Threat Actors Turn to Blockchain Infrastructure to Host & Hide Malicious Activity
4/23/2018.bit domains are increasingly being used to hide payloads, stolen data, and command and control servers, FireEye says.
Post a Comment
Author
Profile of Jai Vijayan
Freelance writer News & Commentary Posts: 519Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics including Big Data, Hadoop, Internet of Things, E-voting and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, IL.
Articles by Jai Vijayan
.bit domains are increasingly being used to hide payloads, stolen data, and command and control servers, FireEye says.
Post a Comment
Majority of Men Think Women Have Equal Opportunity to Advance in Cybersecurity Career
4/17/2018Not so fast, say women.
Post a Comment
Cisco, ISARA to Test Hybrid Classic, Quantum-Safe Digital Certificates
4/13/2018Goal is to make it easier for organizations to handle the migration to quantum computing when it becomes available.
Post a Comment
Attackers Exploit Cisco Switch Issue as Vendor Warns of Yet Another Critical Flaw
4/9/2018Cisco says companies fixing previously known protocol issue should also patch against critical remote-code execution issue.
Post a Comment
Sears & Delta Airlines Are Latest Victims of Third-Party Security Breach
4/5/2018An insecure ecosystem of third parties connected to an enterprise network poses a growing risk, security analysts say.
Post a Comment
Four Gas Pipeline Firms Hit in Attack on Their EDI Service Provider
4/5/2018Attack a warning on vulnerabilities in energy networks, security analysts say.
Post a Comment
Criminals Targeting Magento Sites with Brute-Force Password Attacks
4/3/2018Flashpoint says it is aware of at least 1,000 sites using Magento's e-commerce platform that have been recently compromised.
Post a Comment
Microsoft Rushes Out Fix for Major Hole Caused by Previous Meltdown Patch
3/30/2018Issue affects Windows 7 x64 and Windows Server 2008 R2 x64 systems.
Post a Comment
University Networks Become Fertile Ground for Cryptomining
3/29/2018Sixty percent of cryptomining detections in a Vectra study occurred on higher-education networks.
Post a Comment
Attackers Shift From Adobe Flaws to Microsoft Products
3/27/2018Seven of the Top 10 most commonly exploited vulnerabilities in 2017 were Microsoft-related - not Adobe Flash as in years past, Recorded Future found.
Post a Comment
Leader of Cybercrime APT Behind $1.2 Billion in Bank Heists Arrested
3/26/2018The Carbanak group has caused more financial losses to financial institutions than any other cybercrime group since it surfaced in 2013.
Post a Comment
AMD Will Release Fixes for New Processor Flaws in a Few Weeks
3/23/2018Security firm that disclosed flaws accuses chipmaker of downplaying flaws; says timeline is overly optimistic.
Post a Comment
Criminals Using Web Injects to Steal Cryptocurrency
3/22/2018Man-in-the-browser attacks targeting Blockchain.info and Coinbase websites, SecurityScorecard says.
Post a Comment
7 Ways to Protect Against Cryptomining Attacks
3/22/2018Implementing basic security hygiene can go a long way in ensuring your systems and website don't get hijacked.
Post a Comment
Gartner Expects 2018 IoT Security Spending to Reach $1.5 Billion
3/21/2018Regulations, breach concerns will push spending to over $3 billion by 2021, analyst firm says.
Post a Comment
New Method Proposed for Secure Government Access to Encrypted Data
3/19/2018'Crumple Zones' in crypto mechanisms can make it possible — but astronomically expensive — to access encrypted data, say researchers from Boston University and Portland State University.
Post a Comment
Are DDoS Attacks Increasing or Decreasing? Depends on Whom You Ask
3/15/2018Details on DDoS trends can vary, depending on the reporting source.
Post a Comment
New Hosted Service Lowers Barriers to Malware Distribution
3/14/2018BlackTDS is a traffic distribution service for directing users to malware and exploit kits based on specific parameters.
Post a Comment
Malware Leveraging PowerShell Grew 432% in 2017
3/12/2018Cryptocurrency mining and ransomware were other major threats.
Post a Comment
China's Vulnerability Database Altered to Hide Govt. Influence
3/9/2018Recorded Future says move designed to hide fact that CNNVD routinely delays publication of high-risk flaws so government can assess them for offensive use.
