FritzFrog: A New Generation of Peer-to-Peer Botnets written in Go Guardicore has discovered FritzFrog, a sophisticated peer-to-peer (P2P) botnet which has been actively breaching SSH servers since January 2020. Golang-Based Malware: FritzFrog executes a worm malware which is written in Golang, and is modular, multi-threaded and fileless, leaving no trace on the infected machine’s disk. Actively Targeting Government, Education, Finance and more: FritzFrog has attempted… Read More
Attack of the week: Voice calls in LTE I haven’t written an “attack of the week” post in a while, and it’s been bumming me out. This is not because there’s been a lack of attacks, but mostly because there hasn’t been an attack on something sufficiently widely-used that it can rouse me out of my blogging torpor. But today brings a beautiful… Read More
UK Firms pay £200m in ransoms to hackers Gangs of cybercriminals forced British companies to pay out more than £200 million in ransoms last year, experts have revealed. The extortionists, many from Russia or Eastern European countries, are targeting well-known businesses with malicious software and then charging them tens of millions of pounds to regain access to networks. Companies fearful of public embarrassment,… Read More
CrimeOps: The Operational Art of Cyber Crime Cybercrime rewards innovative organizations. These can innovate at the tactical level (e.g. new or updated tactics, techniques, and procedures (TTP)), the strategic level (e.g. new monetisation methods), or at the operational level—the management of resources and personnel to achieve strategic objectives. This is operational art. Source: okta… Read More
Spammers use hexadecimal IP addresses to evade detection A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk inRFC791— a standard that describes the Internet Protocol (IP). Among the various technical details, RFC791 is also the standard that describes… Read More
The iOS 14 Privacy and Security Features You Should Know Below you can find the most important security and privacy features your iOS device now has that it didn’t have before. Make sure you check them as soon as you’ve got iOS 14 on your iPhone or iPad. Apps on iOS have to explicitly ask for your permission to use the camera and microphone, and… Read More
Consultants charged for bribing Amazon Marketplace employees to game the platform Prosecutors allege the group paid handsome bribes to give clients a competitive advantage. According to the indictment, issued by a Grand Jury in the Western District of Washington, the six conspired to pay Amazon employees over $100,000 to secure an ‘unfair competitive advantage’ on Amazon Marketplace. The bribery bill is steep, but in return, the… Read More
A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months. The attack, which exploited a Citrix ADCCVE-2019-19781vulnerability to cripple the hospital systems on September 10, is said to have been ‘misdirected’ in that it was originally intended for Heinrich Heine University, according… Read More