Items tagged with Malware
A freelance security consultant and Handler at SANS Internet Storm Center has discovered a rather interesting exploit in Microsoft Word, one that allows an attacker to abuse the productivity program's ability to auto-update links. This is a feature that is enabled by default—when you add links to external sources like URLs, World with automatically update them without any prompts. Therein lies the issue. "The infection vector was classic: The document (‘N_Order#xxxxx.docx with 5 random numbers) was received as an attachment and has a VT score of 12/59 this morning. The file has an embedded link...
Read more...
For a long time, Apple's Mac line of computers were thought by some users to be immune to malware and viruses. Some of that was due to hackers and nefarious sorts aiming for the low hanging fruit of the much larger Windows user base. Things have changed with Macs growing in popularity over the years and there are many different viruses and malware out there that target Mac users today. MacRansom was one of the latest bits of malware aimed at Apple fans, and now, a malware called Fruitfly is ready to wreak havoc. The malware has reportedly been making the rounds for years (perhaps...
Read more...
Here's something you don't see too often: a ransomware creator unearthing the master decryption key for public consumption. That's exactly what we're seeing from Petya's original developer, allowing those affected by certain versions of Petya to recover their data, and developers the ability to create decrypters to make the entire process that much easier. Unfortunately, there are a number of major caveats here. The biggest one is the fact that most of those affected by these specific versions of Petya dealt with it last year, not recently. It stands to reason that many of those folks did not clone...
Read more...
Imitation may not be the sincerest or safest form of flattery. Check Point Software Technologies Ltd. researchers just revealed that CopyCat Android malware infected 14 million devices worldwide in 2016, and eight million of these infected devices were also rooted. How was this malware so successful? According to Check Point, CopyCat has a modular structure. They noted, “This allows the malware developers to choose and change their strategy and the malware’s behavior on the device to accommodate their current target.” CopyCat mimicked popular apps that were spread through third-party distributors....
Read more...
Over the past few years, one of the most prevalent types of malware has been ransomware - an infection that automatically locks down your sensitive data, and then makes you buy it back with your hard-earned cash. In May, one of the hardest-hitting ransomware strikes occurred, via the appropriately named WannaCry. Now, that's "old" news; today, the major threat is Petya, another piece of ransomware. Or is it? That's the big question. As we covered a couple of times this week, Petya is designated as ransomware that seems to be mostly striking computers in Europe. If infected, the user is told to...
Read more...
There are no days off in Redmond, at least not for Microsoft. Hot on the heels of dealing with the WannaCry ransomware outbreak, Microsoft has now addressed reports of a new ransomware making the rounds, one that shares similar code with Petya, a nasty piece of ransomware in and of itself. What makes this new strain so dangerous is that it is capable of spreading across networks like a worm. This new ransomware is more sophisticated than the original Petya outbreak. According to Microsoft, the initial strain seems to originate from a Ukrainian company that builds a pierce of accounting software...
Read more...
Recent ransomware scares such as the WannaCry outbreak have collectively put a spotlight on PC security. It has even prompted Microsoft to release patches for unsupported operating systems, including Windows XP and Windows Vista. However, it is Windows 10 that receives the lion's share of Microsoft's security efforts, and we will see that on display when the Fall Creators Update arrives in a few months. Among other things, the Fall Creators Update will represent a "hardening" of the Windows platform. Security has always been a major focal point with Windows 10, but in a blog post outlining some...
Read more...
Here’s the thing about most types of mobile malware in the wild; they’re avoidable. That doesn’t mean, however, if you’re not paying attention--and especially if you’re the type that likes to customize things as the Android platform is so capable of--that you might not stumble into some nasty code deplorables. Such is the case with a new, very sneaky strain of Android ad malware that has been downloaded to literally millions of devices globally, though predominantly in Southeast Asia. AndroidOS_Xavier_AXM, or Xavier for short, as it is more commonly known, is a tricky little payload that has been...
Read more...
Getting on-board with an operating system like Windows 10 S may be difficult for some users. Only a certain type of user would purposefully opt to use a whittled-down, locked-down OS by choice, but for the security conscious, it makes a lot of sense. After all, 10 S is still Windows -- it's just supposed to be safer. That's been Microsoft's message since the OS' launch, and its logic is sound: the more locked-down an OS, the lower the chances are that a piece of malware -- including ransomware -- will make it onto the system. To put it simply, using Windows 10 S is akin to locking your doors...
Read more...
It seemed for a moment that the WannaCry ransomware that wreaked havoc at hospitals across Europe had been neutralized, but apparently it is still causing disruptions. The latest report comes from Honda Motor Co., which said on Wednesday that it had to shut down one of its factories in Japan after discovering that WannaCry had wormed its way onto the company's computer network.Honda temporarily ceased production at its Sayama plant located northwest of Tokyo. That particular factory produces several Honda automobile models, including the Accord sedan, Odyssey minivan, and Step Wagon compact vehicle....
Read more...
The notion that Mac systems are immune to malware is just plain wrong. Sure, Macs might be less susceptible to malware than Windows-based PCs, but they are certainly not exempt from security threats. Proving otherwise, two different security outfits have put out warnings about separate threats targeting Mac users. One of them pertains to ransomware, where a user's documents and files are encrypted and held hostage until a ransom is paid, and the other is a spyware application that sniffs out sensitive information.Image Source: Apple Starting with the former, security outfit Fortinet said its labs...
Read more...
If you're a Raspberry Pi user who's never changed the default password of the "pi" user, then heed this warning: change it. A brand new piece of malware has hit the web, called "Linux.MulDrop.14", and it preys on those who haven't secured their devices properly. Linux.MulDrop.14 looks to be a simple piece of malware, but what it does wouldn't be acceptable by any RPi owner. After scanning for RPis with an open (and default) SSH port, the "pi" user is logged into (if the password is left default), and the password is subsequently changed. After that, the malware installs ZMap and sshpass software,...
Read more...
Most wireless routers are equipped with a series of LEDs to indicate things like network connectivity and activity, though if a router has been compromised with malware, those blinking lights could reveal more than the owner bargained for. Using specially crafted malware, an attacker could instruct those LEDs to transmit data in a binary format.Image Source: TP-Link The attack was outlined in a paper by a team of researches from the Cyber Security Research Center at the Ben-Gurion University of the Negev in Israel. It is the same team of security researchers that previously wrote about data exfiltration...
Read more...
The folks at Kaspersky, one of the biggest antivirus companies on the planet, are not too pleased with Microsoft's recent Windows design cues. Last year, the company filed a complaint against the Redmond company with Russia's Federal Antimonopoly Service (FAS), and recently, it did the same thing in Europe. Any mention of Windows and "monopoly" make this complaint easy to figure out without even looking at it. Kaspersky has a beef with how Microsoft promotes the use of its Defender antivirus / anti-malware app over third-party solutions. One issue in particular is how Windows acts as a bit of a...
Read more...
