Pirate IPTV Subscription Services Now a $1+ Billion Industry

Digital Citizens Alliance and NAGRA released a joint report revealing that illegal piracy subscription services — Internet Protocol Television (PS IPTV) — are now a $1+ billion industry. “Money for Nothing” describes an ecosystem of retailers and wholesalers enabled by legal businesses and consumed by at least nine million U.S. households. The report also looks into its infrastructure, supply chain, and ad-supported business models. Piracy injures consumers via malware among other risks. Continue reading Pirate IPTV Subscription Services Now a $1+ Billion Industry

ThiefQuest Is New Ransomware and Spyware Aimed at Macs

K7 Labs malware researcher Dinesh Devadoss discovered a new form of malware aimed at Mac computers. ThiefQuest (originally dubbed EvilQuest, until researchers discovered that’s the name of a Steam game) isn’t simply ransomware but also contains spyware that allows it to exfiltrate an infected computer’s files, search it for passwords and cryptocurrency wallet data, and nab passwords and credit card numbers. Even after a computer reboots, the spyware lingers as a backdoor that could be used for a second-stage attack. Continue reading ThiefQuest Is New Ransomware and Spyware Aimed at Macs

Ransomware Attacks Increase and Demand Bigger Payouts

An increasing number of cities, hospitals and businesses are being attacked by ransomware, by which bad actors shut down the victim’s computer network until a ransom is paid. Up until now, these attacks have been hard to measure since many of those impacted quietly paid the ransom without notifying any authorities. Security firm Emsisoft just reported a 41 percent increase in ransomware attacks between 2018 and 2019, with 205,280 businesses and other groups submitting evidence of such intrusions in 2019. Continue reading Ransomware Attacks Increase and Demand Bigger Payouts

Las Vegas Was a Target of Cyberattack While Hosting CES

Early Tuesday morning, just as CES 2020 was getting underway, the team that monitors computers for Las Vegas detected a potential cyberattack as the city’s systems were reportedly compromised. While city officials tweeted about the breach, the information was light on details regarding which operations had been affected or the extent of the attack. The timing was unfortunate, since the annual CES confab is one of the largest events in Las Vegas. Last year, the show attracted more than 175,000 people and 4,400 exhibitors, including a number of Fortune 500 companies. Continue reading Las Vegas Was a Target of Cyberattack While Hosting CES

Games Are Targets for Ransomware and Credential Stuffing

Cybersecurity firm Cyren recently discovered Syrk, a free tool that allows players to cheat at video game “Fortnite.” It also learned that Syrk can disable anti-malware software and encrypt batches of user files for ransom. Akamai has reported a significant rise in so-called credential-stuffing attacks, by which criminals use stolen identities in automated attacks to break into accounts. Akamai found 55 billion credential stuffing attacks from November 2017 to the end of March 2019. Gaming sites had 12 billion of these attacks. Continue reading Games Are Targets for Ransomware and Credential Stuffing

Why Adware Is the Most Intrusive Malware on Our Devices

Adware is the flavor of malware that the ordinary person is most likely to encounter on a smartphone or browser. Aimed at generating profits, adware sneaks ads into apps and browsers, with advertisers paying developers based on the number of people who load them. The smartphone is the ideal environment for this version of malware, via apps sold in Apple’s App Store or Google Play Store. Ad malware largely goes unnoticed because its main impact (besides relentlessly serving ads) is to slow down the device. Continue reading Why Adware Is the Most Intrusive Malware on Our Devices

Cyber Threat Alliance’s Early Sharing Aims to Stop Hackers

The nonprofit Cyber Threat Alliance (CTA) has organized its members, which includes some big tech companies such as Cisco, McAfee, Palo Alto Networks and Symantec, to share knowledge about software bugs and hacking threats, to alert their customers and limit the damage. To do so, the companies have decided to put cybersecurity ahead of the competition. Dubbed “early sharing,” the strategy goes into action as government-linked groups in China, Iran, North Korea and Russia run devastating hacking campaigns. Continue reading Cyber Threat Alliance’s Early Sharing Aims to Stop Hackers

