<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: information-security

Are Cyber Attackers Hacking Your Webcam?

 

What Is Camfecting?

Camfecting is the act of accessing a victim’s webcam and operating it without permission. This is usually done by infecting the camera owner’s device with malware, which then gains access to the webcam and controls it via remote access.

The thought that a stranger may be peeping at us while we are near our computers is unsettling at the least. Now, with much of the employed workforce working from home due to the global Covid-19 epidemic, we can only imagine the breach of privacy that may happen as the result of a hacked webcam. In addition to the potential loss of privacy, attackers could record victims and use the footage for blackmail or to collect ransom. Webcam hackers can also use the camera to monitor the victim’s home to learn when it is vacant.

Read More

Share this:

Watch Out for THIS Malicious Gift Card

 

When people imagine threat actors tricking victims into installing malware, the first thing that comes to mind is probably email phishing or typosquatted domains. These days, digital attack vectors are so easy to deploy that physical vectors may even get a chance to fly under the radar.

In a recent campaign uncovered by Trustwave, the criminal threat group FIN7 mailed USB drives serving an unknown malware strain disguised as a free Best Buy gift card offering. The letter mailed with the USB drive states that the retail giant is sending out gift cards to its loyal customers, and the gifted credit can be used to buy products from a specific list that is found on the enclosed USB stick.

Read More

Share this:

A Special Message to CrowdStrike MyDNS Users

In the coming days, CrowdStrike will formally end-of-life their DNS service that many customers are using. This service takes Crowdstrike intelligence and puts it into a CrowdStrike-managed DNS resolver to protect against advanced threats that they are tracking. When this service is retired, you will no longer have protection at that layer. As an important note, there are many classes of devices that endpoint protection do not work on (medical devices, IoT, etc) but by using DNS, you can still provide a strong layer of protection.

Read More

Share this:

ThreatSTOP Premium Feed Spotlight Series: Level Up Your Malvertising Protection with The Media Trust Premium Threat Intelligence Feed

Most malware is often delivered from otherwise legitimate sites. Sometimes this occurs via compromising existing websites, but more often than not, it is by using existing advertising networks as a means to ultimately deliver malware. Quite simply, the attacker buys impressions via existing channels and uses a variety of malvertising tricks to either directly compromise the web browser, or at the least trick the user to installing the malware. This specialized form of malware delivery requires a specialized collection methodology to detect such attacks.

Read More

Share this:

Shlayer the MacOS Trojan Slays its Way into the New Year

While it does not boast any special or complex installation tactics, Shlayer’s distribution vector has made it a tremendous success - the malware has been the most prevalent MacOS strain since its debut two years ago, never falling off its leading spot. Shlayer uses a well-known infection tactic – pressing on a bad link directs the victim to a fake Adobe Flash update.

Read More

Share this:

ThreatSTOP Premium Feed Spotlight Series: Level Up Your Protection with ThreatSTOP NOD, Powered By Farsight

One of the chief problems in cybersecurity is the inherent reactivity of most forms of defense. An attack has to be observed, analyzed and reverse-engineered. THEN, protection can be developed. This means attackers are successful, and inside environments, for a period of time before the attack is noticed, before the indicators for that attack can be extracted, and before a policy can be disseminated to stop it.

There has been a wide variety of research in recent years around this problem. How to speed up the cycle to recognize attacks and to potentially get out in front of attackers to block them before the attacks start. Both my own PhD research and other researchers have noticed that one attribute that is overwhelmingly an indicator of maliciousness in DNS is “newness,” that is to say, the newer a domain is, the more likely that it is bad. More importantly, when a domain is new and otherwise benign, it is rarely in meaningful use except by the organization that’s setting up whatever will go there.

Read More

Share this:

Home Page

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter