ESET has uncovered several examples of malware being distributed via a strategic web compromise. In late October and early November this year, visitors to ammyy.com were offered a bundle containing not only the company’s legitimate Remote Desktop Software, Ammyy Admin, but also malware. ESET researchers noticed in late October that, for about a week, visitors to ammyy.com were downloading an installer that contained malware along with the Ammyy product. While Ammyy Admin is legitimate software, it has a long history of being used by fraudsters and several security products, such as ESET’s, detect it as a Potentially Unsafe Application. Similarly,…
ISBuzz Team
One of the trailers for the latest James Bond movie features the presumed head of the evil Spectre organization, a menacing Christoph Waltz, taunting our hero with the words, “You came across me so many times, yet you never saw me… what took you so long?” Those lines could easily be uttered by any number of villains responsible for the data breaches dominating our news headlines. State-sponsored attacks, corporate espionage, malware, organized cyber-thievery, and insiders with an axe to grind all add up to real-world, Spectre-like foes. Enterprises need 007-calibre operatives on mission to discover, contain, and combat their own…
Research by Kaspersky Lab and B2B International shows the relationship between users and their digital devices is often closer than best friends, with 29 per cent taking them to the bathroom and 25 per cent sharing secrets with their device they don’t want anyone else to know. However, this trust could be leaving users at risk, as devices can be hacked and private information exposed to the world. The study found that the overwhelming majority of people (87 per cent) store important, confidential and sometimes irreplaceable information on their smartphones, including passwords, messages, photos, contacts, files and more. One in…
A spate of scams in which criminals use technology to take over victims’ computers has been reported by an anti-fraud group. Financial Fraud Action, a body set up by the financial services industry, said that fraudsters were impersonating major companies to steal money. They claim they are fixing a slow internet connection, but trick firms into allowing funds to be transferred. Some claim to be calling as a result of recent high-profile data breaches. While “working” on the internet fault, the fraudster claims the victim is entitled to compensation and asks them to log into their bank account. The scammers…
Hilton Hotels have issued a statement confirming rumours that have swirled around for the last couple of months, stating that malware had found its way onto point-of-sale systems and stole payment card information. That stolen information includes cardholder names, payment card numbers, security codes and expiry dates. However, addresses and PINs have not been exposed. Right now Hilton doesn’t appear to be sharing any information about how many or which hotel locations may have been affected by the breach, or whether the attack was limited (as was the case in other attacks on hotel chains) to point of sales devices…
There has been lots of discussion in the past two weeks, which is sure to continue; about the role that end-to-end encryption plays in criminal and terrorist activity around the world. One of the common misconceptions in these stories is that end-to-end encryption technology can effectively allow people to ‘go dark’ and communicate invisibly. In the below comment Jonathan Parker-Bray, CEO of Criptyque, makers of the newly launched, secure communications solution Pryvate, explains why this is not the case and proposes a radically different approach for addressing malicious mobile phone use in the UK. [su_note note_color=”#ffffcc” text_color=”#00000″]Jonathan Parker-Bray, CEO of…
HPE Security and Tripwire, respectively, have issued comments on news of a point-of-sale payment card data breach at Starwood Hotels involving at least 54 locations. [su_note note_color=”#ffffcc” text_color=”#00000″]Lane Thames, Security Researcher at Tripwire : “In today’s interconnected world, there is no place to hide. If a company has any type of payment processing system, then rest assured someone, somewhere, has or will eventually try to find a way to break in to steal valuable payment-related information. Merchants and consumers all need to understand this because no one is immune from the vast infestation of malware and malicious actors roaming around…
David Emm, Principal Security Researcher at Kaspersky Lab, in light of the latest news which revealed that the number of children who believe everything they read online has significantly increased. Ofcom has released new research which has shown that the number of children who believe everything they read on web pages and in social media has doubled, indicating that we are raising a generation of ‘digital natives’ who are too trusting of what they find online. At the same time, new research from Kaspersky Lab has revealed that there is also a communication breakdown between children and their parents, with…
A spate of scams in which criminals use technology to take over victims’ computers has been reported by an anti-fraud group. Financial Fraud Action, a body set up by the financial services industry, said that fraudsters were impersonating major companies to steal money. They claim they are fixing a slow internet connection, but trick firms into allowing funds to be transferred. Some claim to be calling as a result of recent high-profile data breaches. While “working” on the internet fault, the fraudster claims the victim is entitled to compensation and asks them to log into their bank account. The scammers…
The ModPOS malware has pilfered “multiple millions” of debit and credit cards from the unnamed but large retail companies incurring millions of dollars in damages. The attackers have operated in a low-key, ultra professional manner since late 2013 and has only come to light after weeks of painstaking reverse-engineering efforts by malware experts. They have kept mum, too. Cybercrime forums are entirely devoid of references to the malware. “This is POS [point-of-sale] malware on steroids,” iSight Partners senior director Steve Ward says. “We have been examining POS malware forever, for at least the last eight years and we have never…