Top

Category: Threats & Malware

Threats and Malware


Phishing, Threats & Malware

Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system

October 1, 2018

Via: Securelist

In Q2 2018, Kaspersky Lab published two blogposts about Roaming Mantis sharing details of this new cybercriminal campaign. In the beginning, the criminals used DNS hijacking in vulnerable routers to spread malicious Android applications of Roaming Mantis (aka MoqHao and […]


Hacker, Threats & Malware

ThreatList: Attacks on Industrial Control Systems on the Rise

September 7, 2018

Via: Threat Post

The systems that power the manufacturing, power and water plants, the oil and gas industry, and many other sectors are increasingly in the crosshairs of cyber-attackers: A full 41.2 percent of industrial control system (ICS) were attacked by malicious software […]


Threats & Malware, Virus & Malware

Malware on ICS Increasingly Comes From Internet: Kaspersky

September 7, 2018

Via: Security Week

According to Kaspersky’s “Threat Landscape for Industrial Automation Systems” report for H1 2018, the company detected over 19,400 samples belonging to roughly 2,800 malware families. As expected, most of the attempts to infect industrial systems were part of random attacks […]


Threats & Malware, Virus & Malware

Security Think Tank: No shortcuts to addressing software vulnerabilities

September 7, 2018

Via: Computer Weekly

Successful cyber attacks exploit weaknesses in an organisation’s defences. Hackers probe networks, looking for gaps in firewalls, and users are duped into downloading malware. These risks can be reduced through strong, consistent and regularly updated cyber security defences, alongside user […]


Data loss, Threats & Malware

Social Security numbers exposed on US government transparency site

September 6, 2018

Via: Naked Security

The US government exposed dozens of people’s personal details, including social security numbers, due to an online mishap on a public transparency portal, it emerged this week. FOIA.gov, a site that centrally administers freedom of information act requests, had been […]


Threats & Malware, Vulnerabilities

Thoughts on the Latest Apache Struts Vulnerability

September 5, 2018

Via: Dark Reading

About a week ago, a security researcher disclosed a critical remote code execution vulnerability in the Apache Struts web application framework that could allow remote attackers to run malicious code on the affected servers. The vulnerability (CVE-2018-11776) affects all supported […]


Threats & Malware, Virus & Malware

How lucrative is web-based cryptojacking?

August 31, 2018

Via: Help Net Security

1 out of 500 of the one million most visited websites according to Alexa contains a web-based cryptominer that starts mining as soon as the website has been opened in the browser, researchers from the Braunschweig University of Technology have […]


Cyber-crime, Phishing, Spam, Threats & Malware

Loki Bot: On a hunt for corporate passwords

August 29, 2018

Via: Securelist

Starting from early July, we have seen malicious spam activity that has targeted corporate mailboxes. The messages discovered so far contain an attachment with an .iso extension that Kaspersky Lab solutions detect as Loki Bot. The malware’s key objective is […]


Data loss, Threats & Malware

Protecting Sensitive Data: What a Breach Means to Your Business

August 29, 2018

Via: Radware Blog

Data breaches have made big headlines in recent years, from Target to Equifax to Hudson’s Bay Co’s Saks and Lord & Taylor. But the growing trend is actually in all the litigation stemming from data breaches. International law firm Bryan […]


Threats & Malware, Vulnerabilities

Critical RCE Vulnerability in Facebook Server Patched, Researcher Nabs $5,000 Bounty

August 28, 2018

Via: Hot for Security

A critical remote code execution vulnerability in a Facebook server was recently patched after security researcher Daniel ‘Blaklis’ Le Gall reported it using a proof-of-concept. The vulnerability was found in an unstable Sentry service – a cross-platform application capable of […]