Tagged With malware

0

The disclosure of the Meltdown and Spectre computer vulnerabilities on January 2, 2018 was in many ways unprecedented. It shocked – and scared – even the experts. The vulnerabilities bypass traditional security measures in the computer and affect billions of devices, from mobile phones to massive cloud servers.

We have, unfortunately, grown used to attacks on computer systems that exploit the inevitable flaws resulting from vast conceptual complexity. Our computer systems are the most complex artefacts humans have ever built, and the growth of complexity has far outstripped our ability to manage it.

12

Most internet users wouldn't want to share their browsing history with the rest of the world. (It's one of the reasons incognito mode is so popular.) This is especially true of people who look at questionable online material. So what would you be willing to pay if someone had a secret recording of you watching porn, taken on your webcam?

Predicting the future is near impossible -- but that doesn‘t stop us all from having a red hot go. Human beings have been predicting the future since the beginning of history and the results range from the hilarious to the downright uncanny.

One thing all future predictions have in common: they‘re rooted in our current understanding of how the world works. It‘s difficult to escape that mindset. We have no idea how technology will evolve, so our ideas are connected to the technology of today.

Shared from Gizmodo

1

Security researchers revealed disastrous flaws in processors manufactured by Intel and other companies this week. The vulnerabilities, which were discovered by Google's Project Zero and nicknamed Meltdown and Spectre, can cause data to leak from kernel memory -- which is really not ideal since the kernel is central to operating systems and handles a bunch of sensitive processes.

0

There have been plenty of stories recently about websites, often connected to content piracy and other dodgy activities, running background software that harnesses your computer's resources to mine cryptocurrency wile you're on their site. But, once you close the browser window, the CPU thieves lost access to your processor and associated resources. Malwarebytes has found that some have resorted to a clever trick to keep mining for cryptocurrency even when you've closed the offending browser window.

0

Threat actors, Group 74, have targeted people attending the Cyber Conflict US Conference being held in Washington next month. They have distributed a flyer that delivers a VBA payload. Cleverly, the bad guys copied the text from the real flyer from the conference website and used that to craft their attack. While this isn't a new technique it's interesting that they are specifically focussing on security experts, presumably as a way of boosting their credibility in the hacker community.

0

Most security reports are pretty dull. They tell the same story. The bad guys can get into almost any system, spend weeks or months there, exfitrate data and generally run amok. They use social engineering attacks or exploit vulnerabilities to find their way into networks. But the Carbon Black report, released today focusses on something else - the malware marketplace.

1

Famed white hat hacker Marcus Hutchins -- better known as "MalwareTech" -- was arrested by the FBI yesterday while trying to fly home to the United Kingdom from Las Vegas. The 22-year-old security researcher gained mainstream fame earlier this year as the guy who stopped the destructive WannaCry ransomware from spreading, and had been partying with friends near the Black Hat and Defcon hacker conferences before his arrest. Now, he faces serious federal charges for allegedly creating the Kronos banking trojan. But he's supposed to be the good guy!

0

Security researcher Abhinav Singh works with security firm Netskope and is the author of the Metasploit Penetration Testing Cookbook and Instant Wireshark. I spoke with him at the recent RSA Conference Held in Singapore about how the cloud is the new vector being exploited by threat actors.

0

Although Apple recently patched macOS to detect and block a piece of malware called Fruitfly, that can capture screenshots, keystrokes, webcam images, and information about infected Macs, a variant was discovered by security researchers. And there's no way to stop it yet.

0

Following the WannaCry and Petya/GoldenEye/NoPetya ransomware events, you'd think software companies would be quick to remove the need for SMB 1. This was the protocol exploited by the malware developers that allowed those attacks to spread so quickly. Microsoft has released a lit of developers still demanding SMB 1 support.

3

WannaCry was the first major attack using tools developed from the NSA’s EternalBlue toolkit that were made available to the world following a leak published by Wikileaks. Last night, another ransomware attack was launched and this one doesn’t encrypt files - it encrypts drives.

0

Malicious software on popular mobile platforms such as iOS and Android is at best a nuisance and at worst a security threat to individuals and businesses. Known as malware, some perpetrators use it to infect apps and get inside your smartphone. Why do they do it? Money, mostly.