A naukri.com initiative
Malware News
Medium
2w
8
Image Credit: Medium
The Morris Worm
- The Morris Worm was a self-replicating program created in 1988 by Robert Tappan Morris.
- Originally intended to measure the size of the internet, the worm ended up spreading rapidly due to a coding error.
- It targeted vulnerabilities in Unix-based systems, particularly exploiting the Sendmail program and weak passwords.
- The Morris Worm raised awareness about internet security and led to the prosecution of Robert Tappan Morris.
Read Full Article
Like
Cybersecurity-Insiders
2w
126
Image Credit: Cybersecurity-Insiders
Google Enterprise Security Program offers enhanced Malware and Phishing protection
- Google has introduced Chrome Enterprise Premium, a subscription service that offers enhanced malware and phishing protection.
- The premium offering includes advanced features such as deep scanning capabilities and robust data loss prevention mechanisms.
- Google has postponed the implementation of third-party cookies in Chrome to comply with emerging privacy regulations.
- Chrome version 120 will not be compatible with Android Nougat devices, potentially compromising browser stability and security for these users.
Read Full Article
7 Likes
Securityaffairs
3w
284
Image Credit: Securityaffairs
Sweden’s liquor supply severely impacted by ransomware attack on logistics company
- A ransomware attack on a Swedish logistics company Skanlog severely impacted the country’s liquor supply.
- Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack.
- It affects about 15% of Systembolaget's sales volume, particularly wine and liquor.
- Systembolaget plans to implement backup procedures to address potential delays in deliveries.
Read Full Article
17 Likes
Dev
3w
402
Image Credit: Dev
New Malware Analysis Tutorials
- CyberChef is a powerful tool in malware analysis, simplifying data tasks and offering features like data conversion, encryption, networking operations, and more.
- API Monitor is essential for malware analysis as it allows real-time monitoring and capturing of API calls, providing insights into how malicious software interacts with the operating system.
- Threat intelligence helps analysts predict and counteract cyber threats by leveraging prior attack data. It enhances analysis capabilities, preparing professionals for potential threats.
- Effective malware detection combines techniques such as heuristic evaluation, behavior monitoring, and signature detection. Using a combination of these techniques is crucial for accurate threat detection.
Read Full Article
24 Likes
Cybertalk
3w
284
Image Credit: Cybertalk
Ransomware attack causes city street lights to “misbehave”
- A cyber attack has caused street lights in Leicester, England to malfunction, remaining illuminated during both day and night for the past six weeks.
- The attack, carried out by the INC Ransom group, affected the 'central operating system' for the street lights.
- Residents have expressed concerns about the high energy consumption and costs resulting from the continuous illumination of the street lights.
- The Leicester City Council is working with law enforcement and cybersecurity agencies to investigate the incident and aims to resolve the issue by the end of the first week in May.
Read Full Article
17 Likes
Gbhackers
3w
328
New DragonForce Ransomware Emerged From The Leaked LOCKBIT Builder
- Hackers exploit LOCKBIT Builder to create customized ransomware payloads and evade detection.
- DragonForce Ransomware emerged, employing double extortion tactics of data theft and encryption.
- DragonForce's binary is based on the leaked LOCKBIT Black builder, allowing customization of attack methods.
- DragonForce utilizes the leaked LOCKBIT infrastructure for operational efficiency and anonymity.
Read Full Article
19 Likes
Gbhackers
3w
232
Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections
- Attackers are employing evasion techniques to bypass detection and extend dwell time on compromised systems.
- Defenders are improving detection speed, but face challenges such as ransomware identification and bypassing multi-factor authentication.
- Cloud infrastructure is under attack, prompting the use of AI for better security outcomes.
- Ransomware incidents are often discovered externally, and investigations into ransomware attacks are on the rise.
Read Full Article
13 Likes
Cybersecurity-Insiders
3w
127
Image Credit: Cybersecurity-Insiders
Ransomware Attacks Shake Automotive and Beverage Industries
- German automaker Volkswagen has been targeted in a ransomware attack, resulting in the theft of sensitive data related to electric vehicle developments and other technologies.
- Volkswagen is conducting an investigation into the incident to determine the extent of the breach and identify the perpetrators.
- A separate ransomware attack on logistics firm Skanlog in Sweden has raised concerns about potential alcohol shortages in the country.
- The attacks highlight the growing threat of cyber attacks to critical infrastructure and the need for enhanced cybersecurity measures.
