Games Are Targets for Ransomware and Credential Stuffing

Cybersecurity firm Cyren recently discovered Syrk, a free tool that allows players to cheat at video game “Fortnite.” It also learned that Syrk can disable anti-malware software and encrypt batches of user files for ransom. Akamai has reported a significant rise in so-called credential-stuffing attacks, by which criminals use stolen identities in automated attacks to break into accounts. Akamai found 55 billion credential stuffing attacks from November 2017 to the end of March 2019. Gaming sites had 12 billion of these attacks. Continue reading Games Are Targets for Ransomware and Credential Stuffing

Why Adware Is the Most Intrusive Malware on Our Devices

Adware is the flavor of malware that the ordinary person is most likely to encounter on a smartphone or browser. Aimed at generating profits, adware sneaks ads into apps and browsers, with advertisers paying developers based on the number of people who load them. The smartphone is the ideal environment for this version of malware, via apps sold in Apple’s App Store or Google Play Store. Ad malware largely goes unnoticed because its main impact (besides relentlessly serving ads) is to slow down the device. Continue reading Why Adware Is the Most Intrusive Malware on Our Devices

Cyber Threat Alliance’s Early Sharing Aims to Stop Hackers

The nonprofit Cyber Threat Alliance (CTA) has organized its members, which includes some big tech companies such as Cisco, McAfee, Palo Alto Networks and Symantec, to share knowledge about software bugs and hacking threats, to alert their customers and limit the damage. To do so, the companies have decided to put cybersecurity ahead of the competition. Dubbed “early sharing,” the strategy goes into action as government-linked groups in China, Iran, North Korea and Russia run devastating hacking campaigns. Continue reading Cyber Threat Alliance’s Early Sharing Aims to Stop Hackers

Microsoft Warns Windows Bug May Be Abused by Hackers

Facebook, Intel and Microsoft announced bugs in their software this week. Facebook patched WhatsApp to prevent hackers from using it to install spyware on mobile phones. Intel described its efforts to fix a problem with its chipsets that allow attackers to access private data. Now Microsoft warned that it just patched a bug similar to the WannaCry ransomware crypto-worm that attacked computers around the globe in 2017. The company said that, to its knowledge, no one yet had exploited the Windows vulnerability. Continue reading Microsoft Warns Windows Bug May Be Abused by Hackers

Municipalities Increasingly Targeted for Ransomware Attacks

Cyber criminals recently hacked the municipal computers of Rockport, Maine, demanding $1,200 in Bitcoin to unlock them. That’s just one example of a surge of ransomware aimed at municipal computer systems, both large and small, including the city of Atlanta and a St. Louis library system. According to Ponemon Institute, an information systems research firm, these kinds of public sector hacks are increasing faster than those on private ones. City officials are often unprepared to deal with the consequences. Continue reading Municipalities Increasingly Targeted for Ransomware Attacks

Microsoft Sees Significant Corporate Upgrades to Windows 10

Microsoft Windows got a boost due to the increase in cyberattacks, with a 21 percent jump in sales of Windows 10 licenses last quarter, mainly to corporate clients; a 21 percent lift in bulk sales of Windows licenses and cloud services; and an expected growth of 13 percent in the current quarter. Although Windows is the most widely used operating system worldwide, PC shipments have seen no growth, says International Data Corp. Instead, the Windows 10 sales indicate a widespread move to update older software versions. Continue reading Microsoft Sees Significant Corporate Upgrades to Windows 10

Unregulated IoT Devices Now Entry Point for Elaborate Hacks

The Internet of Things is more vulnerable than previously proven. Up until now the most common attack via IoT device has been to enlist thousands of them into botnets. Another method of attack is to find entry via a weak IoT device to conduct a ransomware attack. Now, IoT security firm Senrio has demonstrated that attackers can jump from one IoT device to another, without moving through PCs and servers, making their path even harder to discover. In other words, one vulnerable IoT device can create network disruption. Continue reading Unregulated IoT Devices Now Entry Point for Elaborate Hacks

Machine Learning Used in Detection of Harmful Android Apps

The Google Play Protect detection service, which scans Android apps for malicious activity, is enabled on more than 2 billion devices and detected 60.3 percent of Potentially Harmful Apps (PHAs) in 2017 using machine learning, according to Google’s Android Security 2017 Year in Review report. Google removed over 700,000 apps for violating its policies last year. While Play Protect uses a variety of tactics, machine learning is highly effective for catching PHAs, detecting things like inappropriate content, impersonation, and malware.

