Blog

Blog

Bizarro Sundown Exploit Kit Distributing Locky Ransomware via ShadowGate

The Bizarro Sundown exploit kit is spreading two versions of Locky ransomware via the still-active ShadowGate malvertising campaign. In October, Trend Micro spotted two versions of Bizarro Sundown, a modification of the earlier Sundown exploit kit which rose to prominence with RIG following Neutrino's demise. The first iteration reared its ugly head...
Blog

The Impact of the JohnyCryptor Ransomware

What has caused a seemingly typical ransomware from turning into one of the most popular malware threats this year? I've uncovered the facts, so allow me to give some insight into how this ransomware became one of the most feared strains this year. The First Johnycryptor Ransomware Major Hits In early July 2016, various security vendors spotted...
Blog

Half of Retail IT Pros Don't Know How Long Breach Detection Takes, Finds Survey

In February 2016, Tripwire first unveiled the results of its 2016 Breach Detection Survey. The study polled the comments of 763 security information security personnel about their organizations' efficacy of implementing seven key security controls: PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53 and IRS 1075. Those controls are essential to helping an...
Blog

An IoT Nightmare! Attackers Can Spoof Smart Webcam that Leaks Passwords

Actors can use spoofing attacks to gain control of a smart webcam that leaks its own password as well as local network credentials. To raise awareness about the insecure design of many Internet of Things (IoT) devices, researchers at Bitdefender Labs took a look at a smart webcam. The camera comes with a motion and sound detection system, two-way...
Blog

RIG Exploit Kit the Final Destination of HookAds Malvertising Campaign

The HookAds malvertising campaign redirects users to a landing page for the RIG exploit kit that comes prepackaged with all types of baddies. HookAds, which got its name from a string found by Malwarebytes researchers in the delivery URL, works as follows. A malvertising chain redirects visitors to adult websites that sometimes generate millions of...
Blog

Women in Information Security: Tracy Maleeff

Information security really needs female professionals. There aren't a lot of us, but all the women in infosec I've met so far have been fascinating. In my first interview, I spoke with Tiberius Hefflin, a Security Assurance Analyst. The second woman I spoke to was Tracy Z. Maleeff, who is well known on Twitter as @InfoSecSherpa. Kim Crawley: How...
Blog

Cerber 4.1.0 and 4.1.1: The Evolution Continues

For the ancient Greeks, Cerberus was a multi-headed dog guarding the gates of the underworld. Its duty was to not let any dead soul exit the kingdom of the dead. Perhaps it’s not a coincidence that cybercriminals chose this dreadful creature as the foundation of the ransomware monster known as Cerber. Nobody wants to see Cerber ransomware encrypt...
Blog

Your First Aid to Cyber Extortion

Cyber extortion, contrary to some misconceptions, isn’t new. The fact is it's a top IT security concern that's been targeting susceptible enterprises for over four decades now. Here's some background information. Bank of America was the first to be on the receiving end of the threat in 1971. Since then, it has become a thriving business for...
Blog

Get Verified Through a Promoted Tweet? Nope. It's a Scam!

A Promoted Tweet claims it can help Twitter users get their accounts verified, but in reality, it's just a scam. Promoted Tweets are a way by which Twitter users can pay for a Tweet to reach a wide audience and generate engagement with their current followers. As such, they are an excellent tool for anyone looking to advertise something....
Blog

Unmasking The Spooky LinkedIn Stalker

Remember when you were a kid on Halloween? You were so excited to trick-or-treat that you couldn’t even finish your dinner. With your Halloween costume on, you were ready to go out with your friends and get all the candy you could. Think about the advice you likely heard from your parents before leaving the house. Perhaps it was something like “only...
Blog

DDoS and IoT - A ‘Perfect’ Storm

A perfect storm is definitely brewing. Severe and hazardous internet weather warnings have been out there for some time now, and last week’s DDoS downpour on Dyn, along with the escalating events leading up to it, may prove to be a mere shower compared to what is yet to come. Let’s start by considering another type of forecast, that of the projected...
Blog

ISPs Will Need Customers' Permission to Sell Data Under New FCC Rules

The Federal Communication Commission (FCC) has adopted new rules that will require Internet Service Providers (ISPs) to obtain customers' permission before they sell their data for marketing purposes. On 27 October, the Commission's Democratic majority secured the passage of the rules with a 3-2 vote, with Republicans opposing adoption. Chairman Tom...
Blog

AppUNBlocker: Bypassing AppLocker

Windows AppLocker is a powerful whitelisting technology built into modern Windows operating systems. It provides the ability to lock down installers, scripts and executables on the local machine via either a white list or a black list of file data. For many organizations, this is a great technology to reduce the attack surface of the endpoint by...
Blog

Evolving Connectivity: Understanding the Benefits and Risks of IoT

We at The State of Security have explored all the ways people can strengthen their security online in acknowledgement of National Cyber Security Awareness Month (NCSAM) 2016. We kicked off the public awareness campaign by providing tips on how users can protect their passwords, as well as defend against ransomware and other common IT security...
Blog

How to fight macro malware in Office 2016 and 2013

Macro malware arrived with a bang 21 years ago, and it's still causing problems. Concept, the first ever virus to spread by infecting Microsoft Office files, turned the anti-virus world on its head overnight when it was shipped by Microsoft on a CD ROM in August 1995. Up until then the main thing computer users had to worry about was malware hiding...
Blog

100,000 Bots Infected with Mirai Malware Behind Dyn DDoS Attack

Dyn has stated that approximately 100,000 bots infected with Mirai malware helped launch a large distributed denial-of-service (DDoS) attack against its domain name system (DNS) infrastructure. Scott Hilton, EVP of product at the internet performance management company, said in a statement on 26 October that the distributed denial-of-service (DDoS)...
Blog

The Health of Healthcare’s Cyber Security

The current diagnosis for healthcare cyber security is frightening. Here's our current assessment: One in three healthcare records were compromised in 2015 (IBM 2016). Healthcare is the number one industry when it comes to its records being breached (IBM 2016). Ransomware is on the rise, with 88 percent of attacks occurring in healthcare ...