Articles about malware

Image by Daniel Wiedemann http://www.shutterstock.com/gallery-89719p1.html

NUUO, do not want! CCTV webcams can be hacked to spy on you

Researchers have uncovered two flaws that leave more than 100,000 NUUO-powered internet-connected surveillance cameras open to remote takeover. Tenable Research on Monday laid claim to discovering two bugs in NUUO's Network Video Recorder firmware that can be exploited to covertly access a camera's video feed or simply take …
Shaun Nichols, 17 Sep 2018
Suitcases

Brit airport pulls flight info system offline after attack by 'online crims'

Bristol Airport deliberately yanked its flight screens offline for two days over the weekend in response to a cyberattack. Techies took down computer-based flight information systems at the airport in provincial England between Friday morning and the wee hours of Sunday morning. The electronic screens were replaced by …
John Leyden, 17 Sep 2018
Swiss cheese

Kronos crims go retro, Apple builds cop portal, Swiss cheesed over Russian hack bid, etc

Roundup This was the week of ice cold exploits, re-appearing JavaScript nasties, and of course Patch Tuesday. A few other things happened too… Android gets its monthly patch-up Microsoft and Adobe weren't the only ones to kick out monthly updates recently. Google also issued the September update for Android. This month, fixes …
Shaun Nichols, 15 Sep 2018
hacker

Supermicro wraps crypto-blanket around server firmware to hide it from malware injectors

Researchers claim to have discovered an exploitable flaw in the baseboard management controller (BMC) hardware used by Supermicro servers. Security biz Eclypsium today said a weakness in the mechanism for updating a BMC's firmware could be abused by an attacker to install and run malicious code that would be extremely …
Shaun Nichols, 7 Sep 2018

Mikrotik routers pwned en masse, send network data to mysterious box

More than 7,500 Mikrotik routers have been compromised with malware that logs and transmits network traffic data to an unknown control server. This is according to researchers from 360 Netlab, who found the routers had all been taken over via an exploit for CVE-2018-14847, a vulnerability first disclosed in the Vault7 data …
Shaun Nichols, 4 Sep 2018
Dog waits on a Welcome mat. photo by sHutterstock

Welcome! Mimecast finds interesting door policies on email filters

Inhouse email filters still miss millions of attacks – including malware attachments, impersonation and malicious links – the latest quarterly stats from cloud provider Mimecast have found. The company used its Email Security Risk Assessment (ESRA) tool to assess the efficiency of email security in use by 37 organisations …
John E Dunn, 30 Aug 2018
businessman operating virtual hud interface and manipulating elements with robotic hand

We can rebuild him, we have the technology: AI will help security teams smack pesky anomalies

Analysis With highly targeted cyber attacks the new normal, companies are finding the once-hidden Security Operations Centre (SOC) is the part of their setup they really count on. SOCs have existed in a variety of guises for decades, emerging in recent years as a natural consequence of centralising security monitoring across …
John E Dunn, 24 Aug 2018
Shutterstock pickpocket

Nork hackers Lazarus brought back to life by AppleJeus to infect Macs for the first time

The malware-making gang of hackers dubbed Lazarus is said to be behind a crypto-coin-stealing nasty that infects Macs. This would be the first time this group has targeted Apple desktops. Kaspersky Lab eggheads said today the fun-bucks generator, dubbed AppleJeus, is a port of another piece of malware Lazarus uses to …
Shaun Nichols, 23 Aug 2018
rat

Cisco smells a RAT in Breaking Security's Remcos PC wrangler

Updated Cisco Talos says criminals are using one research company's testing tools to set up and run botnets. A report released Wednesday by Talos researchers found that Breaking Security's Remcos remote control tool and Octopus Protector encryption utility, along with other Breaking Security tools, are being used in the wild to set up …
Shaun Nichols, 22 Aug 2018
Thumb down to Facebook

Facebook Messenger backdoor demand, bail in Bitcoin, and lots more

Roundup It's time for another rapid roundup of computer security news beyond what we've already reported. US prosecutors want Facebook Messenger crypto cracked Uncle Sam is demanding Facebook alter its Messenger software so that American g-men can easily snoop on suspected criminals, it is claimed. The social network is said to be …
Shaun Nichols, 18 Aug 2018
China cybersecurity

Juno this ain't right! Chinese hackers target Alaska

An attack on US government facilities in Alaska has been traced back to China's Tsinghua University and a larger hacking effort. Researchers with security house Recorded Future say [PDF] that the attack, initially focused on seperatist activity in Tibet, grew to to target US government operations in the Pacific including bases …
Shaun Nichols, 16 Aug 2018
Money laundering

Florida Man laundered money for Reveton ransomware. Then Microsoft hired him

A former Microsoft network engineer will be spending a sojourn behind bars after pleading guilty to conspiracy to commit money laundering. Raymond Odigie Uadiale was this week given an 18-month sentence and three years supervised release – after he agreed to a plea deal that saw him cop to a conspiracy charge in exchange for a …
Shaun Nichols, 15 Aug 2018
Privacy policy on a tablet

Kaspersky VPN blabbed domain names of visited websites – and gave me a $0 reward, says chap

Updated Kaspersky's Android VPN app whispered the names of websites its 1,000,000-plus users visited along with their public IP addresses to the world's DNS servers. The antivirus giant duly fixed up the blunder when a researcher reported it via the biz's bug bounty program – for which he received zero dollars and zero cents as a …
Shaun Nichols, 9 Aug 2018
A robot AI thing doing some naughty hacking

Should I infect this PC, wonders malware. Let me ask my neural net...

Black Hat Here's perhaps a novel use of a neural network: proof-of-concept malware that uses AI to decide whether or not to attack a victim. DeepLocker was developed by IBM eggheads, and is due to be presented at the Black Hat USA hacking conference in Las Vegas on Thursday. It uses a convolutional neural network to stay inert until the …
china hacker

Japanese dark-web drug dealers are so polite, they'll offer 'a refund' if you're not satisfied

The concept of the "dark web" in Asia is way different to what peeps in Europe and the Americas are used to. This is according to researchers at New York computer security firm IntSights, which today outlined a number of quirks unique to Asian countries in the way underground sites, and those of questionable legality, operate …
Shaun Nichols, 8 Aug 2018

Chip flinger TSMC warns 'WannaCry' outbreak will sting biz for $250m

Chipmaker TSMC has warned that a previously disclosed virus infection of its Taiwanese plant may cost it up to $250m. The malware struck on Friday, and affected a number of unpatched Windows 7 computer systems and fab tools over two days. "The degree of infection varied by fab," the firm said in an update on Sunday. "TSMC …
John Leyden, 6 Aug 2018
Man in tie smashes printer with baseball bat in a field.

Ever seen printer malware in action? Install this HP Ink patch – or you may find out

HP Inc has posted an update to address a pair of serious security vulnerabilities in its InkJet printers. The firmware update patches CVE-2018-5924 and CVE-2018-5925, two flaws that can be exploited by printing a file that triggers a stack or static buffer overflow, giving you the ability to then execute malicious code on the …
Shaun Nichols, 3 Aug 2018
Coal miners

MikroTik routers grab their pickaxes, descend into the crypto mines

Researchers have found thousands of MikroTik network routers in Brazil serving up crypto-coin-crafting CoinHive code. Trustwave researcher Simon Kenin said this week one or more attackers have exploited a known vulnerability in Mikrotik's enterprise routers to inject error pages with code that uses visitors' machines to mine …
Shaun Nichols, 3 Aug 2018

Create a news alert about malware, or find more stories about malware.

Biting the hand that feeds IT © 1998–2018