The problem is not new to security specialists, but it gradually sinks in with the rest of the world as well: the more pacemakers are connected to the internet for any form of communication, the more security risks arise. Following a recall action by pacemaker manufacturer Abbott, thousands of Belgians had to come to the hospital to have their device upgraded, on order to shield it from possible hacking events. Continue reading
Everything can be hacked, even democracy itself. Andrés Sepúlveda described in an interview how for a decade he helped political parties in South-America to win elections. He hacked other political parties for them, got all their secrets, … Continue reading
Ever since the law enforcement takedown of the Silk Road underground marketplace in 2013, there has been increasing interest in the depth and breadth of the Dark Web. This portion of the internet has been largely shrouded from the public eye. But it represents an environment in which hackers can converse or share malicious code and strategies. And make a profit from the information stolen during the ever-increasing cyber attacks taking place.
A large-scale ransomware attack reported to be caused by a variant of the Petya ransomware is currently hitting various users, particularly in Europe. This variant, which Trend Micro already detects as RANSOM_PETYA.SMA, is known to use both the EternalBlue exploit and the PsExec tool as infection vectors.
The Wannacry ransomware has been keeping us busy for several days now. This software has infected systems worldwide by exploiting an older (already patched) Windows vulnerability. Though many may wonder how a vulnerability that has been patched can still infect so many systems worldwide, it appears that the attack hasn’t brought in much money yet. Considering the attack and the errors made by the criminals, I wonder if this attack hasn’t been a first test or a general rehearsal for a much bigger attack. Continue reading
Cybercriminals by and large don’t work to annual schedules. But as a new year rolls around again, there’s a valuable opportunity for organizations to take stock of their IT security posture and consider where the key threats lie over the coming 12 months. One major area highlighted in Trend Micro’s 2017 predictions report, The Next Tier, is in the number of software bugs discovered in non-Microsoft platforms. Continue reading
There is no industry that hackers won’t target as long as they have something to gain from it. All and any personally identifiable information has some value to someone on the Dark Web, whether it will be used for identity theft purposes, for an advanced targeted attack or for something else. Cyber criminals work tirelessly to breach systems in a variety of verticals, and it shows: In 2015, the Identity Theft Resource Center in the US tallied over 780 data breaches, amounting to the exposure of more than 169 million records. Continue reading
Proper encryption is seen by many as the linchpin to the Internet’s current and future success. Everything from online banking to private email correspondence needs to be kept out of the hands of cyber criminals, and as such encryption methods were implemented into many of the world’s modern data transfer systems. However, it would appear that HTTPS encryption has a vulnerability that could quickly get out of hand if it isn’t nipped in the bud. Continue reading