dcsimg

A week in security (October 8 – 14)

Last week, we warned you away from some dubious Doctor Who streams, explained how Endpoint Detection and Response may not be enough, and explored what happens during a confusing supply chain story. We also showed you how to keep up with security, explained the risks of fake browser updates, and explored the unpleasant world of workplace violence. Other cybersecurity news: Google Plus suffers a … [Read more...]

Fortnite gamers targeted by data theft malware

The new season of the incredibly popular video game Fortnite is upon us, and so too are the scams. It’s no surprise that con artists would jump on this bandwagon, eager to peddle their fakeouts. Only this time, scammers had something a little more dangerous in mind than your typical low-level surveys and downloads that never actually materialize. Among all the gluttony of scams there hid a … [Read more...]

A week in security (September 17 – 23)

Last week, we took a look at a low level spam campaign on Twitter, explored the signs of falling victim to phishing, and examined a massive WordPress compromise. We also explained some SASL vulnerabilities and covered a breaking Emotet spam campaign. Other cybersecurity news: NewEgg attacked by MageCart (Source: Volexity) UKGOV tackled the talent gap (Source: The Register) Maximum fine touted for … [Read more...]

Emotet on the rise with heavy spam campaign

The threat landscape is changing once again, now that the ocean of cryptocurrency miners has shrunk to a small lake. Over the last couple months, we’ve seen cybercriminals lean back on tried and true methods of financial theft and extortion, with the rise of a familiar Banking Trojan: Emotet. However, over the last few days, we’ve noticed a large increase in malicious spam spreading … [Read more...]

30 network security Twitter feeds to follow

Twitter is where information is updated within seconds, especially in the information technology industry. Every day, tweets are sent out at up to 240 characters to share news and personal views as they happen. We have rounded up the top 30 sysadmin twitter accounts that you need to follow based on the number of followers […] … [Read more...]

When spyware goes mainstream

Stealware. Surveillanceware. Stalkerware. These are terms alternately used to effectively identify a file-based threat that has been around since 1996: spyware. More than two decades later, consumer or commercial spyware has gone mainstream, and the surprising number of software designed, openly marketed, and used for spying on people is proof of that. Forget the government, nation-states, private … [Read more...]

A week in security (August 27 – September 2)

Last week, we looked at dubious antics in mobile land, a peculiar case of spam on the official Cardi B website, and we deep dived into fileless malware. We also explored the inner workings of Hidden Bee, and gave an explainer of Regex. Other cybersecurity news: Huge data breach affects Chinese hotel chain (Source: Xinhuanet) Cryptojacking doesn’t bring in the big bucks [PDF] (Source: … [Read more...]

Reversing malware in a custom format: Hidden Bee elements

Malware can be made of many components. Often, we encounter macros and scripts that work as malicious downloaders. Some functionalities can also be achieved by position-independent code—so-called shellcode. But when it comes to more complex elements or core modules, we almost take it for granted that it will be a PE file that is a native Windows executable format. The reason for this is simple: It … [Read more...]

Fileless malware: getting the lowdown on this insidious threat

Traditionally, malware attacks as we have always known them are files written to disk in one form or another that require execution in order to carry out their malicious scope. Fileless malware, on the other hand, is intended to be memory resident only, ideally leaving no trace after its execution. The malicious payload exists dynamically and purely in RAM, which means nothing is ever written … [Read more...]

Kerio Connect serves up to the competition

Information travels at a mile a minute, or so they say. If your business is not using email, you might as well admit that you are working in the Stone Age and realize you are missing out on opportunities. News sources predict there will be 19 billion email users by 2019 worldwide. While your business […] … [Read more...]