Security News > 2020 > August

One new Qbot feature hijacks a victim's Outlook-based email thread and uses it to infect other PCs. The 12-year-old malware resurface in January 2020, according to F5 researchers, who issued a report in June detailing new Qbot evasive features to avoid detection. Most of the victims of the new Qbot campaigns have been in the United States, where 29 percent of Qbot attacks have been detected, followed by India, Israel and Italy, according to Check Point.

A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point Research today, the latest wave of Qbot activity appears to have dovetailed with the return of Emotet - another email-based malware behind several botnet-driven spam campaigns and ransomware attacks - last month, with the new sample capable of covertly gathering all email threads from a victim's Outlook client and using them for later malspam campaigns.

Barracuda Networks' analysis of ransomware attacks over the past 12 months found that local municipal governments continue to be the preferred target, the amount of ransom demanded is on the rise, and more people are paying out. Municipal governments were subject to 45% of ransomware attacks in the past 12 months, and the other two sectors leading were healthcare with 22%, and education with 15%. Corporations, which made up 27% of ransomware targets in the previous year, dropped to just 14% of targets.

A Reg reader last night spoke of the horrifying moment he realized an online store used by his wife was mixing up some of its online customers, allowing people to gain access to some strangers' personal information and order carts. "My wife has an account with Fabletics," our reader, who asked to remain anonymous, told us.

To select a suitable password management solution for your business, you need to think about a variety of factors. For organizations to leverage the benefits of next-generation password security, they need to ensure their password management solution is easy to use - and subsequently adopted by all employees.

New Zealand's stock exchange has closed for a third day thanks to a distributed denial-of-service attack. The exact nature of the incident is not known: an NZX spokesperson told The Register that "Network connectivity issues relating to DDoS cybersecurity attacks" were behind the decision to close the market after around 70 minutes of Thursday today.

Despite all of the advancements we've seen, many organizations still rely on the same algorithm used by Bledsoe's database - known as "k-nearest neighbors" or k-NN. Since each face has multiple coordinates, a comparison of these distances over millions of facial images requires significant data processing. Facial recognition also involves finding the location of a feature on a face before evaluating it.

Browsing histories can be used to compile unique browsing profiles, which can be used to track users, Mozilla researchers have confirmed. Sarah Bird, Ilana Segall and Martin Lopatka were spurred to reproduce the results set forth in a 2012 paper by Lukasz Olejnik, Claude Castelluccia, and Artur Janc, by using more refined data, and they've extend that work to detail the privacy risk posed by the aggregation of browsing histories.

There's a growing unease amongst the cybersecurity community around the recent rise in misinformation and fake domains, Neustar reveals. 48% of cybersecurity professionals regard the increase in misinformation as a threat to the enterprise, with 49% ranking the threat as 'very significant'.

Researchers at Ben-Gurion University of the Negev have developed a new AI technique that will protect medical devices from malicious operating instructions in a cyberattack as well as other human and system errors. Complex medical devices such as CT, MRI and ultrasound machines are controlled by instructions sent from a host PC. Abnormal or anomalous instructions introduce many potentially harmful threats to patients, such as radiation overexposure, manipulation of device components or functional manipulation of medical images.