Ransomware starter kits? | This week in cybersecurity
Researchers have discovered a new highly customized piece of ransomware dubbed Karmen that allows them to distribute it as a service to non-technical cyber criminals. With this new ransomware-as-a-service (RaaS), attackers can remotely control the ransomware from their web browser allowing them to see at a glance a centralized web dashboard of their entire campaign reports ZDNet. Read more.
Security researchers have identified a new IoT malware named Hajime that is spreading rapidly and creating a botnet. Hajime was first discovered in October 2016 when researchers at Rapidity Networks were on the lookout for Mirai activity. Hajime scans the internet for poorly secured IoT devices and compromises them by trying different username and password combinations and then transferring a malicious program reports PCWorld. Read more.
InterContinental hotel breach much worse than thought
InterContinental Hotels Group (IHG) has released new information on the February data breach, which shows the consequences are far worse than originally believed. In February, IGH disclosed that 12 managed properties were affected by a data breach by a form of malware designed to access payment card data from cards used at front desks at properties between Sept. 29, 2016 and Dec. 29, 2016. Read more.
Nearly Undetectable Phishing Scheme on Chrome and Firefox
Security experts are warning about a variety of phishing that uses domain names, also known as web addresses, that look nearly identical to legitimate ones of well-known brands. But it goes beyond the typical duping via URLs the closely resemble the real ones. Read more.
Windows bug used to spread Stuxnet remains world’s most exploited
One of the Microsoft Windows vulnerabilities that was used to spread the Stuxnet worm targeting Iran’s nuclear facility software remained the most widely exploited software bug in 2015 and 2016, according to a report from Kaspersky Lab. The popularity is unusual because Microsoft patched the bug in 2010, according to Ars Technica. Read more.
Last Friday, the hacking group Shadow Brokers dumped a massive cache of files claiming to be stolen from the NSA. Among the data were exploits for Windows and alleged documents that showed the NSA had hacked into the networks of a large Dubai-based banking system called EastNets reports Motherboard. Researchers have found a hint in the leaked code that shows how the NSA broke into the EastNets network. Read more.
Hajime botnet work of vigilante gray hat
New IoT malware Hajime has been confirmed as the work of a vigilante gray hat hacker to infect IoT devices before they can be hijacked and used in DDoS attacks according to Ars Technica. Ars reports that Hajime produces a cryptographically signed message every 10 minutes on terminals reading, ”Just a white hat, securing some systems. Important messages will be signed like this! Hajime Author. Contact CLOSED. Stay sharp!” Read more.