Post a Comment
North Korea Threat Group Targeting Turkish Financial Orgs
3/8/2018Hidden Cobra appears to be collecting information for a later strike, McAfee says.
Post a Comment
Intel SGX Can Be Used to Hide, Execute Malware
3/7/2018The microprocessor giant's Software Guard Extensions security feature can be abused to implement virtually undetectable malware, Graz University researchers say.
Post a Comment
Design Weakness in Microsoft CFG Allows Complete Bypass
3/6/2018Researchers from Italy's University of Padua will demo a new technique to evade Control Flow Guard, the widely deployed security mechanism, at Black Hat Asia.
Post a Comment
Insider Threat Seriously Undermining Healthcare Cybersecurity
3/5/2018Two separate reports suggest insiders — of the malicious and careless variety — pose more of a problem in healthcare than any other sector.
Post a Comment
Number of Sites Hosting Cryptocurrency Miners Surges 725% in 4 Months
3/1/2018The dramatic increase in cryptocurrency prices, especially for Monero, is behind the sudden explosive growth, says Cyren.
Post a Comment
New Android Malware Family Highlights Evolving Mobile Threat Capabilities
2/28/2018RedDrop can steal data, record audio, and rack up SMS charges for victims, says Wandera.
Post a Comment
Memcached Servers Being Exploited in Huge DDoS Attacks
2/27/2018Multiple vendors this week say they have seen a recent spike in UDP attacks coming in via port 11211.
Post a Comment
Threats from Mobile Ransomware & Banking Malware Are Growing
2/26/2018The number of unique mobile malware samples increased sharply in 2017 compared to a year ago, according to Trend Micro.
Post a Comment
'OMG': New Mirai Variant Converts IoT Devices into Proxy Servers
2/23/2018The new malware also can turn bots into DDoS attack machines, says Fortinet.
Post a Comment
Criminals Obtain Code-Signing Certificates Using Stolen Corporate IDs
2/22/2018The certificates are available on demand at prices ranging from $299 to $1,599, says Recorded Future.
Post a Comment
Global Cybercrime Costs Top $600 Billion
2/21/2018More than 50% of attacks result in damages of over $500K, two reports show.
Post a Comment
7 Cryptominers & Cryptomining Botnets You Can't Ignore
2/21/2018Cryptominers have emerged as a major threat to organizations worldwide. Here are seven you cannot afford to ignore.
Post a Comment
Cybercrime Gang Ramps up Ransomware Campaign
2/15/2018In the last few weeks, Gold Lowell group has collected over $350K after infecting victims with SamSam crypto malware, researchers at Secureworks found.
Post a Comment
Attackers Use Infected Plug-In to Install Cryptomining Tool on Over 4200 Websites
2/12/2018Victims include UK's ICO, and National Health Service and USCourts.gov.
Post a Comment
New POS Malware Steals Data via DNS Traffic
2/8/2018UDPoS is disguised to appear like a LogMeIn service pack, Forcepoint says.
Post a Comment
US, International Law Enforcement Shut Down Massive Cybercrime Marketplace
2/7/2018The Infraud Organization was responsible for over $500 million in losses to institutions and individuals worldwide, the US Department of Justice says.
Post a Comment
Uber's Response to 2016 Data Breach Was 'Legally Reprehensible,' Lawmaker Says
2/6/2018In Senate hearing, Uber CISO admits company messed up in not quickly disclosing breach that exposed data on 57 million people.
Post a Comment
Abusing X.509 Digital Certificates for Covert Data Exchange
2/5/2018Newly discovered hack would allow attackers to send data between two systems during TLS negotiation, researchers say.
Post a Comment
7 Ways to Maximize Your Security Dollars
2/5/2018Budget and resource constraints can make it hard for you to meet security requirements, but there are ways you can stretch your budget.
Post a Comment
Crypto-Mining Attacks Emerge as the New Big Threat to Enterprises
2/1/2018Attackers looking to hijack systems for illegally mining digital currencies have begun eyeing business systems, security vendors say.
Post a Comment
Phishing Campaign Underscores Threat from Low Budget, Low Skilled Attackers
1/30/2018For just over $1,000, a phishing operation successfully spied on members of the Tibetan community for 19 months, Toronto University's Citizen Lab found.
