The incident response team at BAE Systems is warning of a strain of the virulent Qbot malware that has hit thousands of public sector computers around the world.
The malware – also known as the Qakbot botnet – first appeared in 2009 and was uploading 2GB of stolen confidential information to its FTP servers each week by April 2010 from private and public sector computers, including 1,100 on the NHS network in the UK.
Old nemeses die hard, especially when you’re banking malware named ZeuS. According to Denmark-based Heimdal Security, the potent 9-year-old malware ZeuS has morphed into the up-and-coming Atmos malware – now targeting banks in France. Researchers are warning that the criminals behind Atmos have been putting the finishing touches on this latest malware threat – perfecting how, where and what it will target. For now, Heimdal Security said, it’s focused on banks, but tomorrow the sky is the limit.
Last week, Adobe released an emergency patch to address a critical zero-day vulnerability (CVE-2016-1019) in Flash Player. The type confusion vulnerability is currently being actively exploited in the wild. Symantec has observed that exploit kits (EKs), including but not limited to Magnitude and Nuclear, have already started exploiting the vulnerability.
On Feb. 11, 2016, researcher Zach Straley posted a Youtube video exposing his startling and bizarrely simple discovery: Manually setting the date of your iPhone or iPad all the back to January. 1, 1970 will permanently brick the device (don’t try this at home, or against frenemies!). Not long after Straley’s video began pulling in millions of views, security researchers Patrick Kelley and Matt Harrigan wondered: Could they automate the exploitation of this oddly severe and destructive date bug? The researchers discovered that indeed they could, armed with only $120 of electronics (not counting the cost of the bricked iDevices), a basic understanding of networking, and a familiarity with the way Apple devices connect to wireless networks.
Last year, after reporting on the hacks of Sony Pictures, JPMorgan Chase, Ashley Madison, and other major companies, REAL FUTURE's Kevin Roose got curious about what it felt like to be on the victim’s side of a giant data breach.
Ransomware is evolving and soon will share the same deadly efficiencies as notorious worms of the past, such as Conficker and SQL Slammer. In fact, according to security researchers at Cisco Talos, today’s newest ransomware, SamSam, is a harbinger of a new wave of more malicious, tenacious and costly ransomware to come. “Ransomware authors are always looking for bigger payouts and to further their reach,” said Joe Marshall, security research manager with Cisco Talos. “We believe ransomware authors are going to look to past successful campaigns when they look to cast a wider net in the future.”
The Windows Blue Screen of Death isn't known for being particularly descriptive, but Microsoft may be looking to change that in a future version of Windows 10.
A Reddit user posted a picture last week that shows a new version of the dreaded blue screen, one with a QR code and a link where users can get more information about the error that caused their computer to crash.
Attacks against home routers have been going around for years—from malware that rigs routers to DNS rebinding attacks and backdoors, among others. Just last year one of our researchers reported a Domain Name System (DNS) changer malware that redirected users to malicious pages when they visited specific websites. This enabled cyber crooks to get hold of the victims’ online credentials, such as passwords and PINs.