ITsecurity
twitter facebook rss

ITsecurity Daily News: 08/26/2014

Posted by Kevin on August 26, 2014

The ITsecurity daily security briefing: Tuesday, August 26, 2014. If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com. News Papers/Reports WebThings Events M&A Alerts News NSA has its own ‘google’ to allow other agencies to search […]

ITsecurity Daily News: 08/19/2014

Posted by Kevin on August 19, 2014

The ITsecurity daily security briefing: Tuesday, August 19, 2014. If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com. News Papers/Reports WebThings Events M&A Alerts News Government Control Over Internet Governance A new proposal that ICANN would […]

TOR: blocking C&C servers and cybercriminals

Posted by Kevin on July 27, 2014

TOR is increasingly being used by cybercriminals. Its ability to anonymize people and places makes it an attractive place to hide nefarious activity — and things like malware C&C servers. Just last week Kaspersky Lab warned that it had traced a new and sophisticated ransomware trojan (dubbed Onion for obvious reasons) to a lair in […]

Trustwave guarantees zero malware in new MSS service

Posted by Kevin on July 15, 2014

And that includes zero zero-day malware. So Trustwave is guaranteeing what many security experts believe is impossible – to completely prevent any malware infection. Strictly speaking, this is not a ‘guarantee’. In law, a guarantee is a pledge to be responsible for debts incurred through contractual failure. Trustwave is not offering to be responsible for […]

Trend Micro says Ibario is behind Sefnit

Posted by Kevin on July 12, 2014

You may recall that last year TOR suffered a sudden spike in users. First thoughts were that it might be some sort of out-of-control FBI action against the anonymity service. It wasn’t; it was the effect of a botnet: MEVADE/SEFNIT. MEVADE/SEFNIT is delivered via an adware mechanism and engages in click fraud and bitcoin mining. […]

Microsoft condemns the innocent to catch the guilty

Posted by Kevin on July 11, 2014

With great power comes great responsibility. Last week Microsoft exercised the former without practicing the latter: it demonized an innocent company and millions of innocent users to catch two criminals. The ends were good; but the means were not justified. Back in June it obtained an ex parte court ruling that allowed it to take […]

NCA leads international disruption of Shylock banking malware

Posted by Kevin on July 10, 2014

The internationally coordinated global law enforcement action against malware and botnets continues: this time it’s Shylock. “On 8 and 9 July 2014, an alliance of law enforcement and industry undertook measures against the Internet domains and servers that form the core of an advanced cybercriminal infrastructure attacking online banking systems around the globe using the […]

CosmicDuke – does it highlight the difference between US, Russian and Chinese cyberspies?

Posted by Kevin on July 3, 2014

F-Secure has discovered a new piece of malware that it is calling CosmicDuke – it appears to derive from both the Cosmu and MiniDuke families of malware. Indeed, it seems to suggest that Cosmu and MiniDuke are related, but evidence within the new malware reverses the accepted timeline. That is, it is now believed that […]

A glimmer of hope for the automatic removal of PUPs

Posted by Kevin on June 19, 2014

A PUP is a potentially unwanted program. They are usually installed by deceit and are designed to make money for the author. This could be by displaying adverts, redirecting your browser to different web sites, or invoking premium rate phone calls. But whether they are actually illegal is a fine point – although deceit to […]

Time’s up; Zeus is back

Posted by Kevin on June 18, 2014

Bang on time, Zbot’s back. Admittedly, it’s Zbot rather than specifically GOZeus, but it’s pretty much the same malware. Two weeks ago, the NCA warned: Action taken by the NCA to combat the threat will give the UK public a unique, two-week opportunity to rid and safeguard themselves from two distinct but associated forms of […]