malware   13285

« earlier    

Why some computer viruses refuse to die - BBC News
There are zombie computer viruses that are still roaming the internet, over 10 years after first being detected.
malware  security  virus  #tw 
yesterday by nrturner
Researchers Developed Artificial Intelligence-Powered Stealthy Malware
Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization.
However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only when the target's face is detected by the camera.
To demonstrate this scenario, security researchers at IBM Research came up with DeepLocker—a new breed of "highly targeted and evasive" attack tool powered by AI," which conceals its malicious intent until it reached a specific victim.
According to the IBM researcher, DeepLocker flies under the radar without being detected and "unleashes its malicious action as soon as the AI model identifies the target through indicators like facial recognition, geolocation and voice recognition."
security  privacy  malware  AI/ML  facial_recognition  IBM  research 
2 days ago by rgl7194
Who Is Marcus Hutchins? — Krebs on Security
However, multiple threads on Hackforums state that Hutchins around 2011-2012 switched to two new nicknames that corresponded to users who were far more heavily involved in coding and selling complex malicious software: “Element Products,” and later, “Gone With The Wind.”
crime  security  malware 
3 days ago by craniac
.@certfalab research analyzes PushIran.DL malware, a "botnet of fraudulent advertising in Iran" affecting million of Android devices
A new report by CERTFA (Computer Emergency Response Team in Farsi) analyzes PushIran.DL, a malware group that "has in effect created a major advertising botnet that can be distributed and used in various ways to exploit users" in Iran. These criminal activities "are costing Iranian smartphone users billions of Iranian Rials (millions of US dollars) each year," the group says, noting that the PushIran.DL malware is "largely" detectable via well-known commercial anti-virus software platforms. CERTFA estimates that "more than 10 million" Iran-based Android devices are infected and notes that while the malware has been utilized to serve up ads to users, there exists the potential for more malicious uses in the future.   

CERTFA describes the malware family as "a family of fake and destructive Android apps which are distributed across Iran’s mobile network — whether through Telegram Messenger or other Android malware — by playing different tricks, including distributing downloaders and adult apps, and by sending text messages and deceptive notification ads in other mobile apps...No accurate data about the full extent of infection of mobile devices by PushIran.DL is available, but we believe that more than 10 million Android devices in Iran have been infected...The developers of these malwares have used this data for advertisement but in the near future, it is very possible that they will use it for more destructive purposes, such as the implementation of phishing attacks, the release of ransomware and as cryptocurrency extractors."

- In other buggy news, NYU researchers suggest that if you want to hide the real bugs, try adding a whole bunch of fake bugs (Motherboard). Galaxy brain!
otf  iran  malware  security  research  mena  android  certfa 
4 days ago by dmcdev
Everybody and their mother is blocking ads, so why aren’t you? - Malwarebytes Labs | Malwarebytes Labs
This post may ruffle a few feathers. But we’re not here to offer advice to publishers on how to best generate revenue for their brand. Rather, we’re here to offer the best advice on how to maintain a safe and secure environment.
If you’re not blocking advertisements on your PC and mobile device, you should be! And if you know someone who isn’t blocking ads, then forward this post to them. Because in this two-part series, we’re going to dispel some of the myths surrounding ad blocking, and we’ll cover the reasons you should be blocking ads on your network and devices.
Part 2 of this series concludes by discussing common tools and configurations to show you How to block ads like a pro.
You’ve heard the talk and seen the messages in online banners. You’re aware of the disputes and the provocation from publishers and advertisers that ad blocking is a morally unconscionable act whose users deserve outright banishment from the web. Maybe you’ve been swayed by the pleas from website owners and have empathy towards the fragile budgetary constraints of your favorite sites. Or maybe you don’t understand the risks associated with online tracking and advertising and think that if you don’t click ads you’ll be fine.
security  privacy  adblock  malware  tracking 
6 days ago by rgl7194
Familiar Feeling: A Malware Campaign Targeting the Tibetan Diaspora Resurfaces - @CitizenLab
A new Citizen Lab report analyzes the “Resurfaced Campaign,” a sophisticated malware campaign that operated between January and March 2018 and which was aimed at Tibetan activists, journalists, members of the Tibetan Parliament in exile, and the Central Tibetan Administration (Tibet's India-based exile government). The report includes an investigation of a compromised Tibet-focused NGO targeted by the malware, a look at the challenges involved with investigating "closed espionage ecosystems," and connects the dots between this campaign and previous, similar ones also targeting Tibetan groups.