Read Full Article
7 Likes
Securityintelligence
3w
595
Image Credit: Securityintelligence
Researchers develop malicious AI ‘worm’ targeting generative AI systems
- Researchers have developed a new worm called 'Morris II' that targets generative AI systems.
- The worm uses popular AI services to spread, infect new systems, and steal data.
- It utilizes an adversarial self-replicating prompt to trick language models into generating malicious prompts.
- The worm has capabilities for data exfiltration and spam propagation, demonstrating the potential dangers of AI security threats.
Read Full Article
6 Likes
Siliconangle
3w
320
Image Credit: Siliconangle
Coalition reveals uptick in cyber insurance claims driven by ransomware in 2023
- A new report by Coalition Inc. reveals an increase in cyber insurance claims in 2023, driven by ransomware attacks.
- During 2023, Coalition witnessed a 13% YoY rise in claims, with ransomware claims being the primary driver.
- 52% of reported matters were resolved without out-of-pocket payments by policyholders.
- The report emphasizes the importance of email security and recommends prioritizing cybersecurity measures.
Read Full Article
19 Likes
Cybersecurity-Insiders
3w
57
Image Credit: Cybersecurity-Insiders
Ransomware testing being done on developing countries
- Hackers are conducting ransomware tests in developing regions such as Africa, Asia, and South America before targeting Western countries.
- Countries like India, Pakistan, Sri Lanka, Maldives, Singapore, Chile, and Malaysia are being used as testing grounds.
- Developing countries are attractive targets due to their digitalization and weaker security infrastructure.
- Groups like Medusa are carrying out attacks and selling their techniques, posing a growing threat.
Read Full Article
3 Likes
Securityaffairs
3w
65
Image Credit: Securityaffairs
Hackers hijacked the eScan Antivirus update mechanism in malware campaign
- A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners.
- Threat actors employed two different types of backdoors and targeted large corporate networks.
- The campaign is believed to be attributed to North Korea-linked AP Kimsuky.
- The eScan antivirus provider has addressed the vulnerability in the update mechanism.
Read Full Article
3 Likes
Socprime
3w
394
Image Credit: Socprime
Forest Blizzard aka Fancy Bear Attack Detection: russian-backed Hackers Apply a Custom GooseEgg Tool to Exploit CVE-2022-38028 in Attacks Against Ukraine, Western Europe, and North America
- The cyber-espionage hacking collective known as Forest Blizzard (aka Fancy Bear, STRONTIUM, or APT28) has developed a custom tool called GooseEgg malware to exploit the CVE-2022-38028 vulnerability in Windows Print Spooler.
- Forest Blizzard is actively targeting organizations in Ukraine, Western Europe, and North America, using intelligence-gathering attacks to escalate privileges, steal credentials, and deploy malware.
- The campaign leverages GooseEgg to gain elevated access to systems, leading to remote code execution, backdoor deployment, and lateral movement within networks.
- Security experts recommend proactive defense strategies and mitigation steps, such as deactivating the service on domain controllers, to minimize the risk of adversary intrusions.
Read Full Article
23 Likes
Medium
3w
324
Image Credit: Medium
The Hidden Danger: CoralRaider’s Cache Caper — How a Malware Campaign Exploited CDNs to Spread…
- The CoralRaider Cache Caper is a concerning malware campaign that exploited Content Delivery Networks (CDNs) to spread.
- Mitigating the threat involves fortifying defenses and taking necessary steps to protect against such attacks.
- The evolving threat landscape highlights the need for businesses and individuals to remain vigilant and adapt security strategies.
- By adopting a multi-layered approach, educating employees, and staying updated on emerging threats, we can collectively enhance our digital defenses and mitigate the impact of cyberattacks like CoralRaider.
Read Full Article
19 Likes
Medium
3w
171
Image Credit: Medium
The Inescapable Threat: Ransomware and Data Breaches in 2024 — A Business’s Cybersecurity Nightmare
- Ransomware and data breaches pose a relentless threat to businesses of all sizes.
- Early detection is critical to minimize damage and businesses can identify suspicious activity to counter the attack.
- Prevention is paramount and businesses can create a robust cybersecurity posture to build a fortified defense.
- By prioritizing data security and implementing strong security practices, businesses can minimize the risk of becoming a victim.
Read Full Article
10 Likes
For uninterrupted reading, download the app