Items tagged with Malware

It seemed for a moment that the WannaCry ransomware that wreaked havoc at hospitals across Europe had been neutralized, but apparently it is still causing disruptions. The latest report comes from Honda Motor Co., which said on Wednesday that it had to shut down one of its factories in Japan after discovering that WannaCry had wormed its way onto the company's computer network.Honda temporarily ceased production at its Sayama plant located northwest of Tokyo. That particular factory produces several Honda automobile models, including the Accord sedan, Odyssey minivan, and Step Wagon compact vehicle.... Read more...
The notion that Mac systems are immune to malware is just plain wrong. Sure, Macs might be less susceptible to malware than Windows-based PCs, but they are certainly not exempt from security threats. Proving otherwise, two different security outfits have put out warnings about separate threats targeting Mac users. One of them pertains to ransomware, where a user's documents and files are encrypted and held hostage until a ransom is paid, and the other is a spyware application that sniffs out sensitive information.Image Source: Apple Starting with the former, security outfit Fortinet said its labs... Read more...
If you're a Raspberry Pi user who's never changed the default password of the "pi" user, then heed this warning: change it. A brand new piece of malware has hit the web, called "Linux.MulDrop.14", and it preys on those who haven't secured their devices properly. Linux.MulDrop.14 looks to be a simple piece of malware, but what it does wouldn't be acceptable by any RPi owner. After scanning for RPis with an open (and default) SSH port, the "pi" user is logged into (if the password is left default), and the password is subsequently changed. After that, the malware installs ZMap and sshpass software,... Read more...
Most wireless routers are equipped with a series of LEDs to indicate things like network connectivity and activity, though if a router has been compromised with malware, those blinking lights could reveal more than the owner bargained for. Using specially crafted malware, an attacker could instruct those LEDs to transmit data in a binary format.Image Source: TP-Link The attack was outlined in a paper by a team of researches from the Cyber Security Research Center at the Ben-Gurion University of the Negev in Israel. It is the same team of security researchers that previously wrote about data exfiltration... Read more...
The folks at Kaspersky, one of the biggest antivirus companies on the planet, are not too pleased with Microsoft's recent Windows design cues. Last year, the company filed a complaint against the Redmond company with Russia's Federal Antimonopoly Service (FAS), and recently, it did the same thing in Europe. Any mention of Windows and "monopoly" make this complaint easy to figure out without even looking at it. Kaspersky has a beef with how Microsoft promotes the use of its Defender antivirus / anti-malware app over third-party solutions. One issue in particular is how Windows acts as a bit of a... Read more...
Be careful what you download from Google Play, as auto-clicking adware dubbed “Judy” is believed to have infected up to 36.5 million users. The apps have been deemed as malware, despite their overall high review ratings on Google Play. Judy was found on forty-one apps developed by a Korean company Kiniwini, registered on Google Play as ENISTUDIO corp. Hackers developed bridgehead apps that, once downloaded, established a connection with their Command and Control server (C&C). The server replied with payload that included JavaScript code, a user-agent string and URLs that were controlled by... Read more...
Now that the dust has settled on a global ransomware outbreak that could have been much worse than it ended up being, we can all breathe a sigh of relieve. Meanwhile, security outfits are busy analyzing the outbreak to uncover as much information as possible about the threat known as WannaCry. According to Symantec's investigation into things, WannaCry has "strong links to Lazarus," which is the same group that attacked Sony Pictures and made off with $81 million from the Bangladesh Central Bank. Symantec says that before the recent outbreak occurred, a near identical version of WannaCry was used... Read more...
WikiLeaks has posted its latest release from the Vault 7 series of CIA-related leaks that exposes a tool dubbed “Athena”, which acts as a beacon on compromised Windows-based systems and gives the agency remote loader capabilities as well.Athena and its associated tools function on all versions of Windows from XP through Windows 10. There is a secondary implementation named “Hera” for Windows 8 and newer systems, due to some underlying changes Microsoft made to the OSes, which offers all of the same capabilities. All told, Athena / Hera provides a beaconing capability with remote configuration and... Read more...
The Wanna Decrypter ransomware that began floating around the Internet late last week, or WannCry as it's commonly known, has made a lasting impact, with hundreds of thousands of PCs worldwide being affected. What the malware does is even more alarming: one minute, you're using your computer normally; the next, your data is locked away behind a key unless you fork over hundreds of dollars in ransom money. As has become typical of ransomware, WannaCry will demand payment via Bitcoin in order to recover the data the attackers locked down. Once payment is received, an encryption key is typically (but... Read more...
Last fall, we reported on a somewhat humorous report of a mere "reply all" email that managed to bring down email servers of the UK's National Health Service.  Unfortunately, we have something a bit more severe to report on today: an all-out cyberattack against the NHS. At some point today, doctors at NHS had to begin turning away patients as a ransomware attack that affected NHS' most important servers reared its ugly head. Doctors and staff were immediately locked out of their computers, essentially meaning that patient data could not be accessed. Queen Elizabeth Hospital in Birmingham;... Read more...
A vulnerability researcher at Google is giving props to Microsoft for issuing a quick fix to what he described as a "crazy bad" remote code exploit in the company's malware protection engine. He also said it was the worst of its kind in recent memory, and that is because prior to the patch, a remote attacker could gain full control of a PC simply by sending a malicious email. The recipient needn't even open the communication for this nasty zero-day bug to work. "The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially... Read more...
It seems like a day doesn't go by that we don't hear about some piece of malware that's harassing computer users. In 2017, you would expect that most people would be hesitant to download and extract random, rogue zip files, but sadly, that's not the case. There's a reason these pieces of malware still exist -- just like with spam email, a small percentage of users ultimately fall for it. With the latest piece of malware to hit the Mac, users who are careless enough to open attachments from people they don't know are the prime targets for this exploit and infection. OSX/Dok is malware that... Read more...
Official app stores are supposed to be safe havens for mobile users to download and install programs and games without fear of mucking up their smartphones and tablets. Unfortunately that is not always the case. Researchers at veteran security outfit Check Point, makers of the popular ZoneAlarm personal firewall, recent detected a new strain of malware on Google Play that seems intent on enlisting the help of unsuspecting users to participate in a botnet. Dubbed "FalseGuide," the researchers discovered the malware hidden inside more than 40 guide apps for games, the oldest of which was uploaded... Read more...
Despite Google's best efforts to protect its users who download apps from its Play Store, some malware inevitably slips through the cracks. While it might be easy to assume that most of that malware is found in obscure software that people shouldn't be downloading anyway, this latest case is proof that if malware does manage to get through, it could impact millions of people. Research firm Zscaler, and its threat-hunting team ThreatLabz, recently discovered an app on the Play Store that included the Android spyware SMSVova. Looking at the image below, it's hard to imagine why anyone would fall... Read more...
Prev 1 2 3 4 5 Next ... Last