Welcome Guest | Sign In
TechNewsWorld.com
3 WannaCry Talking Points to Win Security Buy-In
June 21, 2017
By this point, most technology practitioners -- and nearly all security practitioners -- know about WannaCry. In fact, you might be sick of people analyzing it, rehashing it, sharing "lessons learned" about it, and otherwise laying out suggestions -- in some cases, contradictory -- about what you might do differently in the future. The level of unsolicited advice can border on the annoying.
Kaspersky to US: Check Our Source Code
May 27, 2017
Cybersecurity expert Eugene Kaspersky reportedly has volunteered to turn over his company's software source code to allay fears about possible ties with the Russian government. Kaspersky made the offer public at CeBIT Australia last week. Some U.S. officials have expressed concerns that Kaspersky Lab might have a close working relationship with the Russian government.
Report: Cybersecurity Dangerously Lax at Mar-a-Lago
May 19, 2017
Internet security at Mar-a-Lago -- the private club President Trump owns and has dubbed the "Southern White House" -- is weak, based on a recent investigation. Trump has used the resort to meet with staffers and foreign heads of state on official business. In February, he took a call about a North Korean ballistic missile launch in Mar-a-Lago's dining room, with members and waiters present.
Massive Ransomware Attack Reaps Meager Profits
May 17, 2017
The WannaCry ransom attack that quickly circled the globe last week is not yet fully contained. So far, it has impacted more than 300,000 computers in 150 countries. However, one of the remarkable things about it is that only a trifling $100,000 in ransom, give or take, apparently has been paid. That represents a surprisingly low response from an attack generally considered the biggest ever.
Microsoft Bashes NSA Following Massive Ransomware Attacks
May 15, 2017
Microsoft this weekend unleashed its wrath on the National Security Agency, alleging it was responsible for the ransomware attack that began last week and has spread to thousands of corporate, government and individual computer systems around the world. Microsoft Chief Legal Officer Brad Smith launched a blistering attack on the NSA and governments worldwide.
British Hospitals, FedEx Among Thousands Hit by Ransomware
May 13, 2017
Authorities are investigating a massive ransomware attack that reportedly hit more than 45,000 computers in 74 countries worldwide, including the UK's NHS England national health service, international delivery service FedEx, and Spanish telecom firm Telefonica. Security experts have linked the exploit to an earlier leak by the Shadow Brokers, who allegedly pilfered hacking tools from the NSA.
The IoT's Scramble to Combat Botnets
May 11, 2017
With shadowy botnet armies lurking around the globe and vigilante gray-hat actors inoculating susceptible devices, the appetite for Internet of Things security is stronger than ever. "If you throw IoT on a con talk, you've got a pretty good chance to get in," remarked information security professional Jason Kent, as he began his presentation at Chicago's Thotcon conference last week.
Millions May Have Picked Up FalseGuide Malware at Google Play Store
April 26, 2017
As many as 2 million Android users might have downloaded apps that were infected with the FalseGuide malware, security research firm Check Point warned on Monday. The oldest of the infected apps could have been uploaded to Google Play as long ago as last November, having successfully remained hidden for five months, while the newest may have been uploaded as recently as the beginning of April.
New Strain of Linux Malware Could Get Serious
April 25, 2017
A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat. Eset disclosed the threat, which represents a new Lua family unrelated to previously seen LuaBot malware. Linux/Shishiga uses four protocols -- SSH, Telnet, HTTP and BitTorrent -- and Lua scripts for modularity, wrote Detection Engineer Michal Malik and Eset researchers.
WikiLeaks Exposes CIA's Device Surveillance Tricks
March 23, 2017
WikiLeaks has released more Vault 7 documentation online, including details about several CIA projects to infect Apple's Mac computer firmware and operating system. The site unloaded its first batch of stolen Vault 7 data earlier this month. The CIA's Embedded Development Branch developed malware that could persist even if the targeted computer were reformatted and its OS were reinstalled.
Malware Found Preinstalled on Dozens of Android Phones
March 13, 2017
Malware has been discovered preinstalled on 36 Android phones belonging to two companies, security software maker Check Point reported. "In all instances, the malware was not downloaded to the device as a result of the users' use -- it arrived with it," noted Oren Koriat, a member of Check Point's Mobile Research Team. The malicious apps were added somewhere along the supply chain.
Microsoft Seeks Global Cybersecurity Accord
February 18, 2017
Microsoft has called on governments around the world to create a "digital Geneva Convention" as a way to normalize international cybersecurity rules and protect civilian use of the Internet. President Brad Smith, who is also Microsoft's chief legal officer, addressed the issue at the annual RSA conference held earlier this week, saying that governments need to establish international rules.
Hackers Targeted DC Police Cams Days Before Inauguration
January 31, 2017
A ransomware attack darkened the video surveillance system of the District of Columbia's police department eight days before the presidential inauguration of Donald J. Trump. Video storage devices for 70 percent of the CCTV system reportedly were unable to record anything between Jan. 12 and Jan. 15, as police techies scrambled to combat malicious software found on 123 of 187 networked video recorders.
Microsoft Hardens Latest Windows Version Against Hackers
January 17, 2017
Microsoft has fortified the latest version of Windows to make it more secure than previous editions, but the strongest protections will be available only to those willing to pay a steep price for them. Windows 10 Anniversary Update has introduced many mitigation techniques in core Windows components and the Microsoft Edge browser, researchers Matt Oh and Elia Florio wrote in a blog post last week.
