What is a proxy and what types of proxies exist? What protocol are used in the anonymization process? How does anonymity help with malware investigations?
The post The role of proxies and protocols in malware investigations appeared first on We Live Security.
Potentially 600m Samsung Galaxy phones are at risk of malicious compromise after a new exploit was discovered by a security researcher.
The post New exploit compromises Samsung Galaxy phones appeared first on We Live Security.
Dell SecureWorks said a new version of the Stegoloader malware uses steganography to hide itself from detection.
The attackers behind the recently disclosed Duqu 2.0 APT have used stolen digital certificates to help sneak their malware past security defenses, and one of the certificates used in the attacks was issued to Foxconn, the Chinese company that manufactures products for Apple, BlackBerry, Dell, and many other companies. Researchers at Kaspersky Lab, who discovered […]
SANS Institute reports that Cryptowall 3.0 ransomware infections emanating from the Angler Exploit Kit are on the rise, and coincide with a spike from malicious spam campaigns.
The Duqu attackers, who are considered by researchers to be at the top of the food chain of APT groups and are responsible for attacking certificate authorities and perhaps spying on Iran’s nuclear program, have resurfaced with a new platform that was used to compromise high-profile victims, including some related to the Iran nuclear talks […]
Developers behind the banking Trojan Vawtrak have begun obscuring some of their servers with Tor2Web, a move that’s added another level of difficulty when it comes to uncovering their activity.
According to the official news release, hackers managed to breach the Office of Personnel Management (OPM). With the information of 4 million federal government workers exposed, it is one of the biggest in the federal government’s history. The hack was discovered because “within the last year, the OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks”.
In order to determine the full impact the OPM is now investigating the issue together with the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI).
In their statement the agency wrote: “Since the intrusion, OPM has instituted additional network security precautions, including: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.”
Sounds all good, but who is to blame? According to The Washington Post and the Wall Street Journal the hackers might have been Chinese, a link that China’s Foreign Ministry Spokesman calls “irresponsible”.
The post OPM Data Breach: Data of 4 Million Federal Workers Exposed appeared first on Avira Blog.
Any human with an email address likely has gotten thousands of spam messages that look like delivery notifications, invoices, or other alleged communications from shipping companies such as UPS or DHL. They typically contain malicious attachments with exploits for a browser or plug-in vulnerability, but a researcher at the University of Cambridge has run across […]
The latest campaign to leverage Skype – a botnet circulating adware, composed entirely of Skype users – was recently disrupted by researchers.