Cybercriminals have started a new trend for conducting distributed denial-of-service attacks and rely on a type of DNS amplification that leverages text records for making the operation more effective; in some campaigns, parts of a press release from the White House have been observed by researchers.
The tactic is not new, but more and more incidents of this sort have been recorded. The entertainment sector is the most targeted. Attackers have used large TXT records in reflection attacks in the past. Cybercriminals often use intermediate victims to reflect the bad traffic to their target.
Read moreResearchers have spotted a new technique used by phishers which could trick even more users into believing they are entering their information in a legitimate web form.
Instead of replicating as faithfully as possible a legitimate website, the attackers need only to set up a phishing page with a proxy program which will act as a relay to the legitimate site, and create a few fake pages for when users need to enter their personal and financial information. In the spotted attack, users are directed to the malicious site by clicking on a search result they got by entering a product's name. The attackers used a number of techniques to make the URL appear in the results.
Read moreCyberespionage is the weapon of choice in the 21st century. Even a seemingly harmless mobile app is able to find out quite a few secrets that a careless user might reveal, let alone full-scale surveillance campaigns specifically targeted at representatives of major businesses and government organizations.
This autumn’s newest revelation is the discovery of a spy network, dubbed ‘Darkhotel’, which had been active for seven years in a number of Asian hotels. Furthermore, smart and professional spies involved in this long-running operation created a comprehensive toolkit consisting of various methods that can be used to break into victims’ computers.
Read moreAs banks and retailers are barreling toward a 2015 deadline to replace magnetic-stripe credit and debit cards with more secure cards that come embedded with a microchip, researchers have announced a critical flaw in the card system.
The card system fails to recognize transactions made in non-UK foreign currencies and can therefore be tricked into approving any transaction. What’s more, because the cards allow for contactless transactions, wherein consumers need only to have the card in the vicinity of a reader without swiping it, a thief carrying a card reader designed to read a card that’s stored in a wallet or purse could conduct fraudulent transactions without the victim ever removing their card.
Read moreThe persistence of the Shellshock vulnerability remains high more than a month after it first surfaced. The latest attacks involved SMTP servers belonging to web hosts. Attackers are using Shellshock exploits targeting the now infamous vulnerability in Bash in order to drop a perl script onto compromised computers.
The script adds the hacked computers to a botnet that receives its commands over IRC. The attack leverages Shellshock as a main attack vector through the subject, body, to, from fields. Once compromised, a perl botnet is activated and beaconing on IRC for further instructions.
Read moreTor exit node in Russia spotted downloading malicious code. Users of the Tor network now have one more reason to be cautious when using the service to browse the Internet or to download executable code anonymously.
A security researcher uncovered a malicious Tor exit node in Russia being used by unknown attackers to insert malicious code into files being downloaded by Tor users. Tor administrators have since flagged the node as a BadExit, meaning that Tor clients now know to avoid using the server. Tor is a network that allows users to browse the web anonymously. It uses a series of encrypted connections to route data packets in such a manner as to hide the true IP address of the person using the service.
Read moreFour in 10 people in the USA report experiencing weekly and even daily attempts via their personal computers to access their personal information and other valuable data.
Across the range of electronic devices people use today, consumers worry most about their PCs being compromised — and for good reason. On the plus side, the 2014 survey data show a big jump in the number of individuals taking affirmative steps to help protect their mobile devices. After all, mobile phones and laptops can contain as much — if not more — personal information as home computers. That compares to an average of five steps to help protect PCs and eight steps to shield personal information generally.
Read moreThe retailer and the fast-food chain are the latest businesses to report that hackers accessed payment-card data by breaching their systems. Kmart and Dairy Queen customers should check their credit- and debit-card statements for shady activity.
That's because the retailer and the fast-food chain have become the latest businesses to reveal that their payment systems were hacked. The breach has been plugged and the malware removed, James said. Dairy Queen similarly said there was no indication that any other personal information was affected and that the security hole had been addressed.
Read moreYouTube has become a daily habit for millions all over the world, but it looks like there has been some malicious activity on the website -- which may have affected more than 100,000 users over a 30 day period.
According to Trend Micro, they have been monitoring the activity on YouTube over the past couple of months and have found that the attack comes in the form of ads that are present on the site. While the ads themselves have no malicious content, the issue seems to occur when the ad is clicked. Although these ads should be monitored and screened by YouTube, some have seemed to slip through the cracks, redirecting to malicious websites that could cause infections.
Read moreMore than 10 million users of the popular Cyanogen build of Android are exposed to man-in-the-middle attacks thanks to reuse of vulnerable sample code. The zero day vulnerability makes it possible to target any browser used on the popular Android distribution.
A security researcher who works for a top-tier vendor, but asked Vulture South not to use his name, said Cyanogenmod developers among many others had taken Oracle's sample code for Java 1.5 for parsing certificates to obtain hostnames - which is vulnerable to an older bug - and implemented it. Cyanogenmod developers have been contacted about the flaw.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland