More security news Splunk pulls out of Russia with mysterious statement You have around 20 minutes to contain a Russian APT attack Apple: iPhone's Group FaceTime isn't working as it did before eavesdrop bug fix Google Earth accidentally reveals secret military sites A Russian national pleaded guilty today in a New York court of creating, running, and infecting users with the NeverQuest banking trojan --also known as Snifula and Vawtrack.The man's name is Stanislav Vitaliyevich Lisov, a Russian national who went online under the names of "Black" and "Blackf," and who, according to a Department of Justice press release, "was responsible for key aspects of the creation and administration" of the NeverQuest malware botnet.More specifically, DOJ officials say Lisov was the one responsible with renting and then managing the servers that supported the NeverQuest trojan's backbone, the servers to which infected computers would connect, get instructions, and send stolen information.US … [Read more...] about Russian national, author of NeverQuest banking trojan, pleads guilty
Security
Phishing campaign attempts to spread a new brand of snooping malware
A cyber espionage campaign is targeting national security think tanks and academic institutions in the US in what's believed to be an intelligence gathering operation by a hacking group working out of North Korea. More security news Splunk pulls out of Russia with mysterious statement You have around 20 minutes to contain a Russian APT attack Apple: iPhone's Group FaceTime isn't working as it did before eavesdrop bug fix Google Earth accidentally reveals secret military sites A series of spear-phishing attacks using fake emails with malicious attachments attempts to deliver a new family of malware, which researchers at Palo Alto Networks have identified and dubbed BabyShark. The campaign started in November and remained active at least into the new year.Among the known targets identified by researchers are an American university planning a conference around North Korea denuclearization and a research institute serving as a think tank around national security. The … [Read more...] about Phishing campaign attempts to spread a new brand of snooping malware
Italian politicians reportedly push Huawei 5G ban after Pompeo warning
Politicians in Italy want Huawei banned from supplying equipment for the country's 5G rollout, a report said Friday.Lega party lawmakers intend to call on the country's parliament to block the Chinese company (which already supplies Italian telecoms) using its "golden powers" of industrial veto, according to Reuters, which cited Il Messaggero newspaper.It follows Secretary of State Mike Pompeo's Thursday warning said the US won't partner with countries that adopt Huawei's tech due to the security risks it represents -- the company has long been accused of sharing information with the Chinese government.Huawei founder Ren Zhengfei denied those accusations and expressed his hope that the company could bring its equipment to the US in CBS This Morning interviews this week.The company didn't immediately respond to a request for comment. … [Read more...] about Italian politicians reportedly push Huawei 5G ban after Pompeo warning
Fake Google reCAPTCHA used to hide Android banking malware
Researchers have documented a recent phishing campaign targeting online banking users which masquerades as Google in its attempt to steal valuable credentials.According to cybersecurity researchers from Securi, the attack wave against a Polish bank and its users is impersonating Google reCAPTCHA systems and panic-eliciting techniques to prompt victims to click on malicious links embedded in scam emails. More security news Splunk pulls out of Russia with mysterious statement You have around 20 minutes to contain a Russian APT attack Apple: iPhone's Group FaceTime isn't working as it did before eavesdrop bug fix Google Earth accidentally reveals secret military sites The emails in question contain a fake confirmation for a recent transaction, alongside a link to a malicious .PHP file.Messages sent to would-be victims ask them to 'verify' these non-existent transactions by clicking on the link.This attack method is nothing new, but the next stage is somewhat more unusual. If a … [Read more...] about Fake Google reCAPTCHA used to hide Android banking malware
Credit card details worth nearly $3.5 million put up for sale on hacking forum
Cyber-criminals have put up for sale three large collections of payment card "dumps" this past month, ZDNet has learned. More security news Splunk pulls out of Russia with mysterious statement You have around 20 minutes to contain a Russian APT attack Apple: iPhone's Group FaceTime isn't working as it did before eavesdrop bug fix Google Earth accidentally reveals secret military sites "Dumps" is a term used in the cyber-security industry to describe caches of stolen payment card details that are released or put up for sale. Cyber-criminals buy these "dumps" to create cloned cards to later withdraw money from the real owners' bank accounts via mass ATM withdrawals.All three card dumps were released on Joker's Stash, the most notorious and well-known underground marketplace for selling stolen credit card dumps.Of the three dumps that ZDNet learned about this week, two contain the card details of Pakistani users. The two weren't extremely large releases, but contained … [Read more...] about Credit card details worth nearly $3.5 million put up for sale on hacking forum