Victims of the CryptoWall ransomware have been extorted out of at least $1m. Despite a takedown operation in June, CryptoWall continues to be the largest and most destructive ransomware threat on the internet, according to the latest analysis of the threat by security researchers from Dell SecureWorks Counter Threat Unit.
Cryptowall is a strain of file-encrypting ransomware that encrypts files on infected Windows PCs and attached storage devices with RSA-2048 encryption before demanding a ransom for the private key that recovers the documents. Dell SecureWorks CTU researchers registered a domain used by the CryptoWall malware as a backup command and control (C2) server in February.Read more
The FBI is investigating an incident of data theft from JPMorgan Chase & Co. (JPM) that could potentially have been carried out by Russian hackers, Bloomberg reported Thursday, citing sources familiar with the situation.
“The way the Russians do it, to the extent we can see into the process, is they encourage certain targets,” James Lewis, the director of the Strategic Technologies program at the Center for Strategic and International Studies in Washington, was quoted as saying by Bloomberg. “The Russians typically keep open the options to do something more, and the question now is what would trigger that and what would our response be,” he added.Read more
As many of you may have already been aware, a breach at Community Health Systems (CHS) affecting an estimated 4.5 million patients was recently revealed. TrustedSec obtained the first details on how the breach occured and new information relating to this breach.
The initial attack vector was through the infamous OpenSSL “heartbleed” vulnerability which led to the compromise of the information. This confirmation of the initial attack vector was obtained from a trusted and anonymous source close to the CHS investigation. Attackers were able to glean user credentials from memory on a CHS Juniper device via the heartbleed vulnerability.Read more
Cryptolocker is being flogged over YouTube by vxers who have bought advertising space, researchers Vadim Kotov and Rahul Kashyap have found. The researchers made the discovery while monitoring YouTube and website banners for instances where malware writers had actually purchased space to foist their wares on unpatched web users.
The duo who will present at the upcoming Virus Bulletin 2014 conference in Seattle wrote in a paper advertisement networks was a viable way to flog virus and trojans.Read more
The Swiss Switch CH Company declared that the Trojan code, which attacks online banking systems of Switzerland‘s large banks was found.
Experts claim that the code is Russian; it is also capable to change settings in domain system of the computer or abduct SMS keys. In practice the Trojan aims the victim to appear on hacker‘s site and there all requisites for access to the real banking will be taken. The most important thing is the malicious code is capable to bypass even a two-factorial identification system; in addition it is capable to change DNS records in such a way that the client won’t notice anything.Read more
The Bluebox Labs Company experts have published information about security vulnerability on Android platform which allows hackers to get access into functions of gadgets and to personal information without user‘s knowledge.
However many users are in danger as vulnerability was corrected only in the last Android version, but in other versions it still exists. After the Bluebox Labs Company found vulnerability, in English-speaking releases "hole" it was called "super vulnerability of new type", it is likely because of possibility to extend extremely malicious software. BlueBox experts called vulnerability Fake ID, because it allows malware apps to pass fake credentials to Android, which fails to properly verify the app's cryptographic signature.Read more
Almost a year ago, at the ‘Hack In The Box’ security summit in Amsterdam, a security researcher at N.Runs and a commercial airline pilot, Hugo Teso presented a demonstration that it's possible to take control of aircraft flight systems and communications using an Android smartphone and some specialized attack code.
Quite similar to the previous one, a security researcher claims to have devised a method that can give cyber criminals access to the satellite communications equipment on passenger jets through their WiFi and in-flight entertainment systems. Santamarta research paper titled “SATCOM Terminals: Hacking by Air, Sea and Land” explains that ships, aircraft and industrial facilities are all at risk of being compromised — perhaps with catastrophic results.Read more
The Tor encryption service is a high-profile bastion of computer security, but the project appears to have been compromised earlier this year.
Today, the Tor Project blog announced that an unknown party likely managed to gather information about people who were looking up hidden services — websites that users can operate and visit anonymously, like Silk Road — and could theoretically have compromised other parts of the network. Anyone who used Tor between early February and July 4th of 2014 "should assume they were affected" by the attack, says the Tor team. But they don't know what exactly that means.Read more
The main page Gizmodo was changed. Hackers have made all the users to be redirected to another web-page with the help of optional script.
The group of attackers compromised the well-known design Gizmodo`s reputation. Attackers tried to hack the site in order to spoil their reputation. Hackers changed the page of Brazilian web-portal Gizmodo by adding the script with the help of which guests of the site were redirected to an absolutely another page. The page on which the users were redirected was located in Sweden, under the domain name .se. The sheathing for server control was loaded on a site.Read more
Canada accused China on Tuesday of hacking into the computers of its research and development arm, which Beijing strongly denied.
China partners each year with thousands of Canadians firms to roll out new technologies, and took advantage of this arrangement to engage in a cyber attack, Ottawa said. "Recently, the government of Canada, through the work of the Communications Security Establishment, detected and confirmed a cyber intrusion on the IT infrastructure of the National Research Council of Canada by a highly sophisticated Chinese state-sponsored actor," said a government statement.Read more