Malware

Surprise: Branding a Bug is just as Hard as Branding Anything Else!

ZDNet’s @violetblue has a nice piece on the new fad for naming vulnerabilities – seen most recently with the OpenSSL Heartbleed vulnerability and the “Shellshock” vulnerability in Linux’s common BASH  utility. As Blue notes, the desire to “brand” bugs “changes the way we talk about security” – in part by giving complex, technical flaws down a common referent. But does giving a bug a logo make it frivolous? As she notes: the penchant for naming vulnerabilities may stem not from a desire to trivialize them – but a very practical response to the need to keep track of so many security holes in software. Regardless, Heartbleed – and the marketing by the firm Codenomicon that surrounde it – was the bug that launched a thousand ships, including Shellshock, Sandworm, and more. Read more coverage of Heartbleed here. But, as with . As security research and incident response are becoming more lucrative, expect the masonry […]

Continue Reading

Regin Espionage Tool Active since 2008 | Symantec Connect

Symantec on Sunday published research describing a new family of malware that it claims has been circulating, quietly, for close to six years. (Gulp!) According to a post on Symantec’s Security Response blog, Regin infections have been observed as far back as 2008, but the malware went quiet after about 2011, only to resurface in 2013 in attacks on a wide range of targets including private and public entities and research institutes. Symantec also observed the malware used in attacks on telecommunications firms and say it appears the malware was being used “to gain access to calls being routed through their infrastructure.”   In a separate research paper, Symantec describes the malware, dubbed “Backdoor.Regin” as a multi-staged threat that uses encrypted components – installed in a series of stages – to escape detection. The key the malware’s stealth is compartmentalization, Symantec found: “each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible […]

Continue Reading

EFF Backs Detekt: Malware Detection Tool For State Surveillance

The Electronic Frontier Foundation (EFF) is having a big week. First the organization announced “Let’s Encrypt,” a new, free certificate authority (CA) with the goal of moving everyone to adopt encrypted web communications. Then, today, the group announced Detekt, a malware detection tool designed to expose evidence of state surveillance. The tool is intended to help journalists, political activists and others identify malware associated with state-sponsored spying. Developed by security researcher Claudio Guarnieri, Detekt is available on Github and at the site resistsurveillance.com. The tool was written in Python tool  and scans the memory of Windows systems (XP and 32 and 64 bit and Windows 8) for malware. Essentially, its a straight-up malware scanner that focuses on malware associated with spying, namely: DarkComet RATm XtremeRAT, BlackShades RAT, njRAT, FinFisher FinSpy, HackingTeam RCS, ShadowTech RAT and Gh0st RAT. You might also like “Hacker takes on the Worlds spy agencies.” Alas, unlike most anti malware programs (which at least claim to detect the same malware families) […]

Continue Reading

Report: DHS and FBI Briefing Grid Operators on Sophisticated Cyber Attacks

A spate of reports in recent days has put the media’s attention back on the security of the energy sector and critical infrastructure more broadly. Notably: this CNN report that cites NSA director Admiral Mike Rogers telling the audience at a power grid security conference in San Antonio, Texas in October that “power… is one of the segments that concerns me the most.”   What’s changed? For one: the uptick in ICS-specific malware like BlackEnergy. A spate of attacks based on that malware and others have targeted critical infrastructure players in recent months. According to a confidential memo obtained by CNN, the FBI and DHS are now traveling the country to warn utilities and other critical infrastructure owners about targeted attacks on industrial control systems. Some of those attacks are exploiting previously unknown (or “zero day”)  vulnerabilities in ICS systems, CNN reported. The U.S. Government has been warning about the threat of cyber attacks on […]

Continue Reading

Infographic: After A Year of Breaches, Are Retailers More Secure?

After a year in which some of the U.S.’s top retailers found themselves on the wrong side of sophisticated, cyber criminal hacking groups, you may be tempted to search for a silver lining. Maybe the up side of all the attacks on retail networks and point of sale systems is an improved security posture overall? After all: if your neighbors to the left and right have their house broken into, you may well beef up your locks and alarms, even if your house hasn’t been targeted. Or, at least, that’s how the thinking goes. But Boston-based BitSight took a look at how the retail sector is faring security-wise as 2014 draws to a close. BitSight is an interesting company. They market a kind of reputation monitoring service: assessing security posture for companies by observing how they look from the outside. Think of it as a kind of Experian or TransUnion for security. […]

Continue Reading
1 45 46 47 48 49 77