Tag Archives: Kaspersky

10Fold- Security Never Sleeps- 177

More than half of major malware attack’s victims are industrial targets

“Petya intended effects examined”

Kaspersky Labs has released a new report with some grand insights in the Petya malware attack. First appearing as a widespread ransomware attack, it became clear later into the ordeal that the spread was more intended for destruction rather than financial gain. Kaspersky reported specifically that financial sectors were the most affected, as well as manufacturing or oil mechanisms.

Hacking Factory Robot Arms for Sabotage, Fun & Profit

“Could open a new world of ‘Subtle Blackmail'”

Black Hat talk will discuss how cybercriminals could manipulate robotic arms and create defects in vital products. Security researchers have been accumulating cache’s of big discoveries about IIoT vulnerabilities, and Black Hat is planning on continuing their release to raise awareness of critical flaws in infrastructure, power grids, and gas pipeline controls.

General Data Protection Regulation (GDPR) requirements, deadlines and facts

“EU legislation lowdown” 

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states, and non-compliance could cost companies dearly. This article details what every company that does business in Europe needs to know about GDPR.

Online fraud costs public billions but is still not a police priority, says watchdog

“Policing institutions not enforcing rules effectively”

The National Audit Office has claimed that various policing and regulatory agencies were insufficiently addressing the issue of online fraud. The NAO says that for most police forces the incidents are: “not yet a priority” and the problem had been overlooked by government, law enforcement and industry.

10Fold- Security Never Sleeps- 158

Mysterious Hajime Botnet Grows to 300,000 IoT Devices: Kaspersky

“About 300,000 devices already captured”

Kaspersky Labs security researchers has revealed that a new botnet malware emerging in October of last year, Hajime, has been busy ensnaring thousands of IoT devices. This new strain came on the scene around the same time we saw the Mirai attacks and targets devices in the same way without using them for DDoS processes.

Chipotle Investigating Payment Card Breach

“Unauthorized activity recently detected on network”

Popular restaraunt chain Chipotle Mexican Grill informed its recent customers on Tuesday that the company’s payment archives from its over 2,000 locations may have been breached. With an investigation ongoing, the information being made to the public is still limited.

Game guide malware ‘targeted more than 500,000 users’

“Popular mobile games affected”

App based game guides that include some of the most popular programs have been used to attack over half a million Android users. Google Play harbors the applications responsible for the malware, with researchers at Checkpoint reporting that the apps project unwanted ads and other issues to users.

Web Attacks Decline, Ransomware Attacks Surge

“More efficient and lucrative attacks developed”

New ransomware attacks on end users have been detailed by Symantec’s annual Internet Security Threat Report. The report shows the effects of cyberattacks on intended victims as well as the growing trend in ransomware attacks, up 36% last year.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 140

A Scary New Kind of Malware Is Invading Banks All Over the World

“Invisible malware used by hackers to drain bank accounts”

Security research lab Kaspersky has revealed that now over 140 institutions, which includes banks, governmental bodies and other large firms, are suffering from a malware infection unseen for years. Kaspersky has yet to name which institutions exactly were targeted, but acknowledges that the problem is widespread and dangerous. The research firm last saw an attack at this level in 2015, dubbing the strain Duqu 2.0. This malware was linked to the Stuxnet attack in 2011, indicating that, as Dan Goodin of Ars Technica explains the malware is “going mainstream.”

Sports Direct hack ‘puts 30,000 staff details in the wild’

“Firm waited to notify employees”

Many thousands of employees were notified that sensitive personal information was leaked publicly to the internet during a company data breach last September. The hackers used a security hole in the DNN platform, a vulnerability which was not patched during the company’s last security update.

New Mac Malware Found Hiding In A Fake Adobe Flash Program

“Malware disguised as update”

Notifications for software updates for your favorite programs are good, right? Not with the new Adobe Flash update circulating around the web today. A new malware campaign is disguising itself as an urgent patch, pitching itself to Mac users.

Organizations In 40 Countries Under ‘Invisible’ Cyberattacks

“Stealthy assault via resident malware increasingly common”

Unknown actors are stealing sensitive personal and financial data using legitimately crafted malware strains. Kaspersky labs warns that these kinds of attacks are increasingly popular and harder to detect, causing greater concern for lateral movement and persistence than previously thought.

10Fold- Security Never Sleeps- 131

Beyond the CES Hype: No Easy Fixes for Security and Privacy Woes

“No ease for privacy concerns at tech conference”

Despite all the fancy new technology products showcased at the CES conference there was little reassurance of the security of currently existing ones. Experts have reached near consensus that software vulnerabilities in many internet connected consumer devices can be relatively easy to exploit by hackers due to weak security features.

Dangerous assumptions that put enterprises at risk

“Internet providers do not cover preventative measures as expected”

Kaspersky Lab surveys have found that nearly 40 percent of tech companies do not put adequate security measures in place due to the belief that internet service providers will pick up the slack on features that block hackers and cyber thieves. Consumers seem to be in the same boat, with about one-in-three believing their ISP data centers provide adequate protections.

Edge Exploits Added to Sundown EK

“Security holes apparently exploitable by remote hackers”

Those responsible for maintaining the Sundown exploit kit have begun using Microsoft Edge security flaws as a Proof of Concept exploit. The CVE-2016-7200 and CVE-2016-7201 flaws, patched by Microsoft in November of 2016, are described as memory holes that that are corrupted by the way Chakra JavaScript handles code.