Home Tags Criminals

Tag: Criminals

Will your business be next? Customisable ransomware makes it easy for...

An easy-to-use form of ransomware is enabling even low-level cybercrimals to tailor attacks against organisations or even individuals with personalised ransom notes

Call Center Fraud Spiked 113% in 2016

Criminals are increasingly spoofing caller ID using VoIP apps including Skype or Google Voice to hide their identity and location, according to a report released today by Pindrop Labs.

BrandPost: How To Prepare and Prevent Ransomware From Wreaking Havoc

By Bharath Vasudevan, Director of Product Management, Hewlett Packard Enterprise Software-defined and Cloud GroupRansomware is a malicious software virus that locks files or computer systems until a sum of money (usually in Bitcoin) is paid to the cyber criminals. With ransomware attacks increasing in quantity and ferocity seemingly by the day, it is no longer a matter of if an organization will be attacked by ransomware, but when.

According to the Ponemon Institute’s January 2016 report, Cost of Data Center Outages, 22% of unplanned IT outages are due to cyberattacks.

This represents a 167% increase since the initial 2010 report.
Stronger security and improved data protection and disaster recovery plans may be businesses’ only hopes to minimize the damage done by ransomware.To read this article in full or to leave a comment, please click here

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil.

This sample is what could be considered as the “father” of other XPan ransomware variants.

A considerable amount of indicators within the source code depict the early origins of this sample.

This is how cyber crooks meet and plot their scams

Web forums and some more standard communications services are being used by online criminals to organize their activities.

Report: Cybercriminals prefer Skype, Jabber, and ICQ

The most popular instant messaging platforms with cyber criminals are Skype, Jabber and ICQ, according to a new report released this morning.Meanwhile, consumer-grade platforms like AOL Instant Messenger and Yahoo IM have fallen out of favor, while newer, more secure consumer oriented platforms like Telegram and WhatsApp are also gaining popularity.[ Safeguard your data! The tools you need to encrypt your communications and web data. • Maximum-security essential tools for everyday encryption. • InfoWorld's encryption Deep Dive how-to report. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]The newer platforms are more user-friendly and more convenient, but also offer greater security, said Leroy Terrelonge, Director of Middle East and Africa Research at Flashpoint, which recently released a report about the communication platforms cyber criminals have been using over the past four years.To read this article in full or to leave a comment, please click here

A Russian hacker has created his own ‘starter pack’ ransomware service

Now even low-level criminals can jump into the ransomware game, said the researchers who found the malware.

Criminals, Intelligence Agents Shared Zero-Day Microsoft Word Flaw

The same exploit using a zero-day security flaw patched by Microsoft this week was used to spread malicious software used by cyber-criminals and cyber-spies, according to FireEye.

Phishing scammers exploit Wix web hosting

Cybercriminals like to subvert legitimate online services like Google Docs and Dropbox to carry out their malicious activities.

The free website hosting company Wix is the latest addition to the list of services they’ve abused.Researchers from security company Cyren found that scammers were creating phishing sites designed to harvest Office 365 login credentials via Wix, which offers a simple click-and-drag editor for building web pages.

As typically happens with free services, the criminals are taking advantage of these tools to carry out their operations.[ 4 top disaster recovery packages compared. | Backup and recovery tools: Users identify the good, bad, and ugly. ]The phishing site looks like a new browser window open to an Office 365 login page.
In fact, it’s a screenshot of an Office 365 login page with editable fields overlaid on the image. Users would think the site is legitimate and enter the login credentials, except the information is entered into the fields on the overlay and not the actual Office 365 page.To read this article in full or to leave a comment, please click here

ATMitch: remote administration of ATMs

In February 2017, we published research on fileless attacks against enterprise networks.

This second paper is about the methods and techniques that were used by the attackers in the second stage of their attacks against financial organizations – basically enabling remote administration of ATMs.

New research reveals that 30 percent of malware attacks are zero...

WatchGuard Launches New Quarterly Internet Security Report30 March 2017: Thirty percent of malware can be classified as new or zero-day because it cannot be caught by legacy antivirus solutions, according to research published today in WatchGuard’s first Quarterly Internet Security Report, which explores the latest computer and network security threats affecting SMBs and distributed enterprises.

The results from Q4 2016, confirm that cyber criminals’ capability to automatically repack or morph their malware has outpaced the... Source: RealWire

‘Anonymous’ FTP Servers Leaving Healthcare Data Exposed

The FBI warned medical and dental offices running FTP servers in anonymous mode that criminals are targeting these installations and stealing personal healthcare information.