Several months ago, security researchers at Edinburgh Napier University published a paper on a distributed denial of service (DDoS) reflection and amplification method leveraging the TFTP (Trivial File Transfer Protocol) protocol, and security researchers at Akamai now warn of real-life attacks leveraging this technique.
read more
Malware Uses Clever Technique to Hide DNS Changes
Several pieces of malware and adware have been observed using a clever technique to hide the changes they make to the DNS settings of infected devices, ESET reported on Thursday.
read more
Setting the Record Straight on Cyber Threat Intelligence
Threat intelligence has achieved buzzword status. The good news behind that is people are talking about it – it is a critical component of a cyber risk management program. The bad news is too many folks have distorted and confused the term, so much so that it’s meaning varies widely depending with whom you’re speaking.
read more
Thousands of UK Enterprise Logins Found on Dark Web
Fake domains that are only slightly different from the domain of a legitimate company are often leveraged in attacks, and researchers at Anomali recently discovered that cybercriminals abused this technique to target companies in the Financial Times Stock Exchange 100 (FTSE 100).
read more
When Ransomware Hits Healthcare: To Pay or Not to Pay?
A new report from theat intelligence firm Flashpoint highlights dark web discussion over targeting hospitals with ransomware – and demonstrates a surprising contrast in opinion. Not all criminals agree with the concept. The problem is it takes only one to disagree.
read more
Ransomware-as-a-Service Lets Anyone be a Cybercriminal
Flashpoint, a threat intelligence firm that studies the so called 'Deep and Dark Web', has spent five months studying an organized Russian ransomware campaign. It concludes that ransomware is joining other cyber criminal activities by becoming a service – in this case, 'ransomware-as-a-Service'. This particular campaign uses the proven business affiliate model.
read more
Financial Compliance: Problems are Changing, Solutions are Not
The sixth annual survey from Smarsh on financial services communications compliance issues shows that regulatory scrutiny and compliance difficulties are increasing while resources and solutions are not.
read more
Card Data, Keystrokes Quickly Exfiltrated by FastPOS Malware
Trend Micro researchers have come across a new point-of-sale (PoS) malware family that has been described as quick and efficient when it comes to exfiltrating harvested data.
read more
GE Patches Critical Flaw in Industrial Switches
General Electric has released firmware updates for several of its MultiLink series switches to address a critical vulnerability that hackers could exploit to gain administrative access to devices.
read more
Pakistan APT Group Targets Indian Government
An advanced persistent threat (APT) group believed to be based in Pakistan has been observed targeting government and military personnel in India using spear phishing emails and watering hole attacks.
read more
