CradleCore Ransomware Sold as Source Code
“Malicious software making the rounds on underground forums”
Forcepoint security researchers have found a new ransomware, CradleCore, circulating in cybercriminal markets online. CradleCore has a customizable source code, breaking from the usual RaaS ‘business model’ that is common to similar programs.
Sneaky Exploit Allows Phishing Attacks From Sites That Look Secure
“Constantly evolving malware causes increasing concern”
Phishing attacks have long been a tool of cybercriminals online, and they’re getting worse than ever before. A recent example of this is a new exploit allows what would otherwise be recognized as untrustworthy sites to a safe URL, bypassing many security systems that would otherwise block malicious actor.
IoT malware clashes in a botnet territory battle
“Rival malware emerges to notorious Mirai”
Security researchers have identified a competitor to the Mirai botnet malware responsible for the crippling of several high profile websites. The up-and-comer is capable of commandeering low security IoT devices with greater effectiveness than its counterpart, a worrying fact to researchers as well as users.
Attackers start wiping data from CouchDB and Hadoop databases
“Ransomware groups affect data storage firms”
The inevitable attack from ransomware organizations occurred over the last week, most recently with a data wipe from the databases of MongoDB and Elasticsearch clusters. Hadoop and CouchDB are also experiencing similar attacks.
New Mac malware uses ‘ancient’ code
“New strain targets biomedical facilities with OS X”
An antiquated strain of malware ‘Quimitchin’ has been discovered by Malwarebytes after unusual outgoing traffic from an outdated Mac operating system was spotted by an IT admin. The research team commented that “in existence, undetected, for some time.”
Billion-dollar Hacker Gang Abuses Google Services To Control Malware
“Over $1 billion stolen from banks globally”
A new Forcepoint report indicates that operators of Carbanak have implemented a new system that allows the cyber-criminals to deliver commands to computers that have suffered from the infection. The infections often spreads through unprotected Google Spreadsheets and Google Forms.
Mobile Security Gap Threatens Enterprises
“New mobile tech causing security concerns”
Two new surveys of IT experts show that malicious software is on the hotlist for researchers. A Ponemon Institute study on behalf of IBM and Arxan found that nearly 84% of IT security practitioners believe that mobile applications are vulnerable to malware threats. IoT application researchers share the concerns at 66%, although at a lower rate.