Microsoft Warns Windows Bug May Be Abused by Hackers

Facebook, Intel and Microsoft announced bugs in their software this week. Facebook patched WhatsApp to prevent hackers from using it to install spyware on mobile phones. Intel described its efforts to fix a problem with its chipsets that allow attackers to access private data. Now Microsoft warned that it just patched a bug similar to the WannaCry ransomware crypto-worm that attacked computers around the globe in 2017. The company said that, to its knowledge, no one yet had exploited the Windows vulnerability. Continue reading Microsoft Warns Windows Bug May Be Abused by Hackers

Municipalities Increasingly Targeted for Ransomware Attacks

Cyber criminals recently hacked the municipal computers of Rockport, Maine, demanding $1,200 in Bitcoin to unlock them. That’s just one example of a surge of ransomware aimed at municipal computer systems, both large and small, including the city of Atlanta and a St. Louis library system. According to Ponemon Institute, an information systems research firm, these kinds of public sector hacks are increasing faster than those on private ones. City officials are often unprepared to deal with the consequences. Continue reading Municipalities Increasingly Targeted for Ransomware Attacks

Microsoft Sees Significant Corporate Upgrades to Windows 10

Microsoft Windows got a boost due to the increase in cyberattacks, with a 21 percent jump in sales of Windows 10 licenses last quarter, mainly to corporate clients; a 21 percent lift in bulk sales of Windows licenses and cloud services; and an expected growth of 13 percent in the current quarter. Although Windows is the most widely used operating system worldwide, PC shipments have seen no growth, says International Data Corp. Instead, the Windows 10 sales indicate a widespread move to update older software versions. Continue reading Microsoft Sees Significant Corporate Upgrades to Windows 10

Unregulated IoT Devices Now Entry Point for Elaborate Hacks

The Internet of Things is more vulnerable than previously proven. Up until now the most common attack via IoT device has been to enlist thousands of them into botnets. Another method of attack is to find entry via a weak IoT device to conduct a ransomware attack. Now, IoT security firm Senrio has demonstrated that attackers can jump from one IoT device to another, without moving through PCs and servers, making their path even harder to discover. In other words, one vulnerable IoT device can create network disruption. Continue reading Unregulated IoT Devices Now Entry Point for Elaborate Hacks

Machine Learning Used in Detection of Harmful Android Apps

The Google Play Protect detection service, which scans Android apps for malicious activity, is enabled on more than 2 billion devices and detected 60.3 percent of Potentially Harmful Apps (PHAs) in 2017 using machine learning, according to Google’s Android Security 2017 Year in Review report. Google removed over 700,000 apps for violating its policies last year. While Play Protect uses a variety of tactics, machine learning is highly effective for catching PHAs, detecting things like inappropriate content, impersonation, and malware.

Continue reading Machine Learning Used in Detection of Harmful Android Apps

WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable

According to researchers, the WPA2 protocol for Wi-Fi connectivity contains a significant weakness that makes it vulnerable to attackers. A hacker within range of connected devices would reportedly be able to exploit this weakness to hijack passwords, emails and other “encrypted” data, or even place ransomware into a website the user is visiting. The research, which has been ongoing for weeks, reveals that the WPA2 core vulnerability could affect operating systems and devices including Android, Linux, OpenBSD, MediaTek, Linksys, macOS and Windows. Continue reading WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable

Goldman Sachs Exploring Creation of a Bitcoin Trading Desk

Goldman Sachs Group, in the early stages of considering whether to start a trading operation for Bitcoin, could become the first blue-chip Wall Street company to deal directly in the virtual currency. If it does so, it will give Bitcoin more credibility among investors. Bitcoin and other virtual currencies were first used and are still perceived as commonly used for illegal activities. The currency is still controversial, banned by China and deemed a “fraud” by J.P. Morgan Chase & Co. chief executive James Dimon. Continue reading Goldman Sachs Exploring Creation of a Bitcoin Trading Desk

As Threats to Cybersecurity Grow, So Does Cyberinsurance

Increasingly pervasive threats to cybersecurity have jumpstarted the cyberinsurance business to reach beyond technology companies, its core customers. Covering financial loss, including theft of data and ransomware, cyberinsurance is reportedly the fastest-growing coverage among U.S. companies; cyberinsurance firms provide competing tools to distinguish their offerings in the marketplace. Insurance is not in lieu of good security practices, but the idea of cyberinsurance is appealing even though it is largely untested. Continue reading As Threats to Cybersecurity Grow, So Does Cyberinsurance

Page 1 of 212