Wednesday , 13 December 2017
Home » Author Archives: Dean Alvarez (page 129)

Author Archives: Dean Alvarez

Dean is Features Editor at IT Security Guru. Aside from cyber security and all things tech, Dean's interests include wine tasting, roller blading and playing the oboe in his Christian rock band, Noughts & Crosses.

You can reach Dean via email - dean@itsecurityguru.org

80% of European Businesses Under Threat of DDoS Ransom Attacks Over Next 12 Months, Corero Finds

Research from Corero Network Security has found that 80% of European IT security professionals expect DDoS ransom attacks to target their business within the next 12 months. A poll of experts at the InfoSecurity Europe conference made evident the fears of cyber extortion attempts in the UK and Europe. Furthermore, warnings were issued by the City of London Police in ... Read More »

Researcher pops locks on keylogger, finds admin’s email inbox

Trustwave researcher Rodel Mendrez has gained access to the inbox of the criminal behind a commercial keylogger used to attack industries including finance, cloud services, logistics, foreign trade, and government. Mendrez’s reverse engineering effort found credentials buried within the Hawkeye keylogger that lead through redirection to the author’s inbox. Attackers behind Hawkeye were siphoning from compromised machines browser, email, and ... Read More »

Spam Campaign Distributing Locky Variant Zepto Ransomware

Zepto, supposedly a variant of the well-known Locky ransomware, was recently spotted in a distribution campaign that involved over 100,000 spam messages, Cisco Talos security researchers warn. Spotted for the first time in February, Locky needed only a couple of weeks to become one of the largest threats in the ransomware landscape, but it needed several months to spawn its ... Read More »

EU Looks To Protect Europe With £1.5bn Cybersecurity Programme

The European Commission (EC) is trying to better equip Europe against cyberattacks by launching a public-private partnership on cybersecurity worth €1.8 billion (£1.5bn). The investment, which should be completed by 2020, is hoped to strengthen the competitiveness of Europe’s cybersecurity sector. The effort is part of the Commission’s larger Digital Single Market strategy, with the organisation aiming to reinforce cooperation ... Read More »

Get Rich! Binary Stock Trading Spam

How would you like to make over $1100 DAILY using a system with a  97%+ proven success rate, 24/7 support and all while sitting back and letting the money earn itself? Sound too good to be true? Logic dictates that it probably is. This is what one email campaign is promoting and is our spotlight spam in this week’s Threat Thursday series. The AppRiver security research ... Read More »

ITSG Goes to HackFu 2016 with MWR InfoSecurity

Not long ago, the Guru received news from MWR InfoSecurity that they were hosting an elite cybersecurity event in the South of England. We sent Dulcie down to see what was happening, as challenges kicked off and 100 experts were tasked with defusing 5 nuclear bombs within 48 hours. To learn more about MWR InfoSecurity, visit: https://www.mwrinfosecurity.com Follow them on ... Read More »

Guru Briefing: SentinelOne on Ransomware

News from SentinelOne today has announced a new variation of the CryptXXX Ransomware, which they’ve clocked earning over $50,000 in Bitcoin payouts for its proponents thus far. As with other popular ransomware strains that have been improving with each iteration, the new CryptXXX is unbreakable by decryption tools and has already proven to be very successful in forcing ransom payments. ... Read More »

US gov vulnerability disclosure requires oversight, says new report

The US government should overhaul its policies on vulnerability disclosure according to a new report. Authored by Ari Schwartz and Rob Knake, the paper seeks to cut a middle ground between those who say that the government has the right to collect and exploit vulnerabilities and those, like Bruce Schneier, who says it does not. It takes specific aim at ... Read More »

Botnet-powered account takeover campaign hit unnamed bank

A single attacker has mounted two massive account takeover (ATO) campaigns against a financial institution and an entertainment company earlier this year, and used a gigantic botnet comprised of home routers and other networking products to do it. “ATO attacks (also known as credential stuffing) use previously breached username and password pairs to automate login attempts. This data may have ... Read More »

Kremlin wants to shoot the Messenger, and WhatsApp to boot

Russian media outlets report that laws mandating encryption backdoors have been tabled in the Duma. If accurate, you could expect an exodus of US services from the country. This Russian-language report, once the Vulture South hack was able to untangle translations like “proposed a fine messenger”, sets down the basics: those providing messaging applications like WhatsApp and Telegram would face ... Read More »