News – July 2019


  • Financial threats in H1 2019

    July 31, 2019

    Financial cyberthreats are malicious programs that attack users of online banking services, electronic money, cryptocurrency and other similar services, as well as threats aimed at gaining access to financial organizations and their infrastructure. Kaspersky experts regularly analyze the statistics that the company’s products anonymously send to the cloud infrastructure of the Kaspersky Security Network (KSN) ...

  • Keeping a Hidden Identity: Mirai C&Cs in Tor Network

    July 31, 2019

    With its notoriety for being one of the most active internet of things (IoT) malware families, Mirai is one malware family system administrators consistently keep their eye on to make sure systems and devices are protected. Despite all the attention that the malware has received, it seems cybercriminals are still continually developing and using this malware. Barely a ...

  • Inside Malware Markets: Current Trends and Competitive Forces

    July 30, 2019

    Regardless of location, legitimacy, or legality, markets of all kinds act in accordance with a prevailing set of forces. Made famous by business management guru Michael Porter, his eponymous Five Forces generally dictate how markets will operate — that includes markets for malware. Porter’s Five Forces Rivalry Among Existing Competitors Bargaining Power of Suppliers Bargaining Power of Buyers Threat of ...

  • Cyberattack warning to small plane owners: How your aircraft could be vulnerable

    July 30, 2019

    The alert from the DHS critical infrastructure computer emergency response team. warns that modern flight systems are vulnerable to hacking if a person manages to gain unrestricted access to an aircraft. The alert also recommends that small plane owners restrict unauthorized physical access to their aircraft the best they can. It warns that access should remain limited until ...

  • Rare Steganography Hack Can Compromise Fully Patched Websites

    July 26, 2019

    An unusual steganographic technique that an attacker can use to implant a malicious webshell on unsuspecting websites has been spotted in Latin America. According to research from Trustwave shared exclusively with Threatpost, a forensic investigation showed that an adversary is implanting PHP code into JPEG files’ EXIF headers in order to upload malware onto targeted ...

  • Unique Monokle Android Spyware Self-Signs Certificates

    July 24, 2019

    A never-before-publicized mobile spy tool, a mobile surveillanceware remote access trojan (RAT) for Android called Monokle, has been spotted using novel techniques to exfiltrate data. According to the Lookout researchers who discovered Monokle in the wild, the malware has the ability to self-sign trusted certificates to intercept encrypted SSL traffic. It can also record a phone’s ...

  • Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’

    July 23, 2019

    Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — leveled against Elasticsearch servers. These attacks mostly deliveredcryptocurrency-mining malware, as in the case of one attack we saw last year. The latest attack we spotted deviates from the ...

  • Cybercrime gang adds new tactics to credit card data-stealing campaign

    July 23, 2019

    A hacking operation has deployed new malware in the latest evolution of its campaign to make money by stealing credit card data. The FIN8 cybercrime group was first identified in January 2016, and typically targets point-of-sale (POS) systems with malware attacks designed to steal credit card information, which is then sold on for profit on dark ...

  • 5th Annual Global Cyber Security Forum – Lebanon

    July 23, 2019

    Press Release Taking in cognisance the evolving cyber threats across the globe, several nations have formed committee’s & taskforces to implement the best strategies to fight cybercrimes. These task forces are destined to ensure the nation’s assets are protected against any threats by implementing best policies & state-of-the-art solutions, whilst creating a robust ecosystem for ease ...

  • IFINSEC Financial Sector IT Security Conference and Exhibition

    July 23, 2019

    Press release IFINSEC Financial Sector IT Security Conference and Exhibition (www.ifinsec.com) will be held on 12-13 November 2019 in Istanbul, Turkey. IFINSEC is a global and niche conference with its focus on IT Security technologies and solutions for the financial sector. IFINSEC is one of the most important conferences in EMEA region in its category. With ...

  • Popular Samsung, LG Android Phones Open to ‘Spearphone’ Eavesdropping

    July 23, 2019

    A Spearphone attacker can use the accelerometer in LG and Samsung phones to remotely eavesdrop on any audio that’s played on speakerphone, including calls, music and voice assistant responses. A new way to eavesdrop on people’s mobile phone calls has come to light in the form of Spearphone – an attack that makes use of Android ...

  • Lancaster University students’ data stolen by cyber-thieves

    July 23, 2019

    Students’ personal data has been stolen in a “sophisticated and malicious” phishing attack at Lancaster University. Officials said the information had been used to send bogus invoices to applicants. “A very small number” of student records, phone numbers and ID documents were also accessed, it said. The breach has been reported to police and the Information Commissioner’s Office. In ...

  • NSA to establish a defense-minded division named the Cybersecurity Directorate

    July 23, 2019

    The National Security Agency announced today plans to establish a new defense-minded cyber-security division that will focus on defending the US against foreign cyber-threats. This new division, which will be named the Cybersecurity Directorate, will become operational on October 1, later this year. Anne Neuberger will be the division’s first Director of Cybersecurity. She will report directly ...

  • On the IoT road: perks, benefits and security of moving smartly

    July 22, 2019

    Kaspersky has repeatedly investigated security issues related to IoT technologies (for instance, here, or here). Earlier this year our experts have even gained foothold in the security of biomechanical prosthetic devices. The same implies to smart car security: our own research has indicated that there are number of issues—look here or here. This year, we decided to continue our tradition of small-scale experiments with security ...

  • Equifax, regulators sign $700m deal to settle data breach lawsuits

    July 22, 2019

    Equifax signed a settlement today to lay to rest lawsuits brought forward by the US Federal Trade Commission (FTC), state attorneys, and a class-action case relating to the firm’s 2017 data breach. The security incident was caused by a failure to resolve a known security flaw in Apache Struts, despite a patch being made available two ...

  • Critical RCE Flaw in Palo Alto Gateways Hits Uber

    July 22, 2019

    A remote code-execution (RCE) vulnerability has been uncovered in the GlobalProtect portal and GlobalProtect Gateway interface security products from Palo Alto Networks. It’s an unusual zero-day case, having been previously unknown but inadvertently fixed in later releases — but some large companies could still be impacted, including Uber. The gateways provide virtual private network (VPN) access to ...

  • French army will employ sci-fi writers to predict cyber threats

    July 22, 2019

    The French military is to assemble a team of science fiction writers to imagine possible future cyber threats and inject innovation into cyber defence. This will be a small group, known as the “Red Team” which will be comprised of four or five science fiction writers and or futurists. The team will be hired to “propose ...

  • Third Of European Businesses Not GDPR Compliant

    July 22, 2019

    Over a year since it was introduced, 30 percent of European organisations are still not GDPR compliant A significant number of European organisations have admitted that they are still not compliant with GDPR data protection rules. A survey from tax audit advisors RSM found that 30 percent of European businesses are still not compliant with GDPR, despite ...

  • Massive 7.5TB breach reveals secret Russian IT projects

    July 22, 2019

    Hackers breached the server of a major contractor working on behalf of the Russian intelligence service before stealing 7.5TB of sensitive data and sharing this freely with other hackers and journalists. Attackers infiltrated the company network of SyTech on 13 July, according to BBC Russia, and began a process of copying data while deleting masses of it. ...

  • Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year old XHide

    July 19, 2019

    One of our honeypots detected a threat that propagates by scanning for open ports and brute forcing weak credentials, installing a Monero cryptocurrency miner and a Perl-based IRC backdoor as the final payload. The miner process is hidden using XHide Process Faker, a 17-year old open source tool used to fake the name of a ...