RiskIQ – Page 7 – WindowsTechs.com

North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season

Posted on December 21, 2017 by Chris Bing

Cybercriminals linked to North Korea appear to be simultaneously targeting point-of-sale (POS) systems as well as cryptocurrency platforms as the annual holiday spike continues in retail stores and the hype surrounding bitcoin surges, according to research by cybersecurity firms Proofpoint and RiskIQ. Reports by the two companies published late Tuesday shine a light on the ways in which hackers are increasingly developing different types of custom attacks to either steal cryptocurrency or infect computers with so-called “cryptojacking” software. The latter involves the covert installation of malicious computer code into compromised web browsers in order to siphon off processing power, which can in turn be used to mine cryptocurrencies. The researchers say the hacks in question are connected to the Lazarus Group, the cybersecurity community’s name for North Korea’s premier cybercrime and cyber-espionage organization. Attacks on the financial system are one of the communist regime’s chief sources of funding as it faces global sanctions […]

The post North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season appeared first on Cyberscoop.

Continue reading North Korean hackers turn focus to cryptocurrency, point-of-sale systems during holiday season→

Comodo, RiskIQ, Forcepoint, and CloudHealth – Enterprise Security Weekly #69

Posted on November 16, 2017 by Paul Asadoorian

Free tools to remove website malware, next-gen CASBs, helping financial services with security, 10 steps to stop lateral movement, and more enterprise security news! Full Show NotesVisit http://securityweekly.com/esw for all the latest episodes!

The post Comodo, RiskIQ, Forcepoint, and CloudHealth – Enterprise Security Weekly #69 appeared first on Security Weekly.

Continue reading Comodo, RiskIQ, Forcepoint, and CloudHealth – Enterprise Security Weekly #69→

Cybercriminals focus on the shipping and cloud storage sectors

Posted on October 23, 2017 by Help Net Security

The Anti-Phishing Working Group’s latest report found upticks in phishing attacks against companies in the Logistics & Shipping as well Cloud Storage & File Hosting sectors, mounted by cyber gangs against the accounts of both individuals and enterprises. Once they steal usernames and passwords, the criminals can then steal not only funds, but also use services to spend spam mail, order goods for resale, and other nefarious ventures. While the report finds that phishing attacks … More → Continue reading Cybercriminals focus on the shipping and cloud storage sectors→

Digital transformation and the loss of security control

Posted on October 18, 2017 by Help Net Security

Unpatched web infrastructure and de-centralised web management practices are leaving UK organisations vulnerable to cyber-attacks and high profile data breaches. New RiskIQ research reveals a loss of control amongst the FT30, expanding their digital attack surface and opening doors to cyber criminals. Summary of risk findings across 99,467 live websites What’s leaving businesses exposed to cyber attack? New insight exposes five key areas leaving businesses exposed to cyber attack as a result of increasing digital … More → Continue reading Digital transformation and the loss of security control→

Tech firms band together to take down Android DDoS botnet

Posted on August 29, 2017 by Zeljka Zorz

An ad-hoc alliance of tech firms has managed to seriously cripple an Android-based botnet that was being actively used to DDoS multiple content providers. The botnet, dubbed WireX by the researchers, consisted of Android devices with malicious apps installed. In fact, in the wake of the discovery, Google has pulled some 300 such apps from Google Play, began removing them remotely from affected users’ devices, and blocked them from being installed. The malicious apps The … More → Continue reading Tech firms band together to take down Android DDoS botnet→

Mobile WireX DDoS Botnet ‘Neutralized’ by Collaboration of Competitors

Posted on August 28, 2017 by Michael Mimoso

A large botnet of Android devices called WireX is responsible for large-scale application-layer DDoS attacks against businesses in the hospitality, porn and gambling industries.
Continue reading Mobile WireX DDoS Botnet ‘Neutralized’ by Collaboration of Competitors→

How to spot malicious mobile apps

Posted on August 17, 2017 by Zeljka Zorz

The pervasiveness of smartphones has resulted in an onslaught of mobile apps, and it’s pretty safe to say that, by now, there is an app for every imaginable purpose. Unfortunately, among the many helpful ones are also many malicious apps – no app market is safe from them. Fortunately, there are ways to spot such apps. RiskIQ researchers have been monitoring over 120 mobile app stores around the world, and based on their findings, they … More → Continue reading How to spot malicious mobile apps→

Trump’s Dumps: ‘Making Dumps Great Again’

Posted on May 26, 2017 by BrianKrebs

It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for these shops that run continuously on various cybercrime forums. Exhibit A: McDumpals, a hugely popular carding site that borrows the Ronald McDonald character from McDonald’s and caters to bulk buyers. Exhibit B: Uncle Sam’s dumps shop, which wants YOU! to buy American. Today, we’ll look at an up and coming credit card shop called Trump’s-Dumps, which invokes 45’s likeness and promises to “make credit card fraud great again.” Continue reading Trump’s Dumps: ‘Making Dumps Great Again’→

Trump’s Dumps: ‘Making Dumps Great Again’

Posted on May 26, 2017 by BrianKrebs

NoTrove threat actor delivering millions of scam ads

Posted on April 26, 2017 by Help Net Security

Researchers at RiskIQ have identified NoTrove, a threat actor that is delivering millions of scam ads that threaten consumers and further undermine the digital advertising industry. NoTrove was so effective that one of his pages ranked as one of the internet’s most visited pages for one day. Earliest observed instance of NoTrove The online ad scams work by serving up attractive but disingenuous ads on legitimate websites. The ads might offer bogus surveys or free … More → Continue reading NoTrove threat actor delivering millions of scam ads→