A new version of the Vawtrak banking Trojan includes some significant improvements, such as a domain generation algorithm (DGA) and additional protection for command and control communications.
read more
Cerber Ransomware-as-a-Service Generates $2.3 Million Annually: Report
Operators behind the Cerber ransomware are currently running 161 active campaigns, which generate an estimated $2.3 million in annual revenue, according to a new report from Check Point and IntSights.
read more
Windows UAC Bypassed Using Event Viewer
Researchers have found yet another method for bypassing the User Account Control (UAC) security feature in Windows by leveraging a legitimate tool.
read more
Firmware, Controllers, and BIOS: Subterranean Malware Blues
Early in the 20th century, the pioneers of psychology, Sigmund Freud and Pierre Janet introduced the revolutionary concept of an “unconscious” or “subconscious” mind. The idea was that we have a “mind-within-the-mind,” an underlying consciousness keeping track of all the things just under the surface of our consciousness that we didn’t have room for, or didn’t want to acknowledge, during our waking day.
read more
Linux Kernel Flaw Exposes Most Android Devices to Attacks
A recently disclosed Linux kernel vulnerability caused by a TCP feature affects nearly 80 percent of Android devices, according to mobile security firm Lookout.
read more
New Technique Detects Hardware Trojans
The University of California San Diego (UCSD) has developed a technique that it claims will be able to detect hardware trojans that might be introduced to a chip design during its progress along the manufacturing supply chain. The complexity of modern chips, some containing in excess of 1 billion transistors, combined with the globalization of the manufacturing process makes this a very real threat.
read more
Shark Ransomware Developers Demand 20% Cut
Shark, a newly observed type of ransomware, is available for free on underground forums, but its authors demand a 20% cut of the profits, security researchers say.
read more
UK Software Firm Sage Suffers Breach
UK business software firm Sage has issued a statement indicating that it has suffered an 'unauthorized access', potentially compromising the records of close to 300 customers.
read more
Flaw Allows Attackers to Modify Firmware on Rockwell PLCs
A vulnerability affecting programmable logic controllers from Rockwell Automation can be exploited by attackers to gain control of affected devices. While the security hole is not easy to address, the vendor has provided some mitigation advice.
read more
Facebook Awards $100,000 for Post-Quantum TLS Security Research
Facebook has announced the winner of its 2016 Internet Defense Prize. This year, the $100,000 reward went to a team of researchers whose work has focused on post-quantum security for TLS.
read more