Post a Comment
Thieves Target ATMs In First US 'Jackpotting' Attacks
1/29/2018Attackers have been getting ATMs to illegally dispense cash by tampering with their internal electronics, US Secret Service warns.
Post a Comment
Dutch Intel Agency Reportedly Helped US Attribute DNC Hack to Russia
1/26/2018The General Intelligence and Security Service of the Netherlands broke into Cozy Bear's network in 2014 and spotted the group launching attacks, de Volkskrant says.
Post a Comment
This Year's Pwn2Own Hackfest Will Offer Up to $2 Million in Rewards
1/25/2018Microsoft is a partner at annual contest for the first time.
Post a Comment
Ransomware Actors Cut Loose on Health Care Organizations
1/24/2018An attack on Allscripts last week that knocked out EHR services to 1,500 clients is the third reported incident just this month.
Post a Comment
Dark Caracal Campaign Breaks New Ground with Focus on Mobile Devices
1/23/2018This is the first known global-scale campaign primarily focused on stealing data from Android devices, Lookout and EFF say.
Post a Comment
Satori Botnet Malware Now Can Infect Even More IoT Devices
1/22/2018Latest version targets systems running ARC processors.
Post a Comment
Kaspersky Lab Seeks Injunction Against US Government Ban
1/19/2018Revenues and reputation have taken a hit in the wake of the US Department of Homeland Security's decision to prohibit use of its products and services by the feds, the company says.
Post a Comment
Rogue Chrome, Firefox Extensions Hijack Browsers; Prevent Easy Removal
1/18/2018Malwarebytes describes malicious extensions as 'one of a kind'
Post a Comment
Threats from Russia, North Korea Loom as Geopolitics Spills into Cyber Realm
1/17/2018Threat actors from both nations ramped up their activities sharply in 2017, Flashpoint says in a new threat intelligence report.
Post a Comment
Kaspersky Lab Warns of Extremely Sophisticated Android Spyware Tool
1/16/2018Skygofree appears to have been developed for lawful intercept, offensive surveillance purposes.
Post a Comment
Survey Suggests Many Are Still Waiting for Spectre, Meltdown Windows Updates
1/11/2018Microsoft's insistence on a specific registry key setting for offering the updates on systems appears to be the issue, security vendor Barkly says.
Post a Comment
Cisco Adds Encrypted Traffic Analysis Function
1/10/2018New Encrypted Traffic Analytics is designed to help enterprises inspect encrypted traffic for malicious activity without having to decrypt it first.
Post a Comment
Turla Cyberespionage Gang Employs Adobe Flash Installer
1/9/2018In recent data theft campaigns, the APT group has been downloading malware from what appears to be legitimate Adobe URLs and IP addresses, ESET says.
Post a Comment
New Cryptocurrency Mining Malware Has Links to North Korea
1/8/2018A malware tool for stealthily installing software that mines the Monero virtual currency looks like the handiwork of North Korean threat actors, AlienVault says.
Post a Comment
Vendors Rush to Issue Security Updates for Meltdown, Spectre Flaws
1/4/2018Apple says all Mac and iOS systems are affected by new side-channel attack vulnerabilities.
Post a Comment
Open Source Components, Code Volume Drag Down Web App Security
1/3/2018The number of new Web application vulnerabilities published last year was 212% greater than the number disclosed in 2016, Imperva says in a new report this week.
Post a Comment
Hackers Who Disabled Police Cameras Prior to Trump Inauguration Left Trail of Clues
1/2/2018Romanian police last month arrested Mihai Isvanca, and Eveline Cismaru for allegedly breaking into 123 computers controlling surveillance cameras at DC's police department in 2017.
Post a Comment
Hit the Cyber Underground for the Hottest Travel Deals
12/22/2017You can get everything from inexpensive flights and hotels to fake passports in the cyber underground, says Trend Micro.
Post a Comment
Russia's Fancy Bear APT Group Gets More Dangerous
12/21/2017Encryption and code refreshes to group's main attack tool have made it stealthier and harder to stop, ESET says.
Post a Comment
Attack Attribution Tricky Say Some as US Blames North Korea for WannaCry
12/20/2017There's not enough evidence to conclusively tie the rogue regime to the ransomware attacks, some security experts say.
