Month: May 2018

Why the ransom demand on Canadian banks was a no-win scenario

Post author By Martijn
Post date May 31, 2018
No Comments on Why the ransom demand on Canadian banks was a no-win scenario

Two major Canadian banks, Bank of Montreal and Simplii Financial, have become victims of hacks that affected some 50,000 and 40,000 customers respectively. Neither bank decided to pay the ransom by the hackers’ May 28 deadline.
Read more on Payment Source. (Note: subscription wall.)

Tags bank of montreal, canada, hack, payment source, ransom, simplii financial

Security

Expired domain led to SpamCannibal's blacklist eating the whole world

Post author By Martijn
Post date May 31, 2018
No Comments on Expired domain led to SpamCannibal's blacklist eating the whole world

The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.
Read more on Virus Bulletin’s blog.

Tags blacklist, dns, dnsbl, spamcannibal, virus bulletin

Security

MnuBot banking trojan communicates via SQL server

Post author By Martijn
Post date May 30, 2018
No Comments on MnuBot banking trojan communicates via SQL server

Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.
Read more on Virus Bulletin’s blog.

Tags banking, brazil, ibm, malware, mnubot, sql server, trojan, virus bulletin, x-force

Security

XMRig used in new macOS cryptominer

Post author By Martijn
Post date May 23, 2018
No Comments on XMRig used in new macOS cryptominer

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.
Read more on Virus Bulletin’s blog.

Tags cryptocurrency, macos, malware, monero, virus bulletin

Security

Tendency for DDoS attacks to become less volumetric fits in a wider trend

Post author By Martijn
Post date May 22, 2018
No Comments on Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.
Read more on Virus Bulletin’s blog.

Tags cloudflare, ddos, http, layer 7, virus bulletin

Security

We are more ready for IPv6 email than we may think

Post author By Martijn
Post date May 21, 2018
No Comments on We are more ready for IPv6 email than we may think

Though IPv6 is gradually replacing IPv4 on the Internet’s network layer, email is lagging behind, the difficulty in blocking spam sent over IPv6 cited as a reason not to move. But would we really have such a hard time blocking spam sent over IPv6?
Read more on Virus Bulletin’s blog.

Tags dnsbl, email, ipv6, spam, virus bulletin

Security

Turkish Twitter users targeted with mobile FinFisher spyware

Post author By Martijn
Post date May 15, 2018
No Comments on Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.
Read more on Virus Bulletin’s blog.

Tags finfisher, finspy, spyware, turkey, twitter

Security

How TSB's simple tech issue became a big phishing problem

Post author By Martijn
Post date May 10, 2018
No Comments on How TSB's simple tech issue became a big phishing problem

Security is a top priority for financial institutions around the world. In the past few weeks, the U.K.’s TSB Bank has learned the hard way that availability is even more important. And when availability is an issue, security can’t be ignored.
Read more on Payment Source. (Note: subscription wall.)

Tags bank, payment source, phishing, tsb, uk

Security

Hide'n'Seek IoT botnet adds persistence

Post author By Martijn
Post date May 9, 2018
No Comments on Hide'n'Seek IoT botnet adds persistence

The Hide’n’Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.
Read more on Virus Bulletin’s blog.

Tags bitdefender, botnet, hide'n'seek, internet of things, iot, virus bulletin

Security

How cryptocurrency is killing the 'money mule'

Post author By Martijn
Post date May 4, 2018
No Comments on How cryptocurrency is killing the 'money mule'

A new strain of malware that targets cryptocurrency users — but not users of mainstream payment options like bank accounts — highlights how much the cybercrime game is changing behind the scenes.
Read more on Payment Source. (Note: subscription wall.)

Tags cryptocurrency, cybercrime, money mule, payment source