Join Architects, Planners, Program Managers, Data Scientists at 4th Annual Cloudera Federal Forum in DC 25 Feb

CTOvision

Track sessions will focus on: Enabling Business Results with Big Data — How to enable agency programs that will yield enormous value through big data to deliver actionable information and measureable results. Government is ever more reliant on data to deliver on mission and programs.

Stealthy cyberespionage malware targets energy companies

Network World

Security researchers have discovered a new malware threat that goes to great lengths to remain undetected while targeting energy companies. The malware program, which researchers from security firm SentinelOne have dubbed Furtim’s Parent, is a so-called dropper -- a program designed to download and install additional malware components and tools. The researchers believe it was released in May and was created by state-sponsored attackers.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Mysterious malware targets industrial control systems

Computerworld Vertical IT

Researchers have found a malware program that was designed to manipulate supervisory control and data acquisition (SCADA) systems in order to hide the real readings from industrial processes. The same technique was used by the Stuxnet sabotage malware allegedly created by the U.S. and Israel to disrupt Iran's nuclear program and credited with destroying a large number of the country's uranium enrichment centrifuges.

IoT malware starts showing destructive behavior

Network World

Hackers have started adding data-wiping routines to malware that's designed to infect internet-of-things and other embedded devices. Researchers from Palo Alto Networks found a new malware program dubbed Amnesia that infects digital video recorders through a year-old vulnerability. Two attacks observed recently displayed this behavior but likely for different purposes.

New Tor-powered backdoor program targets Macs

Network World

Security researchers have found a new backdoor program that allows attackers to hijack Mac systems and control them over the Tor network. The new malware has been dubbed Backdoor.MAC.Eleanor by researchers from antivirus vendor Bitdefender and is distributed as a file converter application through reputable websites that offer Mac software.

New Windows code injection method could let malware bypass detection

Network World

Security researchers have discovered a new way that allows malware to inject malicious code into other processes without being detected by antivirus programs and other endpoint security systems. The new method was devised by researchers from security firm Ensilo who dubbed it AtomBombing because it relies on the Windows atom tables mechanism. We also found that the legitimate program, now containing the malicious code, can be manipulated to execute that code."

Malware distributors are switching to less suspicious file types

Network World

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users. Last week, researchers from the Microsoft Malware Protection Center warned about a new wave of spam emails that carried malicious.LNK files inside ZIP archives. It has been abused to download malware in the past and there are even malware programs written entirely in PowerShell.

Stealthy Mac malware spies on encrypted browser traffic

Network World

A new malware program that targets macOS users is capable of spying on encrypted browser traffic to steal sensitive information. The new program, dubbed OSX/Dok by researchers from Check Point Software Technologies, was distributed via email phishing campaigns to users in Europe. The malware was attached to the email as a file called Dokument.zip.

IoT malware clashes in a botnet territory battle

Network World

Mirai -- a notorious malware that's been enslaving IoT devices -- has competition. A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things products, with a resiliency that surpasses Mirai, according to security researchers. Security researchers have dubbed the rival IoT malware Hajime, and since it was discovered more than six months ago, it's been spreading unabated and creating a botnet.

Mysterious malware targets industrial control systems, borrows Stuxnet techniques

Network World

Researchers have found a malware program that was designed to manipulate supervisory control and data acquisition (SCADA) systems in order to hide the real readings from industrial processes. The same technique was used by the Stuxnet sabotage malware allegedly created by the U.S. and Israel to disrupt Iran's nuclear program and credited with destroying a large number of the country's uranium enrichment centrifuges.

Cyberspies tap free tools to make powerful malware framework

Network World

Over the past year, a group of attackers has managed to infect hundreds of computers belonging to government agencies with a malware framework stitched together from JavaScript code and publicly available tools. The attack, analyzed by researchers from antivirus firm Bitdefender , shows that cyberespionage groups don't necessarily need to invest a lot of money in developing unique and powerful malware programs to achieve their goals.