Las Vegas Captures Ransomware Crown
January 7, 2017
Las Vegas is arguably the gambling capital of the world, but it's also the king city for ransomware, based on recent research. Among the world's nations, the United States ranked highest in ransomware incidents, according to a Malwarebytes report on the prevalence and distribution of extortion apps. The area of the country that logged the most incidents was the Las Vegas-Henderson, Nevada, region.
Ransomware Fighters Get New Free Tool
December 7, 2016
Ransomware has become a gold mine for digital criminals. In the first three months of this year, electronic extortionists squeezed $209 million from victims desperate to recover their data after it was scrambled by the malicious software, based on FBI estimates. At that rate, ransomware could funnel as much as $1 billion into criminal coffers this year.
Multinational Effort Halts Malware Avalanche
December 6, 2016
The DoJ on Monday released new details about the multinational takedown of Avalanche, a multimillion-dollar malware and money-laundering network, following a four-year probe led by German police and prosecutors. Assistant Attorney General Leslie R. Caldwell, Acting U.S. Attorney Soo C. Song and Assistant Director Scott S. Smith of the FBI's Cyber Division made the announcement in Pittsburgh.
Gooligan Ransacks More Than 1M Android Accounts
December 2, 2016
More than 1 million Google accounts have been breached by Android malware dubbed "Gooligan," Check Point reported Wednesday. The malware roots infected devices and steals authentication tokens that can be used to access data from various Google apps including Gmail, Google Docs, G Suite and Google Drive. It potentially affects devices running Android 4 and 5.
Facebook Denies Ransomware Infiltration
November 29, 2016
Facebook has denied that its network and Messenger app were being used to spread ransomware to its users, contradicting the claims of a security firm. Two Check Point researchers last week reported they had discovered a new method for delivering malicious code to machines, which they dubbed "ImageGate." Threat actors had found a way to embed malicious code into an image, they said.
SF Muni Hack a Wake-Up Call for Public Systems
November 28, 2016
The San Francisco Municipal Transportation Authority, or SF MTA, was hacked on Friday. "You Hacked, All Data Encrypted," was the message reportedly displayed on computer screens at the authority's stations throughout the city. "Contact for Key (cryptom27@yandex.com)ID:681 , Enter." Fare payment machines at underground stations were out of order, resulting in free rides.
Google Clamps Down on Sneaky Malicious Sites
November 16, 2016
Sites that repeatedly violate Google's safe browsing policies will be classified as repeat offenders, the company said. A small number of websites take corrective actions after Google displays alerts on their landing pages warning visitors that they're harmful. However, they typically revert to violating the policies after Google verifies that they're safe and removes the warnings.
Defeating Malware With Its Own DNA
November 11, 2016
It's widely known that human DNA evidence has had a major impact in the criminal justice system. Now another kind of DNA may have a similar impact in the fight to eradicate malicious software. Malware DNA, also known as "malware provenance," is the art and science of attributing elements of one object to another object. The technique has applications outside information security -- for example, in genetics, or to test the authorship of student papers.
Election Day Cybershenanigans Highlight Need to Shore Up Security
November 10, 2016
Hackers last week launched DDoS attacks against both presidential candidates' campaign websites. The attacks were routed through HTTP Layer 7 of the OSI protocol. There were at least four 30-second attacks reported. "The websites were not penetrated by a cyberintrusion," said John Costello, a senior analyst at Flashpoint. The attackers were unsophisticated hackers and not a nation-state.
Bot Armies Boost Candidates' Popularity on Twitter
October 29, 2016
Internet bots have many useful online purposes, but they have a dark side, too, as three researchers demonstrated in their analysis of Twitter traffic during the first presidential debate between Hillary Clinton and Donald Trump. Bots are used to automate functions on the Net. For example, if you belong to several social networks, you could use a bot to post a photo to all of them at once.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
IoT Could Become Playground for Botnets Gone Wild
October 6, 2016
The source code for Mirai, the malware behind the botnet that launched a massive attack on the Krebs on Security website -- the largest DDoS attack on record -- has been released in the wild, according to Brian Krebs. A hacker who goes by the handle "Anna-senpai," apparently because of increased scrutiny from the cybersec industry, last week announced the release on Hackforums, Krebs said.
Feds Probe Alleged Phone Hacks as Election Fears Surge
October 4, 2016
Federal authorities have been investigating reports that hackers targeted the mobile phones of a handful of Democratic Party staffers. The news follows a series of breaches in recent months that revealed emails and other personal information of party staffers and other Democratic officials. The FBI has launched an investigation into the attacks, which may be linked to Russia.
Hacking Elections Is Easy, Study Finds
September 30, 2016
It's no longer a question whether hackers will influence the 2016 U.S. elections -- only how much they'll be able to sway them. Leaked emails already have cost a Democratic Party chairperson her job, and the FBI last month issued a flash warning that foreign cyberadversaries had breached two state election databases. Those two states -- most likely Arizona and Illinois -- aren't alone.
Cisco Battles Shadow Broker Exploits
September 28, 2016
Cisco has swung into action to combat a hacker group's exploitation of vulnerabilities in its firmware. The group, known as the "Shadow Brokers," released online malware and other exploits possibly stolen from the Equation Group, which is believed to have ties to the U.S. National Security Agency. Cisco earlier this month disclosed the vulnerability, even though patches were not yet ready.
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS
What do you think of today's voice recognition technology?
It's great -- the tech has improved vastly in recent years.
It's the wave of the future, but quality is still hit or miss.
I like it for texting, especially when I'm driving.
I only use it when I have to, like with IVR systems.
I avoid using it, because most voice systems are still terrible.
It's an unnecessary frill that I can easily live without.