Cyber Crime News, Articles and Updates

ROCA, the role of key generation and decrypting of private keys

Richard Moulds takes a look behind recent crypto vulnerability headlines - the ability to calculate the private key of an RSA keypair purely by knowing the public key - and asks if they are a prelude to a 'cryptoapocalypse'.

Beware Catphishing attacks targeting the hearts of security pros

Malwarebytes researchers are warning IT workers seeking love online to beware "CatPhishing" scams which can leave entire companies devastated.

Credential stuffing: People reuse passwords all the time. Shocker, I know.

A new BeyondTrust survey has revealed that nearly half of all organisations (49 percent) reuse passwords across multiple systems, despite knowing better, reports Brian Chappell.

Attack of the cyber-bees: self-learning hivenets to replace botnets in 2018

Highly destructive, self-learning 'swarmbots' driven by hivenets will be the threat trend for next year said Fortinet global security strategist, Derek Manky, speaking at the vendors International Media Conference in Nice this week.

Three more Android malware families invade Google Play Store

Collectively downloaded millions of times, 158 fake Android applications containing mobile malware were recently found smuggled into the Google Play Store.

Cash Convertors hit by security breach

Pawnbroker chain Cash Converters is investigating a data security breach at its UK operations after receiving email threats of data release.

Office DDE feature used by hackers in new targeted phishing campaign

Security researchers have warned that a new phishing campaign is using the DDE feature in Microsoft Office to deliver DNSMessenger malware undetected.

New IcedID banking trojan already rivals worst of its malware peers

A banking trojan that's been targeting US financial institutions and services since at least September is already as advanced in its capabilities as its predecessors Zeus, Gozi, and Dridex, researchers from IBM have reported.

Coinhive cryptocurrency miner on Check Point's Most Wanted Malware list

Cryptocurrency miners are becoming one of the most prolific threats facing everyone, with Check Point Software Technologies naming this type of malicious software in its Ten Most Wanted Malware list for October.

Securing the vulnerabilities of remotely working

CIOs and security professionals need to ensure that company security policies are established and enforced, whether employees access company sensitive data from home offices, public Wi-Fi networks or hotels says Gerald Beuchelt.

The role of good data protection in a post cyber world

We now see 'weaponisation' of personal data against civilian groups largely indifferent to observation; as we live our lives online, criminal methods get easier, and rewards greater, cyber-crime is getting organised warns Peter Groucutt.

RDP brute force attacks used to spread LockCrypt ransomware

Hackers have been breaking into corporate servers via RDP brute-force attacks and manually infecting them with a new variant of ransomware called LockCrypt.

Ordinypt wiper ransomware targets German businesses

Another wiper malware posing as a ransomware is targeting German businesses under the guise of fake job applicants inquiring about openings.

Equifax's net income down £20m and £67m costs post data breach

Equifax was financially punished for the breach that allowed the personal data of 145.5 million of its customers to be compromised with revenue down 27 percent (£20 million) in the quarter and breach costs of £66.8 million.

Windows Movie Maker scammers leverage Google SEO

While SEO best practices help brands reach the widest possible audiences by garnering more web traffic, these same tactics can also be leveraged to help cyber-criminals reach the most victims.

ToastAmigo malware uses new twist to attack Toast overlay vulnerability

A new malware uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.

Estonia suspends national 760,000 ID cards found prone to encryption vulnerability

Estonia on Friday blocked the certificates of 760,000 national ID cards in response to a cryptographic vulnerability that researchers have discovered is even more dangerous than originally reported.

Is it time to rethink the password?

The password on its own is not enough to protect an organisation's data, even if you follow best practice says Kevin Timms, adding passwords that are easily entered and remembered are inherently weak and easily compromised.

Marcher banking trojan campaign attacks Austrians' finances three different ways

An attack campaign targeting Android users in Austria has been employing a novel trio of techniques to steal their funds: a credentials phishing web page, malicious banking app overlays, and credit card phishing screens.

Banking Trojan gang poisons Google results to spread malware: more comment

Cunning SEO trickery and new variant of Zeus Panda targets international banking customers

Smartphone QR code scanners pose new cyber-threat

Apple iOS 11, Apple has QR scanning functionality enabled by default which Elad Ben-Meir says can effectively make anyone scanning the QR code matrices with Apple devices vulnerable to unknowingly uploading malicious code.

Content distributor Crunchyroll blames DNS hijack for malicious redirection

Asian entertainment website Crunchyroll.com is blaming a DNS hijack attack after site visitors in the early morning of 4 November were redirected to a malicious website designed to infect them with malware.

Pirates of the Caribbean: 66 years of secrets dug up in Paradise Papers

The Queen's offshore accounts, Russian links to President Donald Trump's top administration officials among 13.4 million documents exposed in Paradise Papers. Legal and accounting firms can expect to be increasingly targeted.

Corebot banking trojan returns - after modifying indicators of compromise

A new variant of the banking Trojan, CoreBot, which was mainly active in the summer of 2015, has been spotted by security researchers with the new variant spreading via malicious Office documents.

Group IB, INTERPOL sign data exchange agreement

Group IB, the cyber-security firm that uncovered the BadRabbit ransomware attacks in October, has signed a threat-exchange agreement with INTERPOL.

iXintpwn/YJSNPI malware distributed in app stores once used to spread ZNIU

App stores that once distributed the rootkit malware used by ZNIU, the first malware family to exploit the Dirty COWvulnerability, are now distributing a new iXintpwn/YJSNPI variant.

WannaCry, Cerber most used ransomware types, hospitals most hit sector

WannaCry and Cerber has totally dominated the ransomware landscape so far this year comprising almost all the attacks that have taken place, while other big names such as Locky were barely a blip on the radar.

Another misconfigured Amazon S3 server leaks data of 50,000 Australians

Another misconfigured Amazon server has resulted in the exposure of personal data - this time on 50,000 Australian employees that were left unsecure by a third-party contractor.

Bring technologists quickly into leadership positions says ex GCHQ head

News Feature: Interview with ex-GCHQ director Robert Hannigan CMG; tech leaders on the board; terrorists to achieve ability to wreak cyber-chaos in 5 years; DDoS as smokescreen/DDoS Awareness Day; active cyber-defence.

Russian hackers silently threaten global financial organisations

A new bankrobber Trojan has been identified by researchers at Kaspersky Lab, quietly stealing money direct from the banks themselves rather than targeting customers.