Continue reading Machine Learning Used in Detection of Harmful Android Apps

WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable

According to researchers, the WPA2 protocol for Wi-Fi connectivity contains a significant weakness that makes it vulnerable to attackers. A hacker within range of connected devices would reportedly be able to exploit this weakness to hijack passwords, emails and other “encrypted” data, or even place ransomware into a website the user is visiting. The research, which has been ongoing for weeks, reveals that the WPA2 core vulnerability could affect operating systems and devices including Android, Linux, OpenBSD, MediaTek, Linksys, macOS and Windows. Continue reading WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable

Goldman Sachs Exploring Creation of a Bitcoin Trading Desk

Goldman Sachs Group, in the early stages of considering whether to start a trading operation for Bitcoin, could become the first blue-chip Wall Street company to deal directly in the virtual currency. If it does so, it will give Bitcoin more credibility among investors. Bitcoin and other virtual currencies were first used and are still perceived as commonly used for illegal activities. The currency is still controversial, banned by China and deemed a “fraud” by J.P. Morgan Chase & Co. chief executive James Dimon. Continue reading Goldman Sachs Exploring Creation of a Bitcoin Trading Desk

As Threats to Cybersecurity Grow, So Does Cyberinsurance

Increasingly pervasive threats to cybersecurity have jumpstarted the cyberinsurance business to reach beyond technology companies, its core customers. Covering financial loss, including theft of data and ransomware, cyberinsurance is reportedly the fastest-growing coverage among U.S. companies; cyberinsurance firms provide competing tools to distinguish their offerings in the marketplace. Insurance is not in lieu of good security practices, but the idea of cyberinsurance is appealing even though it is largely untested. Continue reading As Threats to Cybersecurity Grow, So Does Cyberinsurance

Sources Say China Is Planning to Shutter Bitcoin Exchanges

The Chinese government, increasingly uneasy about virtual currency, is on the verge of shutting down the country’s Bitcoin exchanges, say sources. The move comes as the government focuses on preventing capital from leaving to digital currencies. But if China, the world’s No. 2 economy, does indeed take this step, the market for cryptocurrencies, including all the new companies using it, will feel the impact. Of all the virtual currencies, Bitcoin is the largest, since restrictions on it were loosened in Japan and elsewhere. Continue reading Sources Say China Is Planning to Shutter Bitcoin Exchanges

Ransomware: Hackers Extort $1 Million From One Company

In the largest ransomware payout to date, South Korean web provider Nayana has agreed to pay $1 million to hackers who originally demanded 550 Bitcoins, about $1.62 million. Following negotiations, Nayana has agreed to pay $1 million in three installments. The ransomware, identified as Erebus by cybersecurity firm Trend Micro, impacted 153 Linux servers and more than 3,400 websites hosted by Nayana. “This is the single largest-known payout for a ransomware attack, and it was an attack on one company,” reports CNET. “For comparison, the WannaCry ransomware attacked 200,000 computers across 150 countries, and has only pooled $127,142 in Bitcoins since it surfaced.” Continue reading Ransomware: Hackers Extort $1 Million From One Company

Experts Ponder Implications of IoT Vulnerabilities and Risks

The Internet of Things is now made up of approximately 8.4 billion devices, in cars, voice-activated assistants, home security systems, personal fitness trackers and health-monitoring devices. Much of the “connection” is behind the scenes and involves machine learning-enhanced communication. But an increasing number of IoT products are embedded in the things of daily life, from toothbrushes and dental floss to baby monitors, umbrellas and remote-controlled pet food dispensers. Security and safety issues are now a focus. Continue reading Experts Ponder Implications of IoT Vulnerabilities and Risks

Advice on Keeping Smaller Businesses Safe From Cybercrime

The threat of ransomware and malware are growing. The “WannaCry” attack impacted at least 200,000 computers in 150 countries before peaking last week. Adylkuzz is another piece of malware currently threatening computers around the world. As computers become increasingly connected, so opportunities for cybercrime expand, say the experts. Part of the problem is that the Internet wasn’t designed with cybersecurity protections, and criminals are attracted to cybercrimes for the relatively easy profits they can make. Continue reading Advice on Keeping Smaller Businesses Safe From Cybercrime

Page 1 of 212