NIST developed this interagency report as a reference guideline about cybersecurity for small businesses. This document is intended to present the fundamentals of a small business information security program in non-technical language.
Researchers have discovered an attack that uses Facebook Messenger to spread Locky, a family of malware that has quickly become a favorite among criminals.
The Ransomware is delivered via a downloader, which is able to bypass whitelisting on Facebook by pretending to be an image file.
The attack was discovered on Sunday by malware researcher Bart Blaze, and confirmed later in the day by Peter Kruse, another researcher that specializes in internet-based crime and malware.
GET YOUR DAILY SECURITY NEWS: Sign up for CSO's security newsletters
The attack leverages a downloader called Nemucod, which is delivered via Facebook Messenger as a .svg file.
In fact, the letter ‘G’ is a Latin Letter Small Capital, Unicode 0262. Compared side by side with a real capital G, they would look like ‘ɢ G’ — see the difference? Notice how the ‘G’ in the image is the same size as the lowercase letter ‘o’? It’s not the G you thought it was.
Eight years ago, on November 21st, 2008, Conficker reared its ugly head. And since then, the “worm that roared” – as ESET’s distinguished researcher Aryeh Goretsky puts it – has remained stubbornly active.
Targeting Microsoft Windows, it has compromised home, business and government computers across 190 countries, leading experts to call it the most notorious and widespread worm since the emergence of Welchia some five years earlier.
Conficker, as we’ll go onto explore, spawned numerous versions, each promising different attack methods (from injecting malicious code to phishing emails and copying itself to the ADMIN part of a Windows machine). Ultimately though, the worm leveraged – and indeed, continues to leverage – an old, unpatched vulnerability to crack passwords and hijack Windows computers into a botnet. These botnets would then be used to distribute spam or install scareware (again, as they are today).