by CIRT Team
Latest Cybercrime Threat: Device Cloning [source: americanbanker]
While much of the banking industry is distracted by the recent spate of distributed denial of service attacks, a new wave of cybercrime is about to hit online and mobile banking users’ devices. In this scheme, crooks are creating virtual machines that are clones of customers’ real computers or mobile devices, including their IP addresses. Then many of the methods banks use to authenticate a customer...
Read More
by CIRT Team
Hermes Ransomware [source: enigmasoftware]
Hermes Ransomware Description The Hermes Ransomware was first observed in the wild on February 13, 2017. The Hermes Ransomware is a ransomware Trojan that identifies the files encrypted during its attack with the file extension ‘.HERMES.’ The Hermes Ransomware carries out a typical ransomware attack, which involves encrypting the victims’ files to demand the payment of a ransom. If your computer has been infected with...
Read More
by CIRT Team
How will WPA3 improve WiFi security? [source: welivesecurity]
In October 2017, researchers made public a serious vulnerability in WPA2, the security protocol that protects most of today’s WiFi networks. This discovery put the protocol’s security in the spotlight and led to discussions about the need for a new standard. Finally, the WiFi Alliance, the organization that certifies WiFi devices, announced WPA3, a new and enhanced authentication protocol that is set to be rolled out in 2018....
Read More
by CIRT Team
Researcher found multiple vulnerabilities in NETGEAR Routers [source: securityaffairs]
Security researchers Martin Rakhmanov from Trustwave conducted a one-year-study on the firmware running on Netgear routers and discovered vulnerabilities in a couple of dozen models. Netgear has just released many security updates that address vulnerabilities in a couple of dozen models. The vulnerabilities have been reported by security researchers Martin Rakhmanov from Trustwave, which conducted a one-year-study on the firmware running on Netgear’s box. Users are recommended...
Read More
by CIRT Team
PoS Malware Steals Credit Card Data via DNS Requests [source: bleepingcomputer]
Malware hunters from US security firm Forcepoint have stumbled across a new strain of Point of Sale (PoS) malware, the second such type of PoS malware that hides stolen credit/debit card information inside DNS requests. The first PoS malware that was first seen employing this technique was a lesser known version of the NewPosThings PoS malware —named MULTIGRAIN—, discovered in April 2016 by fellow US cyber-security...
Read More
by CIRT Team
SECaaS Is Where It’s At: Why Security-as-a-Service Is the Next Big Thing[securityintelligence]
In our personal lives, we consume a huge number of services on demand, from music and television to travel and food. As consumers, we expect to be able to access services monthly, paying only for what we need and leaving the complicated details, such as owning physical assets, upgrading software and making improvements, to the experts. It makes sense that business leaders are beginning to...
Read More
by CIRT Team
When crypto-mining malware hits a SCADA network[source: helpnetsecurity]
Stealthy crypto-mining is on track to surpass ransomware as cybercriminals’ most favorite money-making option, and companies with computers and servers that run all day and night long are the preferred targets. This could be more than just a nuisance to the companies – it could seriously affect business operations and render some companies unable to operate for days and even weeks. In some instances, namely when the...
Read More
by CIRT Team
New 0-Day Ransomware Evades Microsoft, Google Cloud Malware Detection[darkreading]
Shurl0ckr, a form of Gojdue ransomware, was not detected on SharePoint or Google Drive. Google Drive and Microsoft Office 365, both of which have built-in malware protection, failed to identify a new form of Gojdue ransomware dubbed Shurl0ckr. The zero-day ransomware evaded most major antivirus platforms: only seven percent of 67 tested tools detected it. Researchers on the Bitglass Threat Research Team discovered Shurl0ckr during...
Read More
by CIRT Team
Scammers Use Download Bombs to Freeze Chrome Browsers on Shady Sites[bleepingcomputer]
The operators of some tech support scam websites have found a new trick to block visitors on their shady sites and scare non-technical users into paying for unneeded software or servicing fees. The trick relies on using JavaScript code loaded on these malicious pages to initiate thousands of file download operations that quickly take up the user’s memory resources, freezing Chrome on the scammer’s site....
Read More
by CIRT Team
Researcher Bypasses Windows Controlled Folder Access[source: bleepingcomputer]
A security researcher has found a way to bypass the “Controlled Folder Access” feature added in Windows 10 in October 2017, which Microsoft has touted as a reliable anti-ransomware defensive measure. This feature, described in more depth in this Bleeping Computer review, is part of the Windows Defender antivirus built into all versions of Windows 10. Users who updated to the Windows 10 Fall Creators Update...
Read More
