Cybercrime

November 15, 2019

Lizard Squad, the well-known hacktivist cybergang, is pledging to mount personal cyberattacks on Britain’s Labour Party leader, Jeremy Corbyn. As the UK continues to be roiled by Brexit debate ahead of a Dec. 12 general election, the Labour Party said on Tuesday that it had been targeted by a “sophisticated and large-scale” cyberattack bent on taking ...

November 15, 2019

Researchers warn hackers are putting a new spin on old injection techniques and successfully end-running endpoint protection. They are tracking a campaign, that kicked off in January, that is still going strong exploiting weaknesses in web browsers. The objective is to hide in the background of infected systems in order to steal user passwords, track ...

November 14, 2019

Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification. Security company Radware shared its observations on multiple campaigns involving Transmission Control Protocol (TCP) reflection attacks, specifically SYN-ACK reflection attacks, against companies across the world. The scope of the impact was ...

November 12, 2019

Labour says it has been hit by a “sophisticated and large-scale cyber attack” on its digital platforms. A party spokeswoman said the cyber attack “failed” because of their “robust security systems” and that she was confident no data breach occurred. “Security procedures have slowed down some of our campaign activities, but these were restored this morning and we ...

November 6, 2019

Emotet, a Banking Trojan turned devastating modular threat, has returned with upgraded functions in a new wave of attacks. The malware, first discovered in 2014, has evolved over the past few years from a relatively basic, singular threat into a customizable modular package used to deploy additional payloads against financial institutions, the enterprise, and consumers worldwide. Emotet, believed to ...

November 5, 2019

McAfee’s Advanced Threat Research Team observed how a new ransomware family named ‘Buran’ appeared in May 2019. Buran works as a RaaS model like other ransomware families such as REVil, GandCrab (now defunct), Phobos, etc. The author(s) take 25% of the income earned by affiliates, instead of the 30% – 40%, numbers from notorious malware families ...

November 5, 2019

Canadian government IT systems have been forced into lockdown after a successful ransomware attack. On Monday, government officials for the Nunavut region said that over the weekend, a “new and sophisticated type of ransomware” struck the territory. All government services — with the exception of an energy corporation — that rely on access to electronic information stored ...

November 4, 2019

The Ryuk ransomware has added two features to enhance its effectiveness: The ability to target systems that are in “standby” or sleep mode; and the use of Address Resolution Protocol (ARP) pinging to find drives on a company’s LAN. Both are employed after the initial network compromise of a victim organization. Ryuk, which is distributed by ...

November 4, 2019

The Nemty ransomware (Ransom.Nemty), initially detected in August 2019, has increased its reach by partnering up with the Trik botnet (Trojan.Wortrik), which now delivers Nemty to compromised computers. Trik, also known as Phorpiex, has been around for approximately 10 years. In its early days, the malware self-propagated via removable USB drives, Windows Live Messenger, or Skype ...

November 4, 2019

Two major Spanish companies have been hit by ransomware today. Both infections occurred on the same day, sparking memories of the WannaCry outbreak. Spain was one of the first countries alongside the UK, where the WannaCry ransomware infections were spotted for the first time back on May 12, 2017. Affected at the time were Spanish newspaper El ...