10Fold – Security Never Sleeps – 5

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to consider: Google is now adding support to Apples OS-X based malware, VirusTotal will help identify malware using sandboxes. A new banking malware called Dyreza is targeting online holiday shoppers. NSA revealed they are aware that monitoring data would be consider invasive spying. U.S. is allegedly developing their own encryption apps to stay ahead of terrorist attacks.

Google’s VirusTotal Now Analyzes Mac Malware In Sandbox Playground – Publication: ZDNet – Reporter name: Charlie Osborne

The service, acquired by Google in 2012, offers free utilities for researchers — and black hat malware creators — to test files and URLs for suspicious code. VirusTotal detects malicious code ranging from Trojans to worms and viruses, supporting the submission of approximately 1,500,000 files in November alone.


New Banking Malware Variant Ready To Profit From Holiday Rush – Publication: SC Magazine – Reporter name: Greg Masters

A new variant of the notorious banking trojan Dyreza has been detected by researchers at Heimdal Security. The data-stealing malware – a spinoff of the infamous ZeuS malware which targets major online banking websites, like Bank of America, Natwest, Citibank, RBS, Ulsterbank  – now is capable of working with Windows 10 and can also interact with Microsoft Edge, the company’s new default web browser replacing Internet Explorer, to siphon data and then transfer it to malicious servers.


Yes, the NSA Worried About Whether Spying Would Backfire – Publication: Wired – Reporter name: Issie Lapowesky

It can be tough to imagine what exactly was going through the minds of National Security Agency officials when they decided they could secretly collect American citizens’ private data in bulk. On stage at Yahoo’s Digital Democracy conference in Des Moines, Iowa this week, the NSA’s former general counsel, Matt Olsen, attempted to explain. A common misconception, Olsen says, is that the NSA began collecting the data without giving any thought to how controversial the program would be if word got out.


U.S. May Be Financing Encryption Apps To Stay Ahead Of Terrorists – Publication: CIO – Reporter name: Matt Hamblen

U.S. intelligence agencies are probably involved in funding commercial encryption apps through the government’s Open Technology Fund to stay on top of terrorists and organized criminals that use encryption to cloak their communications, several security experts said Wednesday.