In-brief: A new and sophisticated ransomware family dubbed “Fessleak” is spreading in malicious advertising (or “malvertising”) campaigns by exploiting newly disclosed flaws in Adobe’s Flash technology.
ransomware
Clues Point to Long-Duration Hack at Sony
With each passing day, evidence mounts that the attack on Sony Pictures Entertainment was a long-duration hacking event that gave malicious actors extensive access to the company’s network and data. The hack started out looking like a particularly nasty example of hacktivism – with thousands of SPE systems wiped of all data. Going on two weeks after revelations of the hack, however, the incident appears to be something much more dire: a massive breach of corporate security that gave malicious attackers access to gigabytes – and possibly terabytes- of sensitive data. With only a fraction of the allegedly stolen data trove released, the ripple effects of the incident are already washing up against other Sony divisions and firms with direct or indirect ties to the company. The latest developments in the saga include publication of some 40 gigabytes of internal files. As described by buzzfeed.com, the files include: “email exchanges with employees regarding specific […]
Report: Sony Fits Pattern of other Destructive Hacks
At a time when companies are warned to be on the lookout for “low and slow” attackers who studiously avoid notice, the Sony breach will be remembered for its unusual ferocity. On Nov. 24, the assailants declared their presence by decorating employee desktops with a belligerent message before erasing the hard drives of computers and servers they compromised as a parting shot. Destructive hacks such as the one on Sony are atypical. But they are not unknown. In fact, the attack on Sony shares many similarities with at least two other recent, destructive cyberattacks: from the methods used to carry out the strike to the software used to compromise Sony’s computer systems. Those earlier hacks also suggest that attackers had access to Sony’s network long before they played their hand. Read more over at The Christian Science Monitor.
Concept Worm Could Spread Between Networked Attached Storage Systems
Kelly Jackson Higgins over at Dark Reading has a really interesting story about a researcher who is building a NAS worm. That’s right: some automated malware that will be capable of roaming the Internet finding and compromising consumer network attached storage (NAS) devices. Higgins interviewed Jacob Holcomb, a security analyst at the firm Independent Security Evaluators, has rolled more than two dozen previously unknown and undiscovered (‘zero day’) software vulnerabilities in NAS products into a proof-of-concept, self-replicating worm. According to Higgins, the worm scans for vulnerable services running on NAS systems — mostly web servers — and identifies the type of NAS device and whether it harbors the bugs. If a known, vulnerable platform is discovered, the worm launches the corresponding exploit from its quiver to take control of the device. Compromised devices are then used to scan for other, similar devices. Holcomb has already informed affected vendors – a list that includes […]
Gameover Not The End: Zeus Malware Still Threatens Fortune 500
Prolexic, a division of Akamai, issued an advisory to Fortune 500 firms on Monday about what it calls “a high-risk threat of continued breaches from the Zeus framework.” The company’s Security Engineering & Response Team (PLXsert) said on Monday that it has observed new payloads from the Zeus crimeware kit in the wild, and that networks of Fortune 500 companies are a prime target. Cyber crime groups are using Zeus to steal login credentials and gain access to web-based enterprise applications, as well as online banking accounts, Akamai warned. “The Zeus framework is a powerhouse crimeware kit that enterprises need to know about to better defend against it,” said Stuart Scholly, senior vice president and general manager, Security Business Unit, Akamai, in a statement. “It’s hard to detect, easy to use, and flexible – and it’s being used to breach enterprises across multiple industries.” A variant of Zeus, Gameover, was the subject […]
