Political parties are still struggling with cybersecurity basics

Political parties in Europe and the U.S. have cybersecurity practices that fail to meet basic standards, leaving them vulnerable to hackers and foreign influence operations with elections rapidly approaching, according to security researchers. An assessment of 29 political parties in 11 countries released Tuesday by SecurityScorecard found that a party in France relies on end-of-life technology that has not had a security update in four to five months, for example. There also is a strain of malicious software emanating from an IP address assigned to an economic subcommittee of the European Union in Brussels right now, SecurityScorecard’s Director of Threat Intelligence, Paul Gagliardi, tells CyberScoop. And while American political parties tend to fare better than European political parties, according to the report, the Democratic National Committee and the Republican National Committee still have weak spots. Malware in the EU The details of the report arrive just as the European Parliament elections kick off Thursday. The malware SecurityScorecard […]

The post Political parties are still struggling with cybersecurity basics appeared first on CyberScoop.

Continue reading Political parties are still struggling with cybersecurity basics

Inside the RIG Exploit Kit

In a deep analysis of RIG, Cisco Talos team outlined the way the exploit kit combines different web technologies such as DoSWF, JavaScript, Flash and VBscript to obfuscate attacks. Continue reading Inside the RIG Exploit Kit

Gamarue, Nemucod, and JavaScript

JavaScript is now being used largely to download malware because it’s easy to obfuscate the code and it has a small size. Most recently, one of the most predominant JavaScript malware that has been spreading other malware is Nemucod. This JavaScript trojan downloads additional malware (such as Win32/Tescrypt and Win32/Crowti – two pervasive ransomware trojans… Continue reading Gamarue, Nemucod, and JavaScript