Security researchers warned that the cybercriminals behind the two banking Trojans are now collaborating to perform man-in-the-middle (MitM) attacks. On March 17, Crowdstrike discovered a BokBot proxy module called shadDll in conjunction with TrickBot. The code for the two banking Trojans is 81 percent similar, the researchers said, which means the proxy module can be seamlessly integrated into TrickBot’s extensible, modular framework. ...

Hexion and Momentive are the two latest targets of the LockerGoga ransomware. Windows systems of these chemicals manufacturing companies were encrypted. Days after LockerGoga hit aluminum-manufacturing firm Norsk Hydro, it was found to have compromised computers belonging to two American chemical companies Hexion and Momentive. According to an anonymous employee from Momentive, the attack was carried out on March 12. Due to ...

Brace yourself guys. Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers. Sounds crazy, right? But it’s true. Microsoft Thursday announced that the company is bringing its anti-malware software to Apple’s macOS operating system as well—and to more platforms soon, like Linux. As a result, the technology giant renamed its Windows Defender Advanced Threat Protection ...

The Federal Emergency Management Agency wrongly released to a contractor the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires, potentially exposing the victims to identity fraud and theft, a government watchdog reported Friday. The Homeland Security Department’s Office of Inspector General found the breach occurred when FEMA was working with a contractor that helps provide temporary ...

Cybersecurity Starts at Your Front Door Let’s take a step back and ask a simple yet important question: was your physical security system designed to be cyber secure? Many physical security infrastructures were developed and implemented without considering cybersecurity for our IoT driven world. Network and communication protocols for remote control and management had assumed closed, non-public networks. However, these ...

Cyber Florida has announced a Call for Speakers for Florida Cyber Conference 2019 (FLCyberCon). FLCyberCon is invites experts, thought-leaders, and cyber specialists from all sectors to submit proposals for breakout sessions, panel discussions, demonstrations, case studies, interactive sessions and other unique learning opportunities for conference goers. To learn more or submit a proposal, visit FLCyberCon.com. The deadline to submit is April 26, ...

The Federal Emergency Management Agency wrongly released the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires. A Homeland Security Department’s Office of Inspector General report found the breach occurred when FEMA was working with a contractor that helps provide temporary housing to those affected by disasters. The contractor was given names, last four digits of a Social Security ...

FlawedAmmyy derives its source code from version 3 of the Ammyy Admin remote desktop software. The malware has been active since the beginning of 2016. FlawedAmmyy RAT has been rated as one of the most remote access trojans in 2018. The malware, that is active since the beginning of 2016, has been observed to be used in highly targeted email ...

By Marcel Afrahim and Charles Bettan, Endpoint Security Researchers, March 19th 2019 Sand Blast Agent Forensics team have noticed a new variant of the Monero mining malware spreading throughout organizations worldwide. Interestingly, this malware showed similarities with the infection and propagation techniques of popular trojan and ransomware attacks and made use of legitimate IT admin tools, Windows system tools and ...

The social media giant has revealed that a large number of user passwords were stored in a ‘readable format’ in its internal systems. Most of the passwords found belonged to users of Facebook Lite — a smaller version of the Facebook app meant for low data usage. Facebook disclosed another major privacy revelation in its platforms. In an official blog ...