Stealthy malware Skimer helps hackers easily steal cash from ATMs

Network World

Security researchers have found a new version of a malware program called Skimer that's designed to infect Windows-based ATMs and can be used to steal money and payment card details. The latest modification, found by researchers from Kaspersky Lab at the beginning of May, uses new techniques to evade detection. Upon installation, the malware checks if the file system is FAT32 or NTFS.

Sophisticated malware possibly tied to recent ATM heists in Thailand

Network World

Security researchers have found a sophisticated malware program that may have been used recently by a gang of hackers to steal more than US$350,000 from ATMs in Thailand. A sample of the new malware, dubbed Ripper, was uploaded to the VirusTotal database from an Internet Protocol address in Thailand last week, shortly before local media reported that hackers used malware to steal 12.29

Researchers dismantle decade-long Iranian cyberespionage operation

Network World

The infrastructure used by an Iranian cyberespionage group to control infected computers around the world has been hijacked by security researchers. Researchers from Palo Alto Networks came across the group's activities earlier this year, but found evidence that it has been operating since at least 2007. Its main tool is a custom malware program dubbed Infy, which was repeatedly improved over the years.

Thousands of Seagate NAS boxes host cryptocurrency mining malware

Network World

Thousands of publicly accessible FTP servers, including many from Seagate network-attached storage devices, are being used by criminals to host cryptocurrency mining malware. Researchers from security vendor Sophos made the discovery when they investigated a malicious program dubbed Mal/Miner-C, which infects Windows computers and hijacks their CPUs and GPUs to generate Monero, a bitcoin-inspired cryptocurrency.

New Mac Trojan uses the Russian space program as a front

Network World

Security researchers have found a new Mac OS X malware that appears to be targeting the aerospace industry. Interestingly, the Trojan will also save a PDF document to the infected system concerning the Russian space program. The Trojan, called Komplex, can download, execute, and delete files from an infected Mac, according to security firm Palo Alto Networks.

Shared malware code links SWIFT-related breaches at banks and North Korean hackers

Network World

Malware links suggest that North Korean hackers might be behind recent attacks against several Asian banks, including the theft of US$81 million from the Bangladesh central bank earlier this year. Security researchers from Symantec have found evidence that the malware used in the Bangladesh Bank cyberheist was used in targeted attacks against an unnamed bank in the Philippines.

DOE’s secret weapon: Supercomputers, Developers Scramble to Build NSA-Proof Email and more

CTOvision

“Many of the department’s supercomputing resources are devoted only to the highest impact, breakthrough research.” By Ryan Kamauff Here are the top cyber news and stories of the day.

Snake cyberespionage malware is ready to bite Mac users

Network World

A sophisticated Russian cyberespionage group is readying attacks against Mac users and has recently ported its Windows backdoor program to macOS. It targets government entities, intelligence agencies, embassies, military organizations, research and academic institutions and large corporations. The group, known in the security industry as Snake, Turla or Uroburos, has been active since at least 2007 and has been responsible for some of the most complex cyberespionage attacks.

Fed Tech Roundup December 2

CTOvision

Malware, ransomware twice as likely to hit state, local networks - GCN.com. How Valuable is Federal Research? AI Program Beats Humans On College Acceptance Test - Nextgov. Wins Contract in Support of DoD Information Analysis Center Program. News DHS invincea IRS Malware ZuckerbergThe following are some of the hot topics in the federal technology ecosystem (from FedTechTicker.com and TopTechTicker.com ): Fed Tech Ticker.

Malware targets Oracle Micros point-of-sale customers

Computerworld Vertical IT

A new malware program designed to steal payment card details from point-of-sale (PoS) systems is targeting businesses using Oracle Micros products. Security researchers from antivirus firm Trend Micro recently came across a highly configurable memory-scraping malware program that they dubbed MalumPoS. Micros, acquired by Oracle last year, develops front- and back-office customer service systems that are popular in the hospitality, food and retail industries.

