How Retro Malware Feeds the New Threat Wave

Network Computing Dark Reading

Advertise

About Us

Join us live at

Threaded | Newest First | Oldest First

[close this box]

50%

Sara Peters,
User Rank: Author
10/6/2014 | 4:34:09 PM

What's old is new

Well cybercrime is rather fashionable these days; why shouldn't it follow the same rules that the fashion/beauty industry does? Do you think that attackers simply wait until we let our guard down, to start using the old stuff we've stopped looking for? The whole "just when you thought it was safe to go back in the water," approach? I'm not entirely certain, though, why that's preferable. I suppose it's cheaper. You don't have to go invest in brand new malware toolkits and such.

Reply | Post Message | Messages List | Start a Board

50%

Marilyn Cohodas,
User Rank: Strategist
10/7/2014 | 7:54:32 AM

Re: What's old is new

I like your fashion analogy, @Sara. I'm the last person to comment on fashion trends, but to take it the analogy one step further, whenever a retro style comes back into vogue, there seems to always be some new twist that makes your old garb not quite the right look or feel. So it seems with retro malware. It's familiar but yet new enough that existing antimalware and practices won't be effective...

Reply | Post Message | Messages List | Start a Board

50%

adibello,
User Rank: Author
10/13/2014 | 4:31:52 PM

Re: What's old is new

As you suggest @Sara, it's always more cost effective to reuse proven code where possible than to create new code from scratch, using new vulnerabilities or obfuscation techniques to successfully inject such code into the enterprise to your point @Marilyn. The folks creating and selling malware are just as organized and budget conscious as their white hat counterparts, looking to leverage methods which offer the greatest return on investment wherever they can.

Reply | Post Message | Messages List | Start a Board

50%

Marilyn Cohodas,
User Rank: Strategist
10/13/2014 | 4:41:37 PM

Re: What's old is new

So true, Anthony. Everyone is looking for the best ROI -- good guys and bad guys alike.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

Ex-NSA Contractor Gets 9 Years for Retaining Defense Data

Dark Reading Staff 7/22/2019

RDP Bug Takes New Approach to Host Compromise

Kelly Sheridan, Staff Editor, Dark Reading, 7/18/2019

The Problem with Proprietary Testing: NSS Labs vs. CrowdStrike

Brian Monkman, Executive Director at NetSecOPEN, 7/19/2019

Live Events

Webinars

Come to Black Hat USA for the latest hardware hacks

Black Hat Trainings - August 3-6

WorkSpace Connect - Sept 9-11, Dallas - Register Now!

More Informa Tech Live Events

White Papers

Back to Basics with Log Management, SIEMs & MSSPs

Simulation vs. Pentesting vs. Vuln Scanning

Everything You Want to Know About Security at the Edge But Were Afraid to Ask

7 Reasons You Need Security at the Edge

IDC SpotLight: Protecting Against Threats with Application Security Testing

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: LG- Attention we have active phishing simulation, I repeat active phishing simulation do not click on that link... User- Hmm new email from HR ...

Cartoon Archive

Current Issue

Building and Managing an IT Security Operations Program

As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT Operations and Cybersecurity Operations

Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.

Download Now!

How Enterprises Are Developing Secure Applications

0 comments

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-10101
PUBLISHED: 2019-07-23

WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting (XSS). The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administrator must be logged in.

CVE-2019-10101
PUBLISHED: 2019-07-23

VCFTools vcfools prior to version 0.1.15 is affected by: Heap Use-After-Free. The impact is: Denial of Service or possibly unspecified impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim mus...

CVE-2019-10173
PUBLISHED: 2019-07-23

It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regre...

CVE-2019-14241
PUBLISHED: 2019-07-23

HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.

CVE-2019-10101
PUBLISHED: 2019-07-23

MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web request via /assets/...

Terms of Service
Privacy Statement
Legal Entities