Category Archives: Security News

UK paper The Independent delivered ransomware instead of news

The Independent has now cleaned up the infection, Trend Micro said

Credit: Gerd Altmann / Pixabay
A major UK newspaper is cleaning up its website after a criminals tried to deliver ransomware to thousands of its readers.

The attack affected the blogs section of The Independent newspaper’s website, Joseph C. Chen, a fraud researcher with Trend Micro, said in a blog post Tuesday.

DDoS attacks increase in number, endanger small organizations

The power of DDoS attacks decreased in recent months, but their number rose significantly

Credit: Gerd Altmann / Pixabay
While the power of distributed denial-of-service (DDoS) attacks has decreased in recent months, their number has spiked, a trend that could signal trouble for smaller companies and websites.

The number of DDoS attacks recorded in the third quarter of this year has grown by 180 percent compared to Q3 2014, exceeding 1,500, Akamai said in the latest edition of its State of the Internet report published Tuesday.

New payment card malware hard to detect and remove

Nemesis, which comes from a suspected Russian group, is a bootkit

Malware steals payment card data from PoS
Attackers infect point-of-sale terminals with malware
FireEye says it has discovered a type of malware designed to steal payment card data that can be very difficult to detect and remove.

The cybercriminal group behind the malware, which FireEye nicknamed “FIN1,” is suspected of being in Russia and has been known to target financial institutions.

Security vulnerabilities found in support software from Lenovo, Toshiba, and Dell

Security flaws pile up in support applications installed by PC manufacturers

Lenovo ThinkPad X240 (2) Credit: Lenovo
The number of vulnerabilities discovered in technical support applications installed on PCs by manufacturers keeps piling up. New exploits have been published for flaws in Lenovo Solution Center, Toshiba Service Station and Dell System Detect.

Russian spy group adopts new tools to hack defense contractor networks

Pawn Storm uses air-gap defeating malware

Credit: Gerd Altmann / Pixabay
A Russian cyberespionage group known as Pawn Storm has adopted new tools in an ongoing attack campaign against defense contractors with the goal of defeating network isolation policies.

Pawn Storm, also known as Sofacy, after its primary malware tool, has been active since at least 2007 and has targeted governmental, security and military organizations from NATO member countries, as well as media organizations, Ukrainian political activists and Kremlin critics.