The popular PC cleanup tool, CCleaner has been hijacked by hackers in the latest widespread malware attack. The hack, identified by security researchers at Cisco Talos, found that anyone who downloaded or updated the CCleaner app between mid-August to mid-September also potentially downloaded malware without realising.
Last week marked the 50th anniversary of the ATM, a device that changed the face of personal monetary transactions forever. According to the ATM Industry Association (ATMIA) there are now close to three million of them worldwide, with over 70,000 in the UK alone where it all began. On 27th June 1967, the world's first "hole in the wall" was revealed at Barclays Bank in Enfield, London. Celebrations aside, I’d like to look at exactly what’s going on under the hood from a software perspective. Is securing them through industry best practice is realistic and practical?
It’s been a busy week in the security world. On Friday 12th May 2017 the world was hit by one of the biggest ransomware out breaks in recent times. It reached 74 countries and more than 45,000 systems. By Monday, this was more like 150 countries and 200,000 systems, according to Europol. When a kill-switch was found to disable the virus, it was a matter of hours until new variants were infecting systems at a rate of 3,600 per hour.
A widespread scam affecting Google Docs began to land in users’ inboxes on Wednesday in what has been described as a sophisticated phishing campaign.
The Dridex banking Trojan, once one of the most active and prolific malware strains, went quiet back in the summer of 2016. The large-scale spam operations distributing it dried up and the few samples that still appeared showed no significant changes.
In recent days, Saudi Arabia has warned organizations in the kingdom to be on the alert for the Shamoon computer virus, a variant of which gained notoriety after being linked to attacks against Saudi Aramco in 2012 and reportedly damaged over 30,000 systems.
In the tech world recently there have been discussions regarding a new type of ransomware, which has been dubbed “PowerWare”. It has been named this way due to the fact that instead of using an exploit to download malicious software to run on the users’ machines and encrypt their files, exploits are instead used to invoke PowerShell to do the damage.
Last week marked an exciting new first – ransomware on a Mac disclosed by Palo Alto who had seen it with a client. What’s simultaneously encouraging and disappointing is that it could have been prevented without detection using highly recommended best practices – application whitelisting.
Hospitals are used to dealing with viruses, from the common cold to a variety of tropical diseases there are procedures in place to diagnose, isolate and treat patients. What is more challenging to them is dealing with digital infections, which can wreak havoc and cause the digital realm to endanger people’s lives.
Since the popular Angler Exploit Kit started delivering Poweliks file less malware in late 2014 malware authors have been turning to this technique to bypass detection and infect systems.