week, warning customers that as a result of a breach, their names and street addresses may have been stolen from its system. Scottrade’s statement on the incident, published on its site last Thursday doesn’t exactly rule out that more…
Microsoft anti-surveillance website was hacked A website used by Microsoft to challenge the U.S. federal government’s policies on matters of privacy and surveillance has allegedly been hacked. According to ZDNet, Digital Constitution appears to have been modified at 9:15 pm EDT on Wednesday, with casino-related text — including keywords used to garner greater search engine…
Locker ransomware author apologises posts decrypt keys New trends in malware are always a hot security topic, with experts trying to predict what might come next and determine how companies can best protect their assets. It’s unlikely, however, that anyone saw this coming: The author of the file-encrypting Locker ransomware has publicly apologized and provided…
Stegosploit Future of Steganography Hide Code in Images “A good exploit is one that is delivered with style” The line reads in the report released by Net-Square CEO Saumil Shah at Hack in the Box Conference at Amsterdam this year. Saumil Shah is a hacker by profession. He has uncovered such a mind-boggling technique at the conference,…
Attackers use email spam to infect point-of-sale terminals with new malware Cybercriminals are targeting employees who browse the Web or check their email from point-of-sale (PoS) computers, a risky but unfortunately common practice. Researchers from security firm FireEye recently came across a spam campaign that used rogue email messages masquerading as job inquiries. The emails…
Breach Detection Five fatal flaws and how to avoid them When the Sarbanes-Oxley Act of 2002 was passed, it fell on corporate security teams to translate its requirements into technical controls. That threw the IT Security function into the deep end of the pool, and it has been sink or swim ever since. The Sarbanes…
Dyre Trojan Bypasses Detection, Assessment by Sandboxing Seculert the security company has said that its researchers have just stumbled upon the banker Trojan Dyre in one fresh version which applies a certain cunning, yet simple methodology for preventing analysis by bypassing sandboxes, published securityweek.com dated May 1, 2015. Explaining Dyre’s evasive methodology, Seculert states that…
Banking Trojan delivered to companies via macro-based malware Cybercriminals continue targeting enterprises with malicious emails whose ultimate goal is to infect company computers with the Dyre/Dyreza banking malware. But instead of delivering the Upatre downloader to function as the way in for Dyre, the latest email runs take advantage of another successful approach that has…
New crypto-ransomware quarantines files downloads info-stealer Trend Micro researchers have found and analyzed a new piece of crypto-ransomware: CryptVault encrypts files, makes them look like files quarantined by an AV solution, asks for ransom and, finally, downloads info-stealer malware.It arrives on target computers after the user has been tricked into downloading and running a malicious…
