Hackers have again demonstrated that no matter how many security precautions someone takes, all a hacker needs to track their location and snoop on their phone calls and texts is their phone number.
The hack, first demonstrated by German security researcher Karsten Nohl in 2014 at a hacker convention in Hamburg, has been shown to still be active by Nohl over a year later for CBS’s 60 Minutes.
The hack uses the network interchange service called Signalling System No. 7 (SS7), also known as C7 in the UK or CCSS7 in the US, which acts as a broker between mobile phone networks. When calls or text messages are made across networks SS7 handles details such as number translation, SMS transfer, billing and other back-end duties that connect one network or caller to another.
The competition for the most secure instant messaging tool has been running for years. It re-surfaced this month when WhatsApp announced it has completed implementing end-to-end encryption. Curiously, in security research circles, this has resulted in endless debates between WhatsApp and Telegram. Very much like Emacs vs Vi, everybody has a (strong) opinion, but there is no general consensus.
Ransomware as we know it today has a sort of 'spray and pray' mentality; they hit as many individual targets as they can as quickly as possible. Typically, payloads are delivered via exploit kits or mass phishing campaigns. Recently a number of scattered ransomware campaigns deliberately targeting enterprise networks, have come to light. We believe that this is a harbinger of what's to come -- a portent for the future of ransomware.
Traditionally, malware was never terribly concerned with the destruction of data or denial of access to its contents; With few notable exceptions, data loss was mostly a side-effect of malware campaigns. Most actors were concerned with sustained access to data or the resources a system provided to meet their objectives. Ransomware is a change to this paradigm from subversion of systems to outright extortion; actors are now denying access to data, and demanding money to restore access to that data. This paper will discuss the latest ransomware trends as w
Recently a large scale ransomware campaign delivering Samsam changed the threat landscape for ransomware delivery. Targeting vulnerabilities in servers to spread ransomware is a new dimension to an already prolific threat. Due to information provided from our Cisco IR Services Team, stemming from a recent customer engagement, we began looking deeper into the JBoss vectors that were used as the initial point of compromise. Initially, we started scanning the internet for vulnerable machines. This led us to approximately 3.2 million at-risk machines.