ACC Foundation Releases Extensive State of Cybersecurity Report

CTOvision

Employee error was the most frequent cause of a breach (24%), followed by inside jobs (15%), phishing (12%), access through a third party (12%), lost laptop or device (9%), application vulnerability (7%), and malware (7%). PPL forms program for nonprofit groups (republicanherald.com). Cyber Security News Research ACC Ballard Spahr Business Insider Corporation The State of Cyber Security ReportKatie Kennedy.

Report 161

Tech Blogs – Best Must Read Tech Resources 2019

Galido

Malwarebytes is a leader of malware prevention and protection. Zone Alarm Cybersecurity blog offers information on malware and protecting yourself online. They offer malware alerts, practical online security tips, and more.

Best IT and Tech Blogs – Must Read Information Technology Resources 2019

Galido

Malwarebytes is a leader of malware prevention and protection. Zone Alarm Cybersecurity blog offers information on malware and protecting yourself online. They offer malware alerts, practical online security tips, and more.

Best Tech Blogs – Must Read Tech Resources 2019

Galido

Malwarebytes is a leader of malware prevention and protection. Zone Alarm Cybersecurity blog offers information on malware and protecting yourself online. They offer malware alerts, practical online security tips, and more.

Top Tech Websites 2019

Galido

Malwarebytes is a leader of malware prevention and protection. Zone Alarm Cybersecurity blog offers information on malware and protecting yourself online. They offer malware alerts, practical online security tips, and more.

Apple 93

Best IT Blogs – Must Read Information Technology Resources 2019

Galido

Malwarebytes is a leader of malware prevention and protection. Zone Alarm Cybersecurity blog offers information on malware and protecting yourself online. They offer malware alerts, practical online security tips, and more.

S&R Analyst Spotlight: Josh Zelonis

Forrester IT

When he's not out cruising his Harley, Josh is working with clients to adapt their architecture, policies, and processes to evolving threats and to develop robust incident response programs. His research focuses on threat intelligence, endpoint detection and response (EDR), malware analysis, pen testing/red teaming, forensics and investigations, and of course, incident response. Based on the West Coast, Senior Analyst Josh Zelonis is the newest addition to the S&R team.

Fed Tech Roundup July 29

CTOvision

E-invoice mandate, Flash malware spike and more - FCW.com. NASA Awards Aerospace Propulsion, Communications Research Contracts. NASA Awards Contract to Support Agency’s Human Spaceflight Programs. The following are some of the hot topics in the federal technology ecosystem (from FedTechTicker.com and TopTechTicker.com ): Fed Tech Ticker. TASC, an Engility Company, Awarded $67M U.S. Air Force Global Positioning System (GPS) Contract.

Ransomware spreads through weak remote desktop credentials

Network World

Stolen or weak remote desktop credentials are routinely used to infect point-of-sale systems with malware, but recently they've also become a common distribution method for file-encrypting ransomware. In March, researchers discovered a ransomware program dubbed Surprise that was being installed through stolen credentials for TeamViewer, a popular remote administration tool.

Fresh Insights into the NSA’s Cyber Capabilities

CTOvision

A recent report from Russian researchers has provided more specific information vis-à-vis the technical capabilities of NSA. The group has been engaged in cyber espionage for more than a decade, and it has several signature malware platforms in its arsenal. According to Reuters , a former NSA employee confirmed the hypothesis that the NSA is behind the Equation Group, and the employee confirmed that the spying programs in the report are extremely valuable to the agency.

Groups 244

More on Operationalizing Threat Intelligence

Network World

Overall malware volume is down but the number of variants has gone up precipitously. In fact, according to the Webroot threat report, about 97% of all malware variants are seen only one time. Yes, enterprise organizations are bolstering defenses with anti-malware gateways and next-generation endpoint security tools but they are also doubling down on threat intelligence. Coming out of Black Hat a few weeks ago, it’s pretty frightening what’s going on with cyber-threats.

