A major botnet operation has been attacking and taking over the web shells (backdoors on web servers) of other malware operations for more than a year, security researchers from Positive Technologies have revealed. Researchers linked the botnet to a former Windows trojan named Neutrino (also known as Kasidet), whose operators appear to have shifted from targeting desktop users to online servers, on which they install a cryptocurrency-mining malware.
ISBuzz Team
New study reveals 42 percent of organisations are concerned about cloud security but many fail to carry out any security testing on the environment With the recent exposure of a huge data breach affecting US bank Capital One, cloud security has once again been put under the spotlight. However, a recent survey from Outpost24 has revealed that many companies today would be unable to detect abnormalities in their cloud environment, while 37 percent have already experienced a cyberattack on their cloud systems. As more organisations embrace digital transformation and migrate to the cloud – the results of the survey highlight…
It has been reported that security researchers recently found and analysed a worm-cryptominer combo that pauses the resource-intensive cryptomining process if it finds popular games running on the victim’s machine.. The malware combines Python and PowerShell to create a cryptocurrency miner, which also has a worm-like component that helps it move laterally and infect victims by using vulnerabilities such as the NSA-linked EternalBlue.
An employee walks over to your office, fingers fidgeting and brow sweating. They tell you that there’s something you have to see. Concerned, you quickly rush to their desk. On their computer screen is a single message that reads: “We have gained access to your computer and your files have been encrypted. If you want your data back, you’ll need to pay us.” Your company has been hit with ransomware, the malicious digital ransom note that is every exec’s nightmare. Unfortunately, this is becoming more common with 86 percent of SMEs having been recently victimized by ransomware in 2019, and…
It was recently reported that movie ticket subscription service MoviePass has exposed tens of thousands of customer card numbers because a critical server was not protected with a password. The database contained 161 million records at the time of writing and growing in real-time. Many of the records were normal computer-generated logging messages used to ensure the running of the service — but many also included sensitive user information, such as MoviePass customer card numbers. In fact, more than 58,000 records contained card data — and that number was growing by the minute.
A curious case of web-based card skimming activity revealed that the Poker Tracker website had been compromised and loaded a Magecart script – code that steals payment information from customers. Online poker enthusiasts use the Poker Tracker software suite to improve their winning chances by making decisions based on statistics compiled from the opponents’ gameplay, Bleeping Computer reported.
It has been reported that iPhone hackers have discovered Apple’s most recent iOS update, 12.4, released in July, accidentally reopened a code-execution vulnerability that was previously patched – a vulnerability that can be abused to jail-break iThings. A security researcher going by the name of Pwn20wnd released a public jailbreak that exploits the reintroduced bug, and marks one of the first free and open jailbreaks for iOS devices in years.
Any CIO (and there are a lot of them) can tell you that defence against cyberattacks is a core issue facing their corporation. All companies need defensive techniques that defend them against any form of cyberattack that is used to cause harm, exert control over, or even kill a company’s ability to operate. And, today the darkest of “dark arts” in the world of IT is being designed and deployed, not by wizards or warlocks, but by machines and artificial intelligence (AI). With all the press and literature about AI taking away jobs or helping usher in a new wave…
In response to findings published today in Krebs on Security on The Rise of “Bulletproof” Residential Networks, an expert with Cequence Security offers perspective on Brian Krebs’ research and Cequence Security’s own recent findings on Bulletproof Proxy Networks.
It has been reported that the Department of Information Resources (DIR) has confirmed that the state of Texas has been responding to a cyber-attack that has affected at least 23 government agencies. Details are at a minimum at the moment as the Department of Information Resources (DIR) leads the response and investigation into the attacks. Texas released a brief notification advising affected local jurisdictions to call the state’s Division of Emergency Management for assistance. The attacks started in the morning of August 16 and based on the collected evidence appear to have been conducted by a single threat actor. The latest development…