From the report: "In January 2018, a Tibetan activist received a mundane-looking email purporting to be program updates from a human rights NGO. Attached to the message were a PowerPoint presentation and a document. The activist, like many in the Tibetan diaspora, had grown wary of unsolicited emails with attachments, and instead of opening the documents, shared the files with Citizen Lab researchers. The suspicion was warranted: the attachments were malicious. If clicked, the files would run recent exploits to infect Windows computers with custom malware. This email was the start of a malware campaign active between January to March 2018 that targeted Tibetan activists, journalists, members of the Tibetan Parliament in exile, and the Central Tibetan Administration. We worked closely with the targeted groups to collect the malicious messages, and also engaged in incident response with a compromised organization. This collaboration enabled us to gain further insights into the tactics, techniques, and procedures used by the operators."

- In a Council on Foreign Relations Net Politics blog post, Citizen Lab fellow Lennart Maschmeyer discusses the report within the broader context of how civil society organizations are particularly susceptible to nation-state level threats, as they "lack resources to build up resilience and enlist outside help, rendering them highly vulnerable."
otf  tibet  china  asia  citizenlab  research  malware  cso  CivilSociety  awareness  security 
6 days ago by dmcdev
CCleaner Adds Data Collection Feature With No Way to Opt-Out
Last year, CCleaner made headlines when it suffered a massive supply-chain malware attack of all times, wherein hackers compromised its servers for over a month and replaced the original version of the software with the malicious one, infecting over 2.3 million users worldwide.
supplychain  scrm  software  cybersecurity  ccleaner  malware 
6 days ago by bwiese
How to create a network wildcard VM using CERT Tapioca for exploit testing - Tools - VulWiki
Let's say you have an exploit, and you're not sure what it does.  Many exploits do something on the network.  It would be nice to be able to observe these network operations, without actually being connected to the internet. Running an unknown exploit on an internet-connected machine is a bad idea. As it turns out, we can simulate an internet-connected machine by turning our CERT Tapioca VM into something that responds to everything (both DNS-addressed, and IP-addressed).
exploit  malware  analysis  vm 
10 days ago by whip_lash

« earlier    

related tags

#tw  &  "death"  2018  5g  9/11  a  adblock  ads  advertising  affect  ai/ml  ai  allege  analysis  android  antivirus  application  apps  artificial  asia  asymmetrical  at  attack  attacks  author  avtech  awareness  aws  aws_security  backdoor  backup  badtech  begun  bitcoin  blocks  blog  blowback  books  botnet  browser  bucket  bug  building  burp  business  cable  cables  can  casestudy  ccleaner  certfa  certutil  charger  china  chrome  cia  citizenlab  civilsociety  clamav  collector  comp3911  computer  cordcutting  country  crime  criptovalute  crtc  crypto  cso  ctf  cyber_warfare  cyberattacks  cybersec  cybersecurity  david_sanger  detection  development  docker  e12  e13  e2018  eaugust  encryption  engineering  excel  exif  exploit  extension  extensions  facial_recognition  family  firefox  first  flaw  fordjbatman  forensics  gadgets  games  garena  github  global  hackers  hacking  has  howto  ibm  incident  information  infosec  intelligence  interconnections  internet  iot  iran  keychain  kodi  korean  latest  leagueoflegends  learning  lgv20  linux  lmd  lol  look  maas  mac  macos  malwarebytes  memory  mena  microsoft  miner  miscalculations  more  must-have  mysterybot  nederland  network  news  north  north_korea  northkorea  northkorean  office  old  online  opensource  oracle  oscp  osx  otf  passwords  pentesting  persistence  pestudio  phishing  phone  piratage  plugins  policy  politics  privacy  programming  proxy  re  reports  repository  research  response  reverse-engineering  reverse  reverseengineering  review  riotgames  rootkits  router  routers  russia  rust  s3  safety  sample  scams  scan  scanner  scrm  security  security_&_intelligence  si  site  small  smartphones  software  source  sourcecode  spam  spunti  stats  status  steam  submarine  supplychain  sysadmin  tech  technology  terrorism  testing  that  the  tibet  to  tool  tools  trackers  tracking  traffic  travel  tree  trolling  troubleshoot  troubleshooting  tutorials  type:challenge  type:collection  typeframe  ukraine  urlquery  using  utilities  vectors  version  via-diigo  via-ifttt  via-pocket  viren  virus  vm  vpnfilter  vulnerabilities  web  webapps  webserver  website_management  wi-fi  wordpres  wordpress  wwi 

Copy this bookmark: