A new, extremely evasive botnet has been discovered that takes unique leverage of command and control servers and can completely take over an enterprise device to execute any type of code it wishes, from ransomware to trojans to data extraction, according to researchers at endpoint and mobile security firm Deep Instinct.
In this week’s podcast: researcher Kevin Fu of University of Michigan discusses his work on attacks that use physics to manipulate connected devices. Also: Mark Loveless of DUO discusses his research into how poor implementation of wireless protocols make personal security trackers a privacy risk. And have we seen peak ransomware? Adam Kujawa of the firm Malwarebytes joins us to talk about the findings of that company’s State of Malware Report.
One of the convenient fictions of ransomware attacks is that the cybercriminals who operate ransomware schemes have no interest in the data they’re encrypting – they just want to get paid. By this logic, ransomware attacks aren’t data breaches because the data isn’t exfiltrated or stolen – just encrypted and left where it is.And it’s a popular fiction, at that. The latest ransomware victim caught peddling this fiction is Dorchester County, South Carolina, where School District officials have acknowledged that 25 of 64 servers operated by the district were infected with ransomware. The infection prompted the district to pay $2,900 in ransom to have the data decrypted, according to a report by a local ABC News affiliate.“A thorough investigation determined this was a ransom request and there was no identity theft involved and no student or staff information had been accessed or compromised,” the District said in its statement. This, […]
Fast spreading ransomware dubbed Petya has crippled parts of Ukraine and hit companies in The Netherlands, France, Russia and Spain. It appears to be spreading using a combination of software exploit and stolen passwords.
In-brief: data from the firm Symantec shows that financial malware targeting banks – not ransomware- is the most important and oft-used tool in the cyber criminal’s toolbox.
