SpyNote RAT posing as Netflix app Mobile Malware As users have become more attached to their mobile devices, they want everything on those devices. There’s an app for just about any facet of one’s personal and professional life, from booking travel and managing projects, to buying groceries and binge-watching the latest Netflix series. The iOS and Android apps for Netflix are enormously popular, effectively turning a mobile device into a television with which users can stream full movies and TV programs anytime, anywhere. But the apps, with their many millions of users, have captured the attention of the bad actors, too, who are exploiting the popularity…
ISBuzz Team
Libraries across the US city of St Louis have been hit by a serious ransomware attack, with cyber criminals disabling the systems of 17 libraries and demanding a ransom to restore them. While the libraries were able to restore their systems from a backup, the attack meant that no one was able to borrow books or use the computers across the weekend. St Louis Public Library is now working with the FBI in order to establish how the criminals broke into the systems and to correct any existing problems. IT security experts from Varonis, Tripwire, DomainTools and ESET commented below. David…
Following the news that a new website, ripper.cc is a new service cyber criminals are using to prevent themselves being ‘ripped off’ by fellow criminals, Kyle Wilhoit, Senior Security Researcher at DomainTools commented below how this will affect hacker’s accounts. Kyle Wilhoit, Senior Security Researcher at DomainTools: “Not surprisingly, scammers are going to scam each other. Because of that, a site like this is not surprising. There are several additional sites similar to ripper.cc, they are just foreign language oriented. Will there be a big difference made because of this site? Probably not. However, one thing that matters in these types of marketplaces is the…
Passwords have not been updated to cope with an increasingly digital economy and the rise of IoT The expected growth of the global Internet of Things (IoT) market will lead to increased security risks as hackers are presented with a greater surface area to compromise. This is according to Dave Worrall, CTO at Secure Cloudlink, who argues that passwords as a means of authentication have not been updated to cope with the rise of IoT and an increasingly digital economy, therefore they must be eliminated from the IoT equation. Recent research has revealed that the IoT market is expected to increase…
A Quarter of Enterprises Experienced a Breach in the Past Year Pointing to Reliance on Multiple Systems, Limited Budget and Staff as Contributing Factors London, UK. DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today released its 2017 Cybersecurity Report Card global research. Developed in conjunction with cybersecurity veteran Byron Acohido, the survey of more than 550 security analysts, IT managers, and executives revealed that the majority of organizations are struggling to monitor and prevent cyberattacks on their network. More than one in four organizations have been breached in the past 12 months, while shockingly 23 percent aren’t sure…
Following the news about security fail of highest proportions, Charter Spectrum, the second largest cable provider in the US has urged customers to change their wi-fi passwords in support of their favourite Super Bowl team. It tweeted: “Change your WiFi password and show guests where your loyalty lies! #ThatsMyTeam”. Cesare Garlati, Chief Security Strategist at the prpl Foundation commented below. Cesare Garlati, Chief Security Strategist at the prpl Foundation: “By getting customers to change their passwords to either “GO_NEWENGLAND” or “GO_ATLANTA” it completely takes the guess work away from anyone who can easily force their way onto the customer’s wi-fi network, which…
The United States is leading the way in data breaches according to Risk Based Security’s 2016 Year End Data Breach. The report shows that 47.5 percent of announced data breaches that exposed user data in came from the U.S. IT security experts from Tripwire commented below. Dwayne Melancon, VP of Product at Tripwire: “The US is a leading world economy – and one of the most connected economies – so it isn’t surprising that nearly half of the world’s data breaches are in the US. A lot of organizations have gone after the “quick fixes” for information security, but that…
New Citrix research reveals two in five large UK businesses have now fallen victim to a ‘bluff’ ransomware campaign LONDON, United Kingdom. Today, new research has revealed that two in five (39 per cent) large UK businesses have fallen victim to a ‘bluff’ ransomware attack, with almost two thirds (61 per cent) of those organisations paying out a ransom as a result. The research – commissioned by Citrix and carried out by One Poll – quizzed 500 IT decision makers in companies with 250 or more employees across the UK to glean further insights into the threat of ‘bluff’ ransomware attacks. This refers to a…
Following the news about the EnergyRescue ransomware app found its way into Google Play and managed to make at least one victim. The app has since been removed by the Android team. IT security experts from Tripwire commented below. Tim Erlin, Sr. Director, Product Management at Tripwire: “Both Google and Apple put in quite a lot of effort to keep malicious apps out of their respective repositories, but no system is perfect. Criminals are constantly testing the defenses in place with new techniques to sneak malicious apps past. While it may seem tedious to most users, really checking the permission requested by…
Context Researchers discover SMS-based vulnerabilities in Samsung Galaxy devices Android phones are still vulnerable to SMS-based attacks according to researchers at Context Information Security. One of the bugs found by Context in older models of Samsung Galaxy devices could be triggered remotely and rendered the device unusable until a factory reset was performed, leaving users open to ransomware attacks. The vulnerability was triggered by the type of SMS messages sent by manufacturers and network operators for configuring carrier and other device configuration settings. While Context alerted the Samsung Mobile Security Team who were quick to fix the problem and release…