Post a Comment
Another Cyberattack Spotted Targeting Mideast Critical Infrastructure Organizations
12/19/2017Operation Copperfield appears focused on data theft and reconnaissance, Nyotron says.
Post a Comment
TRITON Attacker Disrupts ICS Operations, While Botching Attempt to Cause Physical Damage
12/14/2017TRITON malware is discovered after an attack on a safety monitoring system accidentally triggered the shutdown of an industrial process at an undisclosed organization.
Post a Comment
Former Rutgers Student, Two Others Plead Guilty to Operating Mirai Botnet
12/13/2017Trio faces up to five years in federal prison and fines of up to $250,000
Post a Comment
Security Compliance: The Less You Spend the More You Pay
12/12/2017The costs of complying with data protection requirements are steep, but the costs of non-compliance are even higher, a new study shows.
Post a Comment
Russian-Speaking 'MoneyTaker' Group Helps Itself to Millions from US Banks
12/11/2017Banks in Latin America appear to be next big target, Group-IB says.
Post a Comment
Conficker: The Worm That Won't Die
12/7/2017More than nine years after it infected millions of systems worldwide, the malware continues to be highly active, according to a Trend Micro report.
Post a Comment
NIST Releases New Cybersecurity Framework Draft
12/6/2017Updated version includes changes to some existing guidelines - and adds some new ones.
Post a Comment
Bitcoin Sites Become Hot Targets for DDoS Attacks
12/5/2017The Bitcoin industry is now one of the top 10 most-targeted industries for DDoS campaigns. Price manipulation could be one goal, Imperva says.
Post a Comment
NSA Employee Pleads Guilty to Illegally Retaining National Defense Secrets
12/4/2017Nghia Hoang Pho faces up to eight years in prison for removing highly classified NSA data from workplace and storing it at home.
Post a Comment
Developers Can Do More to Up Their Security Game: Report
11/28/2017Developers can play a vital role in accelerating the adoption of AppSec practices, security vendor says.
Post a Comment
New OWASP Top 10 List Includes Three New Web Vulns
11/21/2017But dropping cross-site request forgeries from list is a mistake, some analysts say.
Post a Comment
North Korea's Lazarus Group Evolves Tactics, Goes Mobile
11/20/2017The group believed to be behind the Sony breach and attacks on the SWIFT network pivots from targeted to mass attacks.
Post a Comment
Crooks Turn to Delivering Ransomware via RDP
11/16/2017In a new twist to an old attack, threats actors are increasingly using the remote access protocol to install ransomware, Sophos says
Post a Comment
White House Releases New Charter for Using, Disclosing Security Vulnerabilities
11/15/2017Updated Vulnerability Equities Process provides transparency into how government will handle new vulnerabilities that it discovers in vendor products and services.
Post a Comment
Microsoft Uses Neural Networks to Make Fuzz Tests Smarter
11/15/2017Neural fuzzing can help uncover bugs in software better than traditional tools, company says.
Post a Comment
Frequent Software Releases, Updates May Injure App Security
11/13/2017The more frequently you release apps, the more security vulnerabilities you are likely to introduce in the code, a new study confirms.
Post a Comment
Emerging IT Security Technologies: 13 Categories, 26 Vendors
11/13/2017A rundown of some of the hottest security product areas, and vendors helping to shape them.
Post a Comment
AV Vendors Have Immunity for Malware-Blocking Decisions, Court Says
11/9/2017Enigma Software Group had sued Malwarebytes for characterizing its anti-malware software as unsafe, but its case was dismissed.
Post a Comment
OceanLotus APT Group Unfolds New Tactic in Cyber Espionage Campaign
11/9/2017The group has begun using compromised websites to profile and target entities of interest to the Vietnamese government, Volexity says.
Post a Comment
South America the Target of 'Sowbug' Cyber Espionage Group
11/7/2017Diplomatic and government organizations in Brazil, Peru, Ecuador, and Argentina are being targeted by what Symantec says looks like a nation-state actor.
Post a Comment
It Takes a Buck to Make a Million on the Dark Web
11/6/2017The cost for malware tools and services can add up, but the returns from cybercrime campaigns can be enormous, says Recorded Future.
