Worm News, Articles and Updates

Malicious Monero miner spreads via arsenal of web server exploits

Researchers have discovered a versatile cryptominer worm that propagates itself by exploiting vulnerabilities in Microsoft's SMBv1 server, Oracle's WebLogic Server and Apache Struts.

Polymorphic Monero-Mining RETADUP Worm keeps threat detection on its toes

A cryptocurrency mining worm written in the same open-source scripting language used for creating Windows hotkeys and using polymorphism is giving conventional threat detection techniques a run for their money.

What does the future hold for cyber-crime?

With more devices able to connect directly to the web, the IOT s continuously expanding. However, cans of worms are waiting to be opened, including data loss, data manipulation and unauthorised access to devices.

Trickbot banking Trojan a significant risk to financial institutions

Vitali Kremez reports how the Necurs botnet is delivering a different type of malware that poses a threat specifically to the financial sector: the "Trickbot" banking Trojan.

Ransomworms on the rise: yet another wake up call for the enterprise

90 percent of enterprises still recording exploits for vulnerabilities that are more than three years old, and 60 percent for vulnerabilities more than ten years old says Fortinet report, with twice as many attacks at weekends.

New Windows flaw could allow a WannaCry-like attack if not patched

Network administrators and computer owners are once again being implored to make sure that they have updated Windows to block a WannaCry-like vulnerability.

New variant of Emotet banking trojan spreads internally like worm

Samples of the banking trojan Emotet have begun to surface with the ability to internally propagate, using credential brute-force techniques.

IoT lightbulb worm takes over all smart lights until entire city is infected

A research team has set up a chain reaction attack that would take over Philips Hue smart lightbulbs across entire cities

ICYMI: McAfee security manager, cybersec salaries, Conficker worm, embedded XP; JD Wetherspoon breach

The latest In Case You Missed It (ICYMI) looks at McAfee security manager failure; 2016 cybersec salaries up; Conficker in 20% of attacks; Embedded XP end-of-life; Wetherspoon breach took 15 mins.

20% of cyber-attacks attributed to Conficker worm

Detected in everything from police body cameras to the business internet of things (IoT) landscape, now do you give a configuration fick?

US tried and failed to attack North Korea with Stuxnet worm

Couldn't deploy cyber weapons against Pyongyang

Dirty Facebook worm cuts itself in half to evade detection

Facebook distributing malware is nothing new, nor are shortened URLs for obfuscation, in-the-cloud servers for anonymity or porn as a lure. However the latest Kilim-family variant which hit Facebook last week uses all of them and with a twist: this worm keeps cutting itself in half to evade detection.

Stuxnet 'an accident waiting to happen'

Stuxnet was targeted 'inside-out' not 'outside-in' infiltration of air-gapped system says new book.

Concerns over Asus and Linksys router vulnerabilities

White hat hacker discloses router vulnerabilities that might only be fixed when new firmware versions are deployed.

NSA 'probably developing Mask-type malware'

"Logic suggests that the NSA is developing its own cyber weapons. It has its own malware, and its own C&C servers" says Sarb Sembhi, Incoming Thought Analyst.

Saudi Arabia and Israel target Iran's nuclear programme

Saudi Arabia and Israel are seeking to disrupt Iran's nuclear programme by using a computer worm more destructive than Stuxnet.