Security News > 2020 > August

Microsoft warned on Thursday that a recently uncovered piece of malware designed to help cybercriminals steal information from infected systems is now actively distributed in the wild. The malware has been named Anubis, but the tech giant has pointed out that it's not related to the Android malware that has the same name.

Avast security researchers have identified vulnerabilities in DVB-T2 devices that could allow attackers to ensnare them in botnets. Many such set-top boxes are primitive, consisting of a TV tuner and an output device, some packing Internet support, and many are highly insecure, Avast's security researchers reveal.

The latest variant of this trojan extracts email threads from Outlook, which it uses for phishing attacks, says Check Point Research. A new phishing campaign analyzed by threat intelligence provider Check Point reveals how the old Qbot trojan has been repurposed to phish people by capturing their email threads.

"The biggest takeaway is that there exists a market, demanded by cybercriminals, for threat actors to advertise customized sniffer variants to conduct attacks against e-commerce websites through malicious JavaScript injection," researchers with Recorded Future told Threatpost, on Thursday. One such Russian-speaking threat actor currently making waves is called "Billar," which created and is the sole designer of a payment card sniffer called "Mr.SNIFFA." This sniffer was first debuted on Exploit Forum on Dec. 3, 2019, and is currently being advertised for about $3,000.

Cyber attacks forced New Zealand's stock exchange to halt trading Thursday for the third time in as many days, its operator said Thursday, just as the country's corporate reporting season gets underway. The New Zealand Exchange said the bourse was placed into a trading halt at about 11.10am local time "As a result of network connectivity issues relating to DDoS cybersecurity attacks".

First, the crooks steal a trove of company files that they threaten to make public or to sell on to other crooks; then they scramble the data files on all the company's computers in order to bring business to a halt. Recent reports include an attack on fitness tracking company Garmin, which was allegedly blackmailed for $10m and did pay up, though apparently after wangling the amount down into the "Multi-million" range; and on business travel company CWT, which faced a similar seven-figure demand and ended up handing over $4.5m to the criminals to get its business back on the rails.

A sophisticated cybercrime group has stolen payment card data from hundreds of websites over the past five years using JavaScript sniffer malware, threat hunting and intelligence company Group-IB reported on Thursday. "Over five years, UltraRank repeatedly changed its infrastructure and malicious code for stealing bank card data, as a result of which researchers would wrongly attribute its attacks to other threat actors," Group-IB noted in its report.

While attachment threat vectors are one of the oldest malware-spreading tricks in the books, email users are still clicking on malicious attachments that hit their inbox, whether it's a purported "Job offer" or a pretend "Critical invoice." The attack vector is still widespread enough where tech giants are re-inventing new ways to try to stomp it out, with Microsoft just this week rolling out a feature for Office 365 that aims to protect users against malicious attachments sent via email, for instance.

From web app flaws to a lack of 2FA, Rapid7 found lots of common soft targets in the networks it breached on behalf of clients.

Cory Doctorow has writtten an extended rebuttal of The Age of Surveillance Capitalism by Shoshana Zuboff. He summarized the argument on Twitter. Shorter summary: it's not the surveillance part,...