Kaspersky Lab researchers have detected NukeBot – new malware which has been designed to steal the credentials of online banking customers. Earlier versions of the Trojan were known to the security industry as TinyNuke, but lacked the features necessary to launch attacks. The latest versions however, are fully operable, and contain code to target the users of specific banks. Although the appearance of a malware family in the wild is not unusual, the fact that criminals have a ready-to-attack version of the Trojan, means that soon they may initiate a wide-scale malicious campaign, to infect multiple users. As an…
ISBuzz Team
With news that the UK energy sector is likely to have been targeted and probably compromised by hackers, please see below for comment from David Emm, principal security researcher at Kaspersky Lab, and relevant statistics from Kaspersky Lab research. “The world isn’t ready for cyber threats against critical infrastructure, but criminals are clearly ready and able to launch attacks on these facilities – as the widely-speculated compromise of the UK’s energy sector shows. We’ve seen attempts on power grids, oil refineries, steel plants, financial infrastructure, seaports and hospitals – cases where organisations have spotted attacks and acknowledged them. However, many more companies do neither, and the lack of reporting…
New Report from Cyphort and Osterman Research Puts Spotlight on SIEM User Challenges and How Incident Responders Spend Their Time Cyphort, Inc., today released a report, “The Complexities of SIEMs and Their Impact on IR Processes,” based on new research conducted by Osterman Research, which surveyed SIEM users in 130 enterprise-level organizations across the U.S. While the majority of users said they were “mostly” satisfied with their SIEM, the data also revealed respondents’ widespread dissatisfaction with the threat investigation and analysis capabilities available through their SIEMs, and further incident resolution delays. “I think it’s generally accepted that many SIEMs have not performed…
Devil’s Ivy, a new zero-day exploit has been discovered that could affect IoT users who use a third-party toolkit call gSOAP, an XML web services development tool, according to security researchers from Senrio. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “Zero-day exploits are waiting to be discovered on every operating system. This means compromises are inevitable. Organizations should be baselining the behaviors of IoT devices with network traffic analytics systems. Communication patterns that emerge out of what is expected from IoT devices is often a telltale sign of an infection.”
With the news that two malware families, NemucodAES and Kovter are being packaged together in .zip attachments and are being delivered via active spam, AlienVault Security Researcher, Chris Doman has given advice on how to protect against it. Chris Doman, Security Researcher at AlienVault: “The best advice with ransomware is to always maintain regular backups that ransomware can’t touch. In the case of NemucodAES, Emsisoft recently published a decrypter for some versions. “Criminals often pair two different malware families together in the hope that anti-virus software may detect one but not the other. “Previously, we’ve seen the Locky ransomware distributed with Kovter – now it…
News broke earlier today that US-based and international courier delivery service FedEx admitted on Monday that some of its systems were significantly affected by the NotPetya ransomware, and some of the damage may be permanent. FedEx was just one of the many businesses across the world hit by the NotPetya ransomware, a cyber-weapon designed to attack organizations in the Ukraine, but which spread to other countries via VPNs and internal networks. IT security experts commented below. Andrew Clarke, EMEA Director at One Identity: “The sting in the tail for Fedex as a result of this incident is not the ongoing effects of the malware but of the…
Trust is earned in drips and lost in buckets. While every brand wants to build online relationships, putting consumers in control of their privacy is a must for brands today. As usual, there’s a lot going on in the world of consumer privacy and security. Data breaches reported by the likes of Yahoo, LinkedIn and others illustrate the need for consumers to be better educated and more vigilant when it comes to securing their personal information. With the rise of the Internet of Things (IoT) – which contributes to the interconnectivity of everything – these issues won’t be on the…
29% of UK firms will add cyber security to the boardroom agenda following WannaCry attack 58% of UK organisations now feel another attack is imminent UK less likely than USA, Australia and Germany to proactively read, seek advice or change passwords in the wake of the attack Theale UK – New research by leading information security company Clearswift shows how attitudes to cyber security have changed in the boardroom and among staff in the wake of the recent WannaCry attack, surveying 600 business decision makers and 1,200 employees across the UK, US, Germany and Australia. Within a day the WannaCry attack, which affected…
News broke yesterday that a data breach at Newcastle City Council has led to the details of adopted children being exposed. Names, addresses and birth dates of 2,743 adopted children, alongside details of parents, social workers and former adoptees, were included in a spreadsheet attached to the city’s annual adoption summer party. As many as 77 people received the attachment. IT security experts commented below. Andrew Clarke, EMEA Director at One Identity: “One of the key security measures in an organisation is to ensure that the access control policies are deployed effectively. It is really important that a solution is in place that protects an…
Rough Ted, a malvertising campaign has affected companies in 150 countries according to the latest Check Point Global Theat Impact Index. The malvertising delivered links to malicious websites along with scams, adware, exploit kits and ransomware. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “The amount of malware circulating in the digital ecosystem has more than doubled in the past two years, and shows no signs of abatement. But, malvertising is just one vector for web-delivered malware. As more enterprises are realizing, the third-party vendors that make up any public-facing website are…
