News

191, 970 bad ads and an estimated 1 million users have been impacted by a Malware in Ad-based images, researchers have discovered. A massive adware campaign that hides malware in image files using steganography techniques has impacted up to a million Mac users. When a user clicks on an infected image, the malicious ad infects the Mac user with the Shlayer trojan. Source: Threatpost

Named hAnt, this ransomware strain was first identified in August 2018, but new infections have been reported this month. The ransomware targets Bitcoin mining rigs with most infections located in China. hAnt infects a mining rig, locking up the device and requesting that 10 Bitcoin ($36,000) ransom is paid or the victim must infect at least 1000 other devices to remove the ransomware. Source: ZD Net

Anatova ransomware emerged on 1st January 2019 and was discovered by security researchers at McAfee. The software is infecting users around the world by posing as an application or game. Users are tricked into downloading and launching these malicious files onto their computer. The largest number of victims are in the US but the ransomware has also been spotted in Belgium, Germany, France and UK. Source: ZD Net

24 million financial and banking documents have been found on an unprotected server, running an Elasticsearch database. The server had decade’s worth of data, including highly sensitive financial data, social security numbers, names, loan and mortgage agreements, and repayment schedules. The leak was traced to Ascension, a data analytics company, that converts paper documents into computer files. Source: Techcrunch - find out more

Threat Researchers at Securonix have reported a rise in attacks that target vulnerabilities in Hadoop components, such as Hadoop YARN, Redis and ActiveMQ. The researchers warned of an increase in the number of multi-vector and multi-platform automated attacks against cloud infrastructure over the past few months. These attacks frequently include crypto mining, ransomware and botnet malware. Source: The Register

IoT devices were popular gifts again this holiday season. An acronym for Internet of Things, IoT is more than a buzzword. The trend represents a huge shift in how products are made and used, as network connectivity is added to products that were not previously intended to have this functionality. So, your refrigerator that sends you a text message when you're out of milk: IoT. Your thermostat that provides usage graphs on your phone: yep,...

CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced that as of January 21, 2019, it has an overall rating of 4.8 out of 5 stars - the highest overall score of all vendors named to the January 2019 Gartner Peer Insights Customers’ Choice for Endpoint Detection and Response Solutions. This distinction is based on 78 verified customer reviews. Also, as of January 21, 2019, CrowdStrike has the highest overall rating of the vendors...

Kaspersky Lab experts have identified an overlap in cyberattacks between two infamous threat actors, GreyEnergy – which is believed to be a successor of BlackEnergy – and the Sofacy cyberespionage group. Both actors used the same servers at the same time, with, however, a different purpose. BlackEnergy and Sofacy hacking groups are considered to be two of the major actors in the modern cyberthreat landscape. In the past, their activities often led to devastating national...

New stealthy tactics have allowed DDoS attacks to past detection mechanisms, with attacks against Internet services providers increasing in the 3rd quarter of 2018, new research by Nexusguard has revealed. DDoS attackers are spreading attack traffic across many IP prefixes in attempts to overwhelm targeted sites and ISPs. The attack traffic within each IP is small, which allows it to avoid detection by DDoS mitigation technologies. Source: Dark Reading

265 researchers from around the world have taken down 100,000 Malware distribution websites as part of a campaign known as URLhaus, a project started by abuse.ch, a non-profit cybersecurity organisation in Switzerland. The project started in March and has a recorded daily average 300 submissions.  However, web hosting providers are still slow to respond to abuse complaints and the average takedown time is more than a week. A lot of work still needs to be...