Latest News

5 months ago
Charlie Osborne / ZDNet

New Kraken Cryptor Ransomware-As-A Service Distributed Through an Affiliate Program, Part of the Fallout Exploit Kit

A new ransomware variant, Kraken Cryptor, has been added to the Fallout exploit kit, research conducted by Insikt Group and McAfee, with the assistance of Recorded Future, shows. Only a month after its debut in a Russian-speaking underground forum, the malware, which is ransomware-as-a-service (RaaS) program, appeared on the SuperAntiSpyware website masquerading as a genuine anti-spyware program. Kraken Cryptor spreads through the typical spam and phishing routes but communicates with its victims via email rather than through a standard command-and-control (C2) setup. Developed by someone who calls himself or herself ThisWasKraken, the malware is distributed through an affiliate program and demands payments through an online gambling website, BitcoinPenguin. Members of the Kraken Cryptor hacking group may reside in any one of a number of countries with which it refuses to do business, including  Syria, Brazil, Iran, and Armenia.

5 months ago
Catalin Cimpanu / ZDNet

Emotet Malware Family Has New Module That Mass Harvests Full Email Messages From Infected Hosts, Currently Only Affects Microsoft Outlook Installations

The notorious Emotet malware family has started mass-harvesting full email messages from infected victims, starting yesterday, according to Kryptos Research. The Emotet malware started out as a banking trojan but morphed into a modular malware family capable of delivering a host of malware payloads and is popular among criminal groups. Now, the Emotet malware has a new module that blindly harvests all emails sent or received from infected hosts from the past 180 days, which affects, for now, only Microsoft Outlook installations.

5 months ago
Ellen Nakashima / Washington Post

In Its Latest Indictment Involving Chinese Intelligence Officers, Justice Department Accuses Chinese Spies of Conspiring to Steal Aviation Technology

For the third time since September, the Justice Department brought charges against Chinese intelligence officers and their recruits for trying to steal U.S. intellectual property, unsealing an indictment from October 25 against 10 Chinese spies, hackers and others accused of conspiring to steal sensitive commercial airline and other secrets from U.S. and European companies.  The conspiracy lasted at least five years beginning in 2010, and focused on the theft of technology underlying a turbofan engine used in U.S. and European commercial jets, and was developed between an unidentified French company with an office in Suzhou, China, and an unidentified U.S. company. Two of the defendants, Zha Rong and Chai Meng, are officers with the Jiangsu Province Ministry of State Security [JSSD], a provincial arm of the MSS.

Podcasts

5 months ago
ISC StormCast

Hancitor Update; Apple Updates; Telegram Clear Text Messages

Johannes Ullrich talks about Change in Strategy for Hancitor Malware, Apple Updates, Telegram Stores Conversations Locally.


5 months ago
SECURITY NOW 687

SECURING THE VENDING MACHINE

Steve Gibson and Leo Laporte talk about the week’s top news including more Zero-day exploits in Windows 10, publicly exposed Docker Engine APIs, Google’s plan to fix Android, the DoD is expanding its existing “Hack the Pentagon” bug-bounty program to include hardware assets, the going rate for DDoS-for-Hire, and Steve has the answer to our vending machine conundrum from last week.


5 months ago
Risky Business #520

Tanya Janca talks security in the curriculum

Patrick Gray and Adam Boileau talk about the week’s news including more Chinese MSS officers indicted by the US DoJ, ASD chief speaks publicly on 5G Huawei ban, China playing funny buggers with BGP and more. Guest Tanya Janca talks about some volunteer work she’s been doing with a Canadian government panel on getting security content into children’s school curriculums.


5 months ago
Hack Naked News #195

Bing, Chrome, and Docker API

A one-liner exploit for X, the danger of searching for Chrome in Bing, exposing your Docker API, you can find sensitive data in the cloud, exploit users by embedded videos in Word documents, dead web apps, hacking BGP routes, a new DHCP vulnerability and hacking your brain.


Cybersecurity Events

Mar. 4-8RSA ConferenceSan Francisco, CAUSA
Mar. 10BSides San Jose 2018San JoseCosta Rica
Mar. 13-14Tactical EdgeBogotaColombia
Mar. 18-22TROOPERS19HeidelbergGermany
Mar. 19NFEA - Cyber Security 2019OsloNorway
Mar. 26-29BlackHat AsiaSingaporeSingapore
Mar. 28-30Women in CyberSecurityPittsburgh, PAUSA
Apr. 11-12CypherConMilwaukee, WIUSA
Apr. 16-19LocoMocoSecKauai, HawaiiUSA
Apr. 24-26ICS Cyber Security ConferenceSingaporeSingapore
Apr. 25-26BSides Kansas CityKansas City, MOUSA
Apr. 27-28BSides CharmTowson, MDUSA
May 1-2Global Cyber Innovation SummitBaltimore, MDUSA
May 3NaijaSecCon Cybersecurity ConferenceLagosNigeria
May 3-4ThotconChicago, ILUSA


Support Us!

Subscribe to Our Newsletter

Subscribe to our newsletter and get our daily and highly enjoyable summary of cybersecurity developments you must know if you want to stay ahead.

We don't spam and we value your privacy. We don't sell or share our subscriber lists ever. For more information, please read our privacy policy at Metacurity's Privacy Policy page.

DON'T FORGET TO CONFIRM YOUR SUBSCRIPTION AFTER SIGNING UP. PLEASE CHECK YOUR SPAM FILTER FOR OUR CONFIRMATION EMAIL.


Get Metacurity Updates on Alexa!

Metacurity has hundreds (and growing!) of listeners on Alexa. Enable our skill here and join your top infosec peers in listening to our exclusive summaries of the day’s top infosec news.