Collaborate Disseminate
The federal computer crime law prohibits “computer trespass.” This includes both “accessing” a computer without authorization, and “exceeding the scope of authorization” to access a computer. If these terms seem vague and ambiguous to you, well,… Continue reading What the Van Buren Case Means For Security Researchers
This year’s Virus Bulletin conference featured top-tier research from some of the world’s best threat intelligence experts. Continue reading Slideshow: Intel from Virus Bulletin 2018
An updated version of a popular credential-stealing malware variant has been paired with ransomware to send thousands of emails in North America, according to new research. Within a day of hackers releasing an update of the trojan malware known as AZORult to underground forums, a “prolific actor” had coupled it with the Hermes ransomware, according to research from email security company Proofpoint. The hybrid malware campaign targeted email users with job-related subject lines that came with malicious attachments, Proofpoint said. The company attributed the campaign to a hacking group it dubbed TA516, which has used similar tricks to install banking trojans or a Monero cryptocurrency miner. The Hermes 2.1 variant used in the attack first emerged in November 2017 and was used in an attack on a Taiwanese bank that has been linked with North Korea. However, there isn’t any evidence to suggest at this point that TA516 is linked […]
The post Malware-ransomware combo campaign hits North American inboxes appeared first on Cyberscoop.
Continue reading Malware-ransomware combo campaign hits North American inboxes
Spyware made by a notorious vendor has been used to target critics of the Turkish government via Twitter, according to digital rights advocacy group Access Now. Attackers used spyware from FinFisher to target protestors focused on the Turkish government in 2017, Access Now said in a report. Hackers allegedly used Twitter-linked malicious websites to install spyware on activists’ phones. The perpetrators used a “benign-looking mobile application” as cover for the FinFisher spyware, which was part of “a broad social engineering attack” against opponents of Turkey’s ruling party, the report stated. “The broad and aggressive use of [the spyware] to target individuals involved in the March for Justice movement in Turkey provides a rare window into the current deployment of FinFisher,” Access Now said. “It gives us new clues and patterns of behavior of how social media is used in conjunction with the malware…” the organization added. There is evidence that surveillance […]
The post Spyware campaign targets Turkish dissidents, research shows appeared first on Cyberscoop.
Continue reading Spyware campaign targets Turkish dissidents, research shows
Dropbox updated its vulnerability disclosure policy Wednesday, not only looking to clarify its relationship with cybersecurity researchers, but also attempting to set a standard for the rest of the tech industry. The San Francisco file-hosting company said the move is a response to “decades of abuse, threats, and bullying” against researchers who find and describe bugs in commercial software. Lawsuits are common, and journalists as well as traditional researchers can be caught up in fights over vulnerability disclosures. The highest-profile ongoing lawsuit is Keeper Security’s defamation suit against Ars Technica journalist Dan Goodin about an article that described flaws in Keeper’s password manager. Dropbox’s new policy — which the company invited others in the industry to use as a template — was updated with the following elements: A clear statement that external security research is welcomed. A pledge to not initiate legal action for security research conducted pursuant to the policy, including good faith, […]
The post Dropbox revamps vulnerability disclosure policy, with hopes that other companies follow suit appeared first on Cyberscoop.
Cybersecurity companies spend a lot of money on their research and the infrastructure they build to conduct it, so it’s counter-intuitive that they would give it away — but that’s exactly what two of the biggest firms are doing this summer. Comodo recently announced Comodemia, a program that would make its vast database on more than 120 million malware incidents — and the analytics engines used to mine it for insights — available online for university, government, and nonprofit researchers and educators. “Many researchers currently spend the majority of their time building the tools and the environment they need to do code compiling, malware analysis, phishing detection … It can take months before the real research can even begin,” explained Fatih Orhan, Comodo’s vice president of threat labs. “That’s where we can offer a benefit.” A list of features Comodemia would offer include: “A feed, accessible in realtime of all the threat data we collect […]
The post Security companies give public free way to sift through malware research appeared first on Cyberscoop.
Continue reading Security companies give public free way to sift through malware research
A sweeping malware campaign has infected more than 250 million computers around the world in what cybersecurity firm Check Point Software Technologies is calling the “largest infection operation in history.” The malware, known as “Fireball,” is designed to turn web browsers into “zombies,” — dummy browsers that collect private information — but has potential for causing “global catastrophe,” Check Point says. Fireball is linked to software distributed by Chinese digital marketing agency and app developer Rafotech, which allegedly uses the malware to spy on and control web browsing to increase traffic and boost ad revenue, according to Check Point. Fireball is also capable of running code and downloaded files and other malware, Check Point reported, stating that the sophisticated software has the potential to cause much more damage due to its capabilities as a malware downloader. “These actions can have serious consequences,” Check Point wrote in a blog Thursday. “How severe […]
The post Report: Malware campaign linked to Chinese ad firm infects 250 million computers appeared first on Cyberscoop.
Continue reading Report: Malware campaign linked to Chinese ad firm infects 250 million computers