Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
- Analyzing Bartalex – A Prolific Malware Distributor (PhishLabs)
Bartalex is a name that continues to appear in a cyberthief’s arsenal as one of the most popular mechanisms for distributing banking Trojans, ransomware, RATs, and other malware. The SANS ISC recently published a very interesting technical analysis of Bartalex. With this post, we hope to add a little more color and supplement what you already know about this prolific malware distributor.
- Dorkbot Botnets Get Busted (Bank Info Security)
One of the world's most prevalent malware families - Dorkbot - and its associated botnets have been disrupted by an international coalition of law enforcement agencies in cooperation with technology and security firms.
- UK police target script kiddies, teenage hackers (ZDNet)
A recent UK National Crime Agency (NCA) poll found that the average age of cybercrime suspects -- such as those involved in the recent TalkTalk hack -- is 17, in comparison to 24 a year ago. There are teenagers out there able to flit in and out of servers, pinch data and cause chaos for enterprise players -- all before completing their mandatory education, exams, or being able to legally drink.
- Adobe, Microsoft Each Plug 70+ Security Holes (Krebs on Security)
Adobe and Microsoft today independently issued software updates to plug critical security holes in their software. Adobe released a patch that fixes a whopping 78 security vulnerabilities in its Flash Player software. Microsoft pushed a dozen patch bundles to address at least 71 flaws in various versions of the Windows operating system and associated software.
- Dailymotion hit by malvertising attack as perpetrators ‘up their game' (The Register)
- Bankers Fear Cybercrime More than Economic Failure (Info Security)
Bankers in North America and the UK are more concerned about cybercrime than the economy, according to new research from PricewaterhouseCoopers.
- Bill requiring reporting of social media terrorist content is back (Naked Security)
A pledge of allegiance to the Islamic State (IS) – otherwise known as Daesh – that might have been posted to Facebook by suspected terrorist Tashfeen Malik has prompