malware – Page 11 – SSL and internet security news

Router Vulnerability and the VPNFilter Botnet

June 11, 2018 infossl

botnets, essays, fbi, internet, malware, nationalsecuritypolicy, networksecurity, russia, Security technology

On May 25, the FBI asked us all to reboot our routers. The story behind this request is one of sophisticated malware and unsophisticated home-network security, and it’s a harbinger of the sorts of pervasive threats from nation-states, criminals and hackers that we should expect in coming years. VPNFilter is a sophisticated piece … Read More “Router Vulnerability and the VPNFilter Botnet” »

Adding Backdoors at the Chip Level

March 26, 2018 infossl

academicpapers, backdoors, computersecurity, hardware, malware, Security technology

Interesting research into undetectably adding backdoors into computer chips during manufacture: “Stealthy dopant-level hardware Trojans: extended version,” also available here: Abstract: In recent years, hardware Trojans have drawn the attention of governments and industry as well as the scientific community. One of the main concerns is that integrated circuits, e.g., for military or critical-infrastructure applications, … Read More “Adding Backdoors at the Chip Level” »

Malware from Space

March 2, 2018 infossl

academicpapers, malware, Security technology

Since you don’t have enough to worry about, here’s a paper postulating that space aliens could send us malware capable of destroying humanity. Abstract: A complex message from space may require the use of computers to display, analyze and understand. Such a message cannot be decontaminated with certainty, and technical risks remain which can pose … Read More “Malware from Space” »

New Spectre/Meltdown Variants

February 21, 2018 infossl

academicpapers, hardware, malware, Security technology

Researchers have discovered new variants of Spectre and Meltdown. The software mitigations for Spectre and Meltdown seem to block these variants, although the eventual CPU fixes will have to be expanded to account for these new attacks. Powered by WPeMatico

Water Utility Infected by Cryptocurrency Mining Software

February 8, 2018 infossl

cryptocurrency, hacking, malware, scada, Security technology, utilities

A water utility in Europe has been infected by cryptocurrency mining software. This is a relatively new attack: hackers compromise computers and force them to mine cryptocurrency for them. This is the first time I’ve seen it infect SCADA systems, though. It seems that this mining software is benign, and doesn’t affect the performance of … Read More “Water Utility Infected by Cryptocurrency Mining Software” »

Signed Malware

February 2, 2018 infossl

academicpapers, antivirus, certificates, forgery, malware, Security technology, signatures, stuxnet

Stuxnet famously used legitimate digital certificates to sign its malware. A research paper from last year found that the practice is much more common than previously thought. Now, researchers have presented proof that digitally signed malware is much more common than previously believed. What’s more, it predated Stuxnet, with the first known instance occurring in … Read More “Signed Malware” »

Jackpotting Attacks Against US ATMs

February 1, 2018 infossl

atms, malware, physicalsecurity, Security technology, tamperdetection, theft

Brian Krebs is reporting sophisticated jackpotting attacks against US ATMs. The attacker gains physical access to the ATM, plants malware using specialized electronics, and then later returns and forces the machine to dispense all the cash it has inside. The Secret Service alert explains that the attackers typically use an endoscope — a slender, flexible … Read More “Jackpotting Attacks Against US ATMs” »

New Malware Hijacks Cryptocurrency Mining

January 23, 2018 infossl

botnets, cryptocurrency, hacking, malware, scams, Security technology

This is a clever attack. After gaining control of the coin-mining software, the malware replaces the wallet address the computer owner uses to collect newly minted currency with an address controlled by the attacker. From then on, the attacker receives all coins generated, and owners are none the wiser unless they take time to manually … Read More “New Malware Hijacks Cryptocurrency Mining” »

Skygofree: New Government Malware for Android

January 22, 2018 infossl

android, implants, italy, kaspersky, malware, Security technology, spyware

Kaspersky Labs is reporting on a new piece of sophisticated malware: We observed many web landing pages that mimic the sites of mobile operators and which are used to spread the Android implants. These domains have been registered by the attackers since 2015. According to our telemetry, that was the year the distribution campaign was … Read More “Skygofree: New Government Malware for Android” »

Dark Caracal: Global Espionage Malware from Lebanon

January 22, 2018 infossl

espionage, lebanon, malware, Security technology

The EFF and Lookout are reporting on a new piece of spyware operating out of Lebanon. It primarily targets mobile devices compromised by fake secure messaging clients like Signal and WhatsApp. From the Lookout announcement: Dark Caracal has operated a series of multi-platform campaigns starting from at least January 2012, according to our research. The … Read More “Dark Caracal: Global Espionage Malware from Lebanon” »