CSO

Report: IoT is the next frontier for ransomware

CSO

LAS VEGAS — The growth of the Internet of Things will offer new ransomware opportunities for cybercriminals, according to a report released Thursday by Symantec.

Researchers were able repackage existing Android ransomware — Android.Simplocker — inside a new Android Wear project, and when the phone was infected, so was a paired smartwatch. Once executed, the ransomware made the watch unusable, and also encrypted files stored on the watch’s SD card.

Researchers said they haven’t seen any examples of this kind of ransomware in the wild yet.

According to a report by Symantec researcher Kevin Savage, cybercriminals switch their focus to a different malware type approximately every two or three years of reaching a peak.

To read this article in full or to leave a comment, please click here

Report: IoT is the next frontier for ransomware Read More »

GameOver ZeuS criminals spied on Turkey, Georgia, Ukraine and OPEC

CSO

The criminals behind the GameOver ZeuS Botnet didn’t just steal $100 million from banks — they also spied on several countries on behalf of Russia, according to a Black Hat presentation Wednesday by an FBI agent and two other security experts.

These countries included Ukraine, Turkey, Georgia, and OPEC members, according to FBI special agent Elliott Peterson.

The gang, which called itself Business Club, had two leaders, one of whom was Evgeniy Bogachev who is still uncaught. The FBI is offering a $3 million reward for information leading to Bogachev’s arrest.

[ Follow all the stories out of Black Hat 2015 ]

To read this article in full or to leave a comment, please click here

GameOver ZeuS criminals spied on Turkey, Georgia, Ukraine and OPEC Read More »

Terracotta VPN hijacks servers for commercial gain

CSO

LAS VEGAS – The Terracotta commercial VPN, marketed in China under a number of different brand names, uses hacked servers to power its network and the network has become popular with advanced persistent threat groups, according to research released today by RSA Security.

“We don’t usually see commercial networks hacking into servers,” said Peter Beardmore, RSA’s senior consultant for threat intelligence marketing.

Terracotta also stands out because it keeps adding new IP addresses, and not publishing the data, he added. This is one of the things that makes it popular with cybercriminals.

“Most commercial VPN services publish their IP addresses,” Beardmore said. “And enterprises and governments can restrict access from those IP addresses.”

To read this article in full or to leave a comment, please click here

Terracotta VPN hijacks servers for commercial gain Read More »

T-Mobile caught in crossfire of injected ad war with Flash Networks

CSO

LAS VEGAS – An ongoing conflict between website owners and ad injectors who place unwanted ads on those websites has just flared up into full-blown war, with advertisers and carriers caught in the crossfire.

Take, for example, T-Mobile, which is proudly named as a customer by Flash Networks, a company that brags about creating “new monetization opportunities” for mobile operators when it “inserts the most relevant engagement display into the selected webpages.”

This seems to have been a surprise to T-Mobile. Cynthia Lee, the company’s senior digital media manager, adamantly denied that T-Mobile was using Flash Networks to inject ads into webpages it was serving up to mobile customers.

To read this article in full or to leave a comment, please click here

T-Mobile caught in crossfire of injected ad war with Flash Networks Read More »

T-Mobile caught in crossfire of war over injected ads

CSO

UPDATE: Flash Networks comments have been added to the original story.

LAS VEGAS – An ongoing conflict between website owners and ad injectors who place unwanted ads on those websites has just flared up into full-blown war, with advertisers and carriers caught in the crossfire.

Take, for example, T-Mobile, which is proudly named as a customer by Flash Networks, a company that brags about creating “new monetization opportunities” for mobile operators when it “inserts the most relevant engagement display into the selected webpages.”

This seems to have been a surprise to T-Mobile. Cynthia Lee, the company’s senior digital media manager, adamantly denied that T-Mobile was using Flash Networks to inject ads into webpages it was serving up to mobile customers.

To read this article in full or to leave a comment, please click here

T-Mobile caught in crossfire of war over injected ads Read More »

Neiman Marcus case a reminder to check your cyber coverage

CSO

In a decision that should send major corporations to double-check their cyberinsurance, a federal appeals court ruled Monday that retail customers could go ahead and file a class-action lawsuit against Neiman Marcus in the wake of last year’s data breach.

Previously, such cases were dismissed because the customers hadn’t suffered any actual damages.

In the decision, the judges ruled that breach posed a substantial risk of harm to the customers.

“Why else would hackers break into a store’s database and steal consumers’ private information?” they said.

To read this article in full or to leave a comment, please click here

Neiman Marcus case a reminder to check your cyber coverage Read More »