POS Malware Abuses Exposed ElasticSearch Nodes for C&C

cyber

Two point of sale (POS) malware families have been abusing thousands of publicly accessible ElasticSearch nodes for command and control (C&C) purposes, Kromtech security researchers warn. Malicious files discovered on the ElasticSearch deployments referenced to the AlinaPOS and JackPOS malware families, which are well known for their wide use in credit card data […]

EU to Launch Cybersecurity ‘Safety Labels’

cyber

The European Union unveiled plans Tuesday to step up its response to cyber attacks, including a new intelligence-sharing agency, cyber war games and product safety labels. The proposals by the European Commission, the executive arm of the 28-nation bloc, come amid growing concerns over election hacking by foreign states, ransomware […]

How to recognize a targeted malware/phishing attack

cyber

I received an email pretending to be from my hoster Strato (known as Cronon AG) telling me that my domain I have for my IT Consulting business has been suspended because of complains they received. This kind of email is called “Spear Phishing”: it targets only certain users that have a proven […]

Ransomware: Prevention is the best solution

cyber

Ransomware is malicious software that denies you access to your computer or files until you pay a ransom. There are several types of ransomware that are commonly seen: files/folders encryptors screen ‘lockers‘ MBR ransomware (MBR: master boot record) To read the original article : http://improve-your-security.org/ransomware-prevention-is-the-best-solution/

Set of online resources from AV-Comparatives.org

cyber

TOPICS:AV-ComparativesResourcesTips POSTED BY: IMPROVEYOURSECURITY SEPTEMBER 18, 2017 Here is a set of resources put together by AV-Comparatives.org : General guidelines in minimizing risks Online vulnerability starts with human vulnerability E-mail security Web navigation Safe online banking To read the original article : http://improve-your-security.org/set-of-online-resources-from-av-comparatives-org/

The Fuzzing Project

cyber

Optionsbleed – HTTP OPTIONS method can leak Apache’s server memory Posted by Hanno Böck on Monday, September 18. 2017 If you’re using the HTTP protocol in everday Internet use you are usually only using two of its methods: GET and POST. However HTTP has a number of other methods, so I wondered what […]

Chrome will tag FTP sites as “Not secure”

cyber

Google Chrome 63, expected to be released sometime around December, will label resources delivered over the FTP protocol as “Not secure”, a member of the Chrome security team has shared. To read the original article : https://www.helpnetsecurity.com/2017/09/15/chrome-ftp-insecure/

Faces of Fraud 2017: Survey Analysis

cyber

Only 38 percent of banking/security leaders have high confidence in their organization’s ability to detect and prevent fraud, according to the latest Information Security Media Group Faces of Fraud Survey. John Gunn of VASCO Data Security weighs in on how to improve that confidence. To read the original article : https://www.inforisktoday.com/faces-fraud-2017-survey-analysis-a-10241