Microsoft revealed today that Windows Defender stopped a massive malware distribution campaign that attempted to infect over 400,000 users with a cryptocurrency miner during a 12-hour period on March 6, 2018.
A mitigation mechanism is available for all victims who are under a DDoS attack carried out via Memcached servers.
Yesterday, the interactive malware analysis sandbox service called Any.Run announced that their free community version is open to the public. This allows anyone to register an account and to interactively analyze a particular file in real time.
Malware authors can exploit a flaw in the Windows Code Integrity Guard (CIG) security mechanism to inject malicious, unsigned code into CIG-protected applications, considered to be immune to such attacks.
Ukrainian authorities have sentenced two individuals —a man and a woman— to five years suspended sentences for launching DDoS attacks and running a DDoS extortion scheme.
Proof-of-concept code to run massive DDoS attacks using unsecured Memcached servers has been published online this week, along with a ready-made list of over 17,000 IP addresses belonging to vulnerable Memcached servers.
Today we mark the passing of a great information security site called Kernelmode.info. Created back in 2010 by a security developer named A_D_13, it quickly became a popular forum for the analysis of malware.
GandCrab version 2 was released, which contains changes that supposedly make it more secure & allow us to differentiate it from the original version. In this article we will provide a quick overview as to what has changed & how you can identify that you are are infected with the new GandCrab version.
A critical vulnerability affects hundreds of thousands of email servers. A fix has been released but this flaw affects more than half of the Internet's email servers, and patching the issue will take weeks if not months.
Academics have designed a new facial recognition system that relies on the way light patterns reflect off the human face to distinguish between individuals, and on the speed with which the system reads the reflected light to detect forgery attempts.
UK domain registration and hosting provider 123 Reg is not having a good day. Yesterday, 123 Reg had a hardware failure that led to their client's losing data. To make matters worse, their backups appear to b e from August 2017, with left customers complaining about missing files and lost development work.
Security researchers have spotted the first cryptocurrency miner that includes a "kill list" feature that shuts down the processes of other coinminers in an attempt to hog the infected computer's mining power only for itself.
The penetration testing and security auditing platform called Kali Linux is now available in the Windows 10 Store as a Linux environment that can be used in the Windows Subsystem for Linux. The problem is someone forgot one little thing. Some of its most popular packages are detected as hacktools and exploits by Windows Defender.
Security researchers have discovered a new malware strain that is capable of detecting when users copy a cryptocurrency address to the Windows clipboard. The malware works by replacing this address with one owned by its author.
A scan of nearly one million Ethereum smart contracts has identified 34,200 vulnerable contracts that can be exploited to steal Ether, and even freeze or delete assets in contracts the attackers don't own.
A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves.
DDoS extortionists have already pounced on the Memcached DDoS attack vector in attempts to extract payments from attacked companies.