Sicurezza

Hadoop YARN: An Assessment of the Attack Surface and Its Exploits

Pubblicato il

TL;DR Rate of Hadoop YARN exploits is slowing but still at a concerning 350,000 events per day 1065 servers are exposed and vulnerable The geographic spread of vulnerable servers and the targets of the attacks is global and concentrated in regions with high cloud data center densities Motivations behind the exploits range from planting Linux […]

Sicurezza

Top Cryptomining Malware. Top Ransomware.

Pubblicato il

In 2018, cryptominers have emerged as the leading attack vector used by cybercriminals to gain access into others systems. Cryptominers are getting advanced makeovers by cybercriminals doing their best to develop innovative cryptominers with ground-breaking capabilities. The recently-discovered cryptominers are not only known for their advanced features, but also for their capabilities to attack a wide […]

Sicurezza

Conversation hijacking attacks | Salted Hash Ep 38

Pubblicato il

‘); } adCountDown = setInterval(function() { var timeRemaining = IDG.video.players[‘bcplayer-page’].vjs.ima3.adsManager.getRemainingTime(); var timeRemainingRounded = Math.round(timeRemaining); if (Math.round(timeRemaining) > 0 && $(“#bcplayer-pageCountdown”).hasClass(‘hidden’)) { $(“#bcplayer-pageCountdown”).removeClass(‘hidden’) } var timeUnit; if (timeRemainingRounded == 1) { timeUnit = ‘second’; } else { timeUnit = ‘seconds’; } $(“#bcplayer-pageCountdown .countdown”).html(Math.round(timeRemaining) + ‘ ‘ + timeUnit + ‘.’); }, 1000); } }); this.on(“adend”, function(){ […]

Sicurezza

Micropsia Malware

Pubblicato il

Since June 2018, the Radware Threat Research team has monitored an ongoing APT against the Palestinian authority, featuring an updated version of the Micropsia malware with an advanced surveillance toolkit. This advanced persistent threat began in March 2017 and was reported by Cisco Talos and Check Point Software Technologies, infecting hundreds of machines thus far. […]

Sicurezza

Accessing Your Crypto Wallet Through Android Devices?

Pubblicato il

Android platforms are commonly characterized by the presence of Trojan-infected apps that have built-in cryptocurrency mining codes, which means that mobile users are highly susceptible to malicious cryptocurrency mining attacks. It is quite alarming to note that cyber criminals deploy malicious APKs that are delivered through SMS spam and cryptocurrency miners into people’s mobile devices […]

Sicurezza

Personal Security Hygiene

Pubblicato il

If you are reading this post, chances are you are aware of internet hacks – you have heard of the company that got all its data stolen, or the CEO whose social media account was compromised. If you work at an enterprise, it’s likely that your enterprise bought and deployed some security products to protect […]

Sicurezza

The Changing Face of Malware: Malware Being Used as Cryptocurrency Miners

Pubblicato il

In my last article, I was discussing how malicious cryptocurrency mining is all set to exploit technological as well as human vulnerabilities this year. In this article, I will continue digging deeper and discuss its patterns of invasions. As people keep talking about how cybercriminals used the banking Trojan Trickbot to steal Coinbase users’ credentials, […]

Sicurezza

Detecting Malware/APT Through Automatic Log Analysis

Pubblicato il

Legacy perimeter security mechanisms can be evaded very easily. It’s disappointing, but it’s true. Innovatively-designed malware and APTs have the potential to evade even the strongest signature-based security solutions that are currently being deployed across industries. This has encouraged IT companies to think beyond prevention and to design effective detection strategies. In recent times, companies […]

Sicurezza

Nigelthorn Malware Abuses Chrome Extensions to Cryptomine and Steal Data

Pubblicato il

Individual research contributed by Adi Raff and Yuval Shapira. On May 3, 2018, Radware’s malware protection service detected a zero-day malware threat at one of its customers, a global manufacturing firm, by using machine-learning algorithms. This malware campaign is propagating via socially-engineered links on Facebook and is infecting users by abusing a Google Chrome extension […]

Sicurezza

Stresspaint Malware Campaign Targeting Facebook Credentials

Pubblicato il

On April 12, 2018, Radware’s threat research group detected malicious activity via internal feeds of a group collecting user credentials and payment methods from Facebook users across the globe. The group manipulates victims via phishing emails to download a painting application called ‘Relieve Stress Paint.’ While benign in appearance, it runs a malware dubbed ‘Stresspaint’ […]