БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 107

Oct 2, 2021

Hackers bypass Coinbase 2FA to steal customer funds

Posted by in category: cybercrime/malcode

More than 6,000 Coinbase users had funds stolen from their accounts after hackers used a vulnerability in Coinbase’s SMS-based two-factor authentication system to breach accounts.

The intrusions took place earlier this year, between March and May, the exchange said in a data breach notification letter it has filed with US state attorney general offices.

“The third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account,” Coinbase said.

Sep 30, 2021

Ransomware gangs are complaining that other crooks are stealing their ransoms

Posted by in category: cybercrime/malcode

But even if victims pay the ransom – which isn’t recommended because it encourages more ransomware attacks – restoring the network can still be a slow process and it can be weeks or months before services are fully restored.

SEE: A cloud company asked security researchers to look over its systems. Here’s what they found.

Be it REvil or any other ransomware gang, the best way to avoid the disruption of a ransomware attack is to prevent attacks in the first place.

Sep 29, 2021

Conti Ransomware Expands Ability to Blow Up Backups

Posted by in category: cybercrime/malcode

The Conti ransomware gang has developed novel tactics to demolish backups, especially the Veeam recovery software.

Good at identifying and obliterating backups? Speak Russian? The notorious Conti ransomware group may find you a fine hiring prospect.

That’s according to a report published on Wednesday by cyber-risk prevention firm Advanced Intelligence, which details how Conti has honed its backup destruction to a fine art – all the better to find, crush and kill backed-up data. After all, backups are a major obstacle to encouraging ransomware payment.

Sep 27, 2021

Cloudflare Is Taking a Shot at Email Security

Posted by in categories: business, cybercrime/malcode, internet

Cloudflare, The internet infrastructure company, already has its fingers in a lot of customer security pots, from DDoS protection to browser isolation to a mobile VPN. Now the company is taking on a classic web foe: email.

On Monday, Cloudflare is announcing a pair of email safety and security offerings that it views as a first step toward catching more targeted phishing attacks, reducing the effectiveness of address spoofing, and mitigating the fallout if a user does click a malicious link. The features, which the company will offer for free, are mainly geared toward small business and corporate customers. And they’re made for use on top of any email hosting a customer already has, whether it’s provided by Google’s Gmail, Microsoft 365 Yahoo, or even relics like AOL.

Cloudflare CEO Matthew Prince says that from its founding in 2,009 the company very intentionally avoided going anywhere near the thorny problem of email. But he adds that email security issues are unrelenting, so it has become necessary. “I think what I had assumed is that hosting providers like Google and Microsoft and Yahoo were going to solve this issue, so we weren’t sure there was anything for us to do in the space,” Prince says. “But what’s become clear over the course of the last two years is that email security is still not a solved issue.”

Sep 25, 2021

Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows

Posted by in category: cybercrime/malcode

Google’s cybersecurity researchers have discovered a new technique that hackers use to trick Windows systems into bypassing malware payload detection.

Sep 24, 2021

CISA releases advisory on Conti ransomware, notes increase in attacks after more than 400 incidents

Posted by in category: cybercrime/malcode

CISA did a deep dive on the Conti ransomware, providing information for those protecting organizations.

Sep 21, 2021

Treasury unleashes cryptocurrency sanctions to fight ransomware

Posted by in categories: cryptocurrencies, cybercrime/malcode

Cybersecurity

The new sanctions will block all trades involving Suex and U.S. entities.

Sep 21, 2021

A New Wave of Malware Attack Targeting Organizations in South America

Posted by in category: cybercrime/malcode

Several RAT malware are being used to target South American organizations.

Sep 21, 2021

New Malware Targets Windows Subsystem for Linux to Evade Detection

Posted by in category: cybercrime/malcode

A new malware strain uses the Windows Subsystem for Linux to launch stealthy attacks.

Sep 21, 2021

Cybercriminals recreate Cobalt Strike in Linux

Posted by in category: cybercrime/malcode

The new malware strain has gone unnoticed by detection tools.