The cryptominer that kept coming back

Posted on May 30th, 2019 by Responsible Cyber

by John E Dunn One of computer security’s special frustrations is the phenomenon of malware that keeps re-infecting a system no matter how many times defenders think they’ve cleaned it. This was the puzzle that recently confronted Sophos Support when it was called in to investigate the mystery of an internet-facing Apache Tomcat web server […]

Read More

What is malware? How to prevent, detect and recover from it

Posted on May 23rd, 2019 by Responsible Cyber

Malware definition Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. As Microsoft puts it, “[malware] is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network.” […]

Read More

Alphabet’s Chronicle Explores Code-Signing Abuse in the Wild

Posted on May 23rd, 2019 by Responsible Cyber

A new analysis highlights the prevalence of malware signed by certificate authorities and the problems with trust-based security. Researchers with Chronicle, the cybersecurity company and Alphabet subsidiary, today published an analysis of its investigation into the trend of signed malware being exploited in the wild. The process of cryptographically signing code was created to give […]

Read More

Legal Threats Make Powerful Phishing Lures — Krebs on Security

Posted on May 23rd, 2019 by Responsible Cyber

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Such scams typically notify the recipient that he/she is being sued, and instruct them to review the attached file and respond within a few days — or else. Here’s a look at a recent spam campaign that […]

Read More

Python-Based Bot Scanner Gorging on Recon Intel

Posted on April 6th, 2019 by Responsible Cyber

Discovered by AT&T AlienLabs, new malware Xwo seeking default creds and misconfigurations in MySQL and MongoDB, among other services A new Python-based bot scanner is snaking its way through Internet resources, seeking out exposed Web services and default passwords on critical network resources. The information grab doesn’t yet appear to be weaponized, but researchers believe […]

Read More

The 6 biggest ransomware attacks of the last 5 years

Posted on April 5th, 2019 by Responsible Cyber

Malware that holds data for ransom has been around for years. In 1991, a biologist spread PC Cyborg, the first ever ransomware, by sending floppy disks via surface mail to other AIDS researchers, for instance. In the mid ’00s Archiveus was the first ransomware to use encryption, though it’s long ago been defeated and you […]

Read More

What is spyware? How it works and how to prevent it

Posted on March 30th, 2019 by Responsible Cyber

Spyware definition Spyware is a broad category of malware designed to secretly observe activity on a device and send those observations to a snooper. That data can be used to track your activity online and that information can be sold to marketers. Spyware can also be used to steal personal information, such as account passwords […]

Read More

What is malvertising? And how to protect against it

Posted on March 24th, 2019 by Responsible Cyber

Malvertising definition Malvertising, a word that blends malware with advertising, refers to a technique cybercriminals use to target people covertly. Typically, they buy ad space on trustworthy websites, and although their ads appear legitimate, they have malicious code hidden inside them. Bad ads can redirect users to malicious websites or install malware on their computers […]

Read More

Criminals Use One Line of Code to Steal Card Data from E-Commerce Sites

Posted on March 15th, 2019 by Responsible Cyber

New JavaScript sniffer is similar to malware used in the Magecart campaign last year that affected over 800 sites. Criminals using just one line of malicious code have successfully compromised at least seven e-commerce sites and potentially stolen payment card data belonging to thousands of customers of the online stores. Six of the e-commerce sites […]

Read More

Qbot malware resurfaces in new attack against businesses

Posted on March 14th, 2019 by Responsible Cyber

The decade-old Qbot financial malware has resurfaced with an improved version in a new attack against businesses that has infected thousands of systems so far. Researchers from data security solutions provider Varonis have uncovered the attack after a customer alerted them about suspicious activity on a computer. The culprit turned out to be an infection […]

Read More