Home » Malware

Global Hack Attack Only Makes $16k, It Makes You WannaCry!

Yesterday’s global WannaCry Ransomware attack made it’s authors a grand total of $16800, a total of 46 victims paying up the required $300 for unencrypting their data. Transactions can be monitored via the Bitcoin accounts that hackers wanted payments sent to. There were three bitcoin accounts associated with the hack: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94 https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn The attack was... 
 

Why Anti-Virus is so Useless

Times are a changing. Once a upon a time your security was all about a decent Firewall and some Anti-Virus and you were good to go. Yeah, not so much any more. Signature based Anti-Virus, as a tool to protect you from infection, is pretty much useless in this day and age. Why, because hackers and the techniques they use to infect you have evolved. Back in the day if you spotted a new bit Malware you could create a signature, essentially a SHA1, that would allow you to detect the Malware and allow you to block the infection. The challenge now-a-days... 
 

The Best Anti-Virus to Protect You When Online!

I use to work for an Anti-Virus company, I still work for a large american security vendor, so I know the troubles you can get in to when online. The bad guys want to get a Trojan or Malware on to your PC, so they can steal your bank details, steal your PayPal details or use your machine to commit fraud around the globe. There is some good news and bad news, the good news is there are a couple of things you can do to protect yourself, as described below, the bad news is they are pretty determined. The current going rate for you PayPal details on... 
 

The Truth About Mobile Malware!

A Toxic Hell Stew of Vulnerabilities The above quote was made by Tim Cook at last years Apple developers conference in regards to the Android operating system. He went on to say that 99% of all Mobile Malware was produced for, and operated on Android. Having come from a threat research background I can tell you he is not to far wrong. But…. There are lies, damn lies and then, there are statistics. If you just limit your view to a portion of the statistics you could easily conclude the Android is indeed “a toxic hell stew of vulnerabilities”,... 
 

Owned! Your Computers Belong to Us.

Legbacore Presenation The boys Xeno Kovah and Corey Kallenberg, regulars at the major security conferences, gave a presentation at the CanSecWest security conference in Vancouver this past week, on how to hack BIOSes. Xeno and Corey, previously of MITRE (you know the non-profit organization that manages Federally Funded Research and Development Centers (FFRDCs) supporting the DOD, the FAA, the IRS, the DHS, and NIST) fame, have gone out on their own at LegbaCore. Their first major bit of research is a working proof of concept of owning BIOS Chips... 
 

Next Gen SOC to Protect Our Boys in the Field

Dr Kevin Jones & Ben Parish It has been announced today that Airbus Group Innovations has been awarded a major contract by the Defence Science and Technology Laboratory (DSTL), as part of their Cyber Situational Awareness research project. The project goal is to develop and mature a Virtual Cyber Centre of Operations (VCCO), that will allow military decision makers to call on experts anywhere around the world to help deal with cyber situations. The research will assist in the development and design of a next generation Security Operations... 
 

Stuxnet – Cyber War

One of the first Cyber Weapons that has been talked about from any nation was Stuxnet. The Israelis and Americans came out of the closet to admit that they had an active cyber offensive program and that “Yes” they had created Stuxnet to put the Iranian nuclear program behind schedule. What I find interesting about this admission, is not that they admit to having an active cyber offensive program, I expected that, but to admit that you created a cyber weapon, that used several zero day critical vulnerabilities that could be used against... 
 

Are You a Target for an APT (Advanced Persistent Threat)

In a previous article I explained what an APT looked like. Most organisations I talk to believe they are not likely to be a target of an APT, the logic being that they have nothing of interest that a foreign government would need. It is true certain organisations are more likely to be targeted by a foreign government, other government organisations for example, organisations that make up part of the critical national infrastructure, that would include most banks, oil and energy companies, broadcasters or power generating organisations, however... 
 

Advanced Persistent Threats (APT)

One of the big themes of InfoSec 2013 was APT’s. A number of talks specifically targeted (excuse the pun) this topic. The perception is that APT’s are state sponsored attacks, this perception is driven by the cost and resources required to implement this type of attack. The reality is however that if you have digital assets that are worth going after, you are at risk of this type of attacks. For those not in the specific anti-malware/anti-virus industry the definition of an Advanced Persistent Threat is not entirely clear. From... 
 

Flame On!

An ill wind is blowing. It use to be that we needed to be afraid of the script kiddies trying to penetrate our networks, then we needed to worry about the organised hackers, teaching each other their latest exploits, such as Cult of the Dead Cow, Anonymous or Lulz, but now we have sailed in to dangerous waters. Over the last few months we are seeing a lot more state sponsored activity. First it was Stuxnet, then Duqu and now the latest FLAME! Kaspersky Lab has discovered a new Worm/Trojan that they have code named Flame, and named within their... 
 
© 2006-2017 Security Magazine.