Malware / News Briefs

Over 3.2 Million Debit Cards May Have Been Compromised, Says National Payment Corporation of India

A total of 3.2 million debit cards across 19 banks may have been compromised as a result of a suspected malware attack. The breach, possibly largest of its kind in India, was confirmed by the National Payment Corporation of India (NPCI) in a statement today. more»

New Trojan Used in High Level Financial Attacks, Multiple Banks Attacked

Since January 2016, discreet campaigns involving malware called Trojan.Odinaff have targeted a number of financial organizations worldwide, warned Symantec Security Response team on Tuesday. more»

IoT Botnet Source Code Responsible for Historic Attack Has Been Publicly Released

The source code for the IoT botnet 'Mirai' has been released," warns security expert Brian Krebs whose own website was targeted with the same botnet resulting in the historically large DDoS attack last month. more»

Clothing Retailer Eddie Bauer Confirms Point-Of-Sale Malware, All US, Canadian Stores Infected

In a press release yesterday evening, retailer Eddie Bauer confirmed a point-of-sale malware infection suspected by some sources as early as beginning of last month. more»

Reports Provide Details on 'Project Sauron' Malware, Highly Advanced, Remained Hidden for 5 Years

"Security experts have discovered a malware platform that's so advanced in its design and execution that it could probably have been developed only with the active support of a nation-state," reports Dan Goodin in Ars Technica. more»

Kazakhstan Using Malware Against Journalists, Political Activists, Lawyers

Journalists and political activists critical of Kazakhstan's authoritarian government, along with their family members, lawyers, and associates, have been targets of an online phishing and malware campaign believed to be carried out on behalf of the government of Kazakhstan, according to a new report by the Electronic Frontier Foundation (EFF). more»

Sophisticated Maleware Found Aimed to Target Energy Companies

"The threat uses sophisticated techniques to evade detection and prepares the ground for more malware components," Lucian Constantin reporting in CIO: "Security researchers have discovered a new malware threat that goes to great lengths to remain undetected while targeting energy companies." more»

Documentary Balmes Israel for Stuxnet Malware Failure

Oscar-winning documentarian Alex Gibney's "Zero Days" -- coming out on Friday -- investigates the story of the classified Stuxnet attack on Iran by the US and Israel. more»

Google's Project Zero Team Discovers Critical Vulnerabilities in Symantec and Norton

"These vulnerabilities are as bad as it gets," says Google's Information Security Engineer, Tavis Ormandy, in reference to multiple critical vulnerabilities discovered affecting Symantec, a popular vendor in the enterprise security market. more»

NASCAR Team Pays Ransomware Fee to Recover Its Critical Files

NASCAR team Circle Sport-Leavine Family Racing (CSLFR) disclosed today a ransomware infection incident that took place in April and nearly caused losing access to critical files worth about $2 million. more»

Cybercriminals Continuing to Exploit Human Nature, Increasing Reliance on Ransomware, Study Finds

Cybercriminals are continuing to exploit human nature and relying on familiar attack patterns such as phishing, and increase their reliance on ransomware, where data is encrypted and a ransom is demanded, according to Verizon 2016 Data Breach Investigations Report released today. more»

91.3% of Malware Use DNS as a Key Capability

Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently. more»

Hacking Increasingly Becoming a Physical Concern

If this past quarter's stories are any indication, we could very well be seeing the rise of a new wave of threats that will affect people in a more pronounced and physical level, reports Trend Micro in its Q2 Security Roundup Report. more»

Megaupload Domains Seized by FBI Now Link to Scam Ads and Malware Due to Renewal Failure

Sean Gallagher reporting in Ars writes: "Earlier this week, something suspicious started happening with Web addresses related to sites seized by the FBI from Megaupload and a number of online gambling sites." more»

Record Number of Malware Variants Detected in Q4 of 2014, Retail/Service Most Targeted

During the 4th quarter of 2014, a record number of malware variants were detected -- an average of 255,000 new threats each day, according a recent report by Anti-Phishing Working Group (APWG). The group further reports that the number of unique phishing reports submitted to APWG during Q4 was 197,252 -- an increase of 18 percent from the 163,333 received in Q3 of 2014. more»