Post a Comment
Will New Ownership Open New Opportunities for Digital Cert Vendors?
11/1/2017Francisco Partners acquires majority stake in Comodo CA; DigiCert completes purchase of Symantec's SSL cert business.
Post a Comment
How Wireless Intruders Can Bypass NAC Controls
11/1/2017A researcher at this month's SecTor conference will demonstrate the dangers of not employing EAP-TLS wireless security.
Post a Comment
Gaza Cybergang Acquires New Tools, Expands Operations
10/30/2017Warning from Kaspersky Lab second in recent month involving heightened threat activity in Middle East and North Africa.
Post a Comment
Inmarsat Disputes IOActive Reports of Critical Flaws in Ship SATCOM
10/26/2017Satellite communications provider says security firm's narrative about vulnerabilities in its AmosConnect 8 shipboard email service is overblown.
Post a Comment
Kaspersky Lab Collected, Then Deleted NSA File from a Home Computer
10/25/2017Concerns over handling classified US data one of the reasons why Kaspersky Lab CEO ordered file deletion, company says.
Post a Comment
US Critical Infrastructure Target of Russia-Linked Cyberattacks
10/23/2017Attacks have been under way since May, targeting energy, nuclear, aviation, water, and manufacturing, FBI and DHS say.
Post a Comment
Veracode: 75% Of Apps Have at Least One Vulnerability on Initial Scan
10/20/2017But developers not the only ones to blame, company says.
Post a Comment
'BoundHook' Technique Enables Attacker Persistence on Windows Systems
10/19/2017CyberArk shows how attackers can leverage Intel's MPX technology to burrow deeper into a compromised Windows system.
Post a Comment
Oracle Fixes 20 Remotely Exploitable Java SE Vulns
10/18/2017Quarterly update for October is the smallest of the year: only 252 flaws to fix! Oracle advises to apply patches 'without delay.'
Post a Comment
Factorization Bug Exposes Millions Of Crypto Keys To 'ROCA' Exploit
10/17/2017Products from Lenovo, HPE, Google, Microsoft, and others impacted by flaw in Infineon chipset.
Post a Comment
Secure Wifi Hijacked by KRACK Vulns in WPA2
10/16/2017All modern WiFi access points and devices that have implemented the protocol vulnerable to attacks that allow decryption, traffic hijacking other attacks. Second, unrelated crypto vulnerability also found in RSA code library in TPM chips.
Post a Comment
Kaspersky Lab and the AV Security Hole
10/12/2017It's unclear what happened in the reported theft of NSA data by Russian spies, but an attacker would need little help to steal if he or she had privileged access to an AV vendor's network, security experts say.
Post a Comment
North Korean Threat Actors Probe US Electric Companies
10/11/2017September spear phishing attack appeared to be more reconnaissance activity than sign of impending attack, FireEye says.
Post a Comment
Cybercrime Meets Culture In Middle East, North African Underground
10/10/2017Spirit of sharing and free malware a characteristic of crimeware markets in this region, Trend Micro says.
Post a Comment
SiteLock: Website Attacks Surged 186% in Q2
10/9/2017Websites mostly belonging to small- to midsized firms got hit with more than 60 attacks per day on average, new analysis finds.
Post a Comment
Yahoo, Equifax Serve as Cautionary Tales in Discerning Data Breach Scope
10/4/2017Both companies this week revealed that their previously disclosed breaches impacted a lot more people than previously thought.
Post a Comment
New Standards Will Shore up Internet Router Security
10/3/2017The BGP Path Validation draft standards were designed to ensure that Internet traffic flows only along digitally signed, authorized paths.
Post a Comment
FBI Won't Have to Reveal iPhone-Cracking Tool Used in Terror Case
10/2/2017Revealing vendor's name and pricing details a threat to national security, DC court says.
Post a Comment
White Papers
Video
0 Comments
Current Issue
How to Cope with the IT Security Skills ShortageMost enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
![[Strategic Security Report] Navigating the Threat Intelligence Maze](https://dsimg.ubm-us.net/asset/393933/543593/DR_ThreatConnect_Report.png)
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...
CVE-2016-10369NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
CVE-2016-8202unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...
CVE-2016-8209A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.
CVE-2017-0890Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This