Windows Trojan hacks into embedded devices to install Mirai

Network World

Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they're less vulnerable. Researchers from Russian antivirus vendor Doctor Web have recently come across a Windows Trojan program that was designed to gain access to embedded devices using brute-force methods and to install the Mirai malware on them.

Protecting Against the Increasing Malvertising Threat

CTOvision

Malvertising is increasingly being deployed by threat actors to spread malware, including ransomware and scams, and redirect users from legitimate websites to phishing and exploit kit–hosting sites. Crystal Lister.

New DMA Locker ransomware is ramping up for widespread attacks

Network World

The TeslaCrypt creators called it quits recently , but unfortunately for users, there's a new ransomware program that's ready to take its place. Researchers had no problem developing a file recovery tool for the first two versions. However, its authors have recently fixed all issues and malware researchers believe that with the newly released version 4, DMA Locker has reached maturity and might be the next thing to hit users in widespread attacks.

How to remove Google Security Warnings

TechnoBezz

If you are a web page owner, you may have a security warning next to your page in Google research results, and this can result in 95% fewer visitations, then in regular. You can also use programs like SpyHunter5 or Malwarebytes, that is usually recommended and highly rated.

Go read this profile on the man who ‘saved the internet’ from WannaCry

The Verge

Then, 11 minutes into the interview, his interrogators asked him about a program called Kronos. He was talented, and started studying and making malware almost out of boredom. Hutchins began to develop a reputation as a talented malware ghostwriter.

Russian cyberspies blamed for US election hacks are now targeting Macs

Network World

Security researchers have discovered a macOS malware program that's likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent. Democratic National Committee last year. The group, which is known in the security industry under different names, including Fancy Bear, Pawn Storm, and APT28, has been operating for almost a decade.

New macOS ransomware spotted in the wild

Network World

A new file-encrypting ransomware program for macOS is being distributed through bittorrent websites and users who fall victim to it won't be able to recover their files, even if they pay. Crypto ransomware programs for macOS are rare. The program was named OSX/Filecoder.E by the malware researchers from antivirus vendor ESET who found it.

Adobe 60

Security Without Borders: Free security help for dissidents

Network World

Security researcher Claudio Guarnieri has experience working with journalists and human rights organizations which have exercised freedom of speech, reported on some form of corruption and wound up becoming targets because of it; their computers may be compromised with spying malware such as those in the hands of the Hacking Team, FinFisher or NSA to name but a few. Their electronic communications may be intercepted, messaging programs may be blocked.

Leaping Ahead; A Federal Bridge to Transition Cyber-related Products at the Department of Homeland Security

CTOvision

An excellent example of how to fulfill that goal of successful public/private partnerships is demonstrated by the work of the Transition to Practice Program (TTP) at the Department of Homeland Security (DHS) Science & Technology (S & T) Directorate. The mandate of TTP is to move promising cybersecurity technologies developed under Department of Energy (DOE) National Labs and Federal Funded Research & Development Centers (FFRDC’s) into the private sector for further development.

Dyre banking Trojan successor rears its ugly head

Network World

Cybercriminals have unleashed a new banking Trojan program on the internet and it bears striking similarities to Dyre, a malware threat believed to have been dead for almost a year. After a closer analysis, researchers from Fidelis Cybersecurity believe that it is a rewrite of the Dyre Trojan that plagued online banking users for over a year until the gang behind it was dismantled by Russian authorities.

New Locky ransomware version can operate in offline mode

Network World

The creators of the widespread Locky ransomware have added a fallback mechanism in the latest version of their program for situations where the malware can't reach their command-and-control servers. Security researchers from antivirus vendor Avira have found a new Locky variant that starts encrypting files even when it cannot request a unique encryption key from the attacker's servers because the computer is offline or a firewall blocks the communication.