Next year, a hacktivist organization or nation-state will launch a coordinated attack against the infrastructure of the internet. The industry already saw the impact of an attack against a critical piece of internet infrastructure when a DDoS attack against DNS hosting provider, Dyn, took down many popular websites including Twitter, Reddit, and Amazon.com. Around the … [Read more...]
Brexit Email Tricks Users Into Downloading Malware
Recently, some individuals received emails that used Brexit to trick them into opening malicious office document attachments. The document’s authors must have been watching the news carefully because the file’s name was Brexit 15.11.2018.docx and the emails came around the same time as the release of the Brexit plan. Looking at the Document, we see the author of the document is … [Read more...]
2019 Security Predictions – Biometrics as Single-Factor Authentication Exploited by Attackers
As biometric logins become more common, hackers will take advantage of their use as a single-factor method of authentication to pull off a major attack in 2019. Biometric login methods such as face and fingerprint readers on consumer devices like smartphones and gaming consoles present a tempting target for hackers. While biometrics are more convenient than … [Read more...]
2019 Security Predictions – Fileless, Self-Propagating “Vaporworms” Attack
In 2019, a new breed of fileless malware will emerge, with wormlike properties that allow it to self-propagate through vulnerable systems and avoid detection. It has been over 15 years since the Code Red computer worm spread through hundreds of thousands of vulnerable Microsoft IIS web servers in an early example of a fileless worm. Since then, both worms and fileless … [Read more...]
Our Vaporworm Prediction Arrives Early
In one of our 2019 Security Predictions, we predicted a future where self-propagating, fileless malware “vaporworms” run rampant. This week, Trend Micro announced in a blog post that this future came earlier than we anticipated. In their write up, Trend Micro analyzes a newly discovered fileless variant of the BLADABINDI remote access trojan (RAT) that added self-propagation … [Read more...]
