Tag Archives: Dridex

10Fold- Security Never Sleeps- 167

New Jaff Ransomware Variant Emerges

“Another active threat detected”

As WannaCry headlines begin to die down, another variant of a detrimental ransomware has begun to make the rounds. Jaff, a necurs distributed botnet, uses a similar deliery system as Locky and WannaCry. This gives security researchers an insight into the threat actors who designed Locky and Dridex, who also launched the Bart ransomware that grew concerns last year.

Survey Shows Disparity in GDPR Preparedness and Concerns

“New regulation affects any firm that does business in EU”

The GDPR will take affect one year from toay, but there seems to be little readiness for firms to take on the necessities outlined in the legislation. Specifically, geographic differences are highlighted in a recent study that shows just how ill-prepared disparate nations are.

Newly discovered vulnerability raises fears of another WannaCry

“Tens of thousands of devices potentially open to attacks”

A recently found flaw in widely used networking programs have a new flaw that could leave users open to ransomware like WannaCry. The U.S. Department of Homeland Security announced the potential for harm on Wednesday, which is claimed to be able to take control of the compromised device entirely without a patch applied by the user and admisistrator.

 

10Fold- Security Never Sleeps- 154

Dridex gang uses unpatched Microsoft Word exploit to target millions

“Attacks beginning in January”

The group associated with the Dridex trojan software has begun using an unpatched Microsoft Word vulnerability that allows it to potentially affect millions of users. The capability of harm was revealed Friday by McAfee antivirus researchers, and security researchers firm FireEye have confirmed more instances of issues over the past several weeks as well.

US dismantles Kelihos botnet after Russian hacker’s arrest

“Unrelated to potential tampering in U.S. election”

The recent arrest of a Russian cybercriminal in Spain has led to the destruction of a large scale botnet. Kelihos, a botnet that is directly responsible for the remote control and ‘enslavement’ of hundreds of thousands of IoT devices, has been used to distribute malware globally in the past. On Monday the U.S. Justice Department released a statement claiming it had taken actions to officially dismantle the project.

Hackers Steal Customer Card Data From GameStop

“Popular gaming retailer apparently breached”

GameStop, a popular retailer among the gaming community, allegedly has been compromised with the possibility of customer payment card information stolen. Included are the name, address, and verification numbers of credit cards.

Cisco Finds Many Flaws in Moxa Industrial Aps

“More than a dozen issues identified”

Talos Intelligence, a Cisco research group, has finished a two-week observation of a wireless AP from Moxa, concluding that many vulnerabilities are apparent from their tests. Over a dozen were officially verified, including remote exploitation that would effectively give a cybercriminal full access to operating functions of a device. Moxa has apatched all but on of these vulnerabilities, the details of which will be disclosed after it has been dealt with.

Enjoy your read? Check out our other content here.