Tag: malware

The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored "advanced persistent threat" groups, the firm FireEye said in its most recent M-Trends report.

Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack

In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.

Pharmaceutical giant Merck said on Friday that the NotPetya malware outbreak in June halted production and left it short of doses of Gardasil, a critical vaccine to prevent HPV. (Image courtesy of Merck.)

NotPetya Infection Left Merck Short of Key HPV Vaccine

The NotPetya malware infection shut down pharmaceutical giant Merck’s production of the pediatric vaccine GARDASIL last June, forcing the company to borrow the drug from a stockpile maintained by the U.S. Centers for Disease Control and Prevention to meet demand.

Research Finds Home Routers fill ranks of Fast Flux Botnets

Research Finds Home Routers fill ranks of Fast Flux Botnets

Research from the firm Akamai finds cyber criminals are marrying vulnerable home routers to sophisticated “fast flux” command and control tools to create long-lived, cyber criminal infrastructure.

A flaw in smart cameras sold by Samsung leaves them vulnerable to remote attack, researchers claim.

A Year After Mirai: Insecure Devices are still a Huge Problem

In-brief: A year after Mirai, as many as 100,000 devices, globally, may be running some version of the Mirai malware, while countless others are vulnerable to being enlisted in a Mirai-like attack. Worse: these systems may not be patched for “years,” according to the SANS Internet Storm Center. 

The Devil's Ivy flaw was discovered in security cameras made by Axis Communications, but affect a much wider population of devices. (Image courtesy of Senrio.)

Was the Devil’s Ivy Vulnerability a Dud? Don’t Count on It.

In-brief: The Devil’s Ivy vulnerability in the open source gSOAP library is widespread and supposedly trivial to exploit. So why, one month later, haven’t we seen any attacks? Is Devil’s Ivy a dud? ‘Don’t count on it,’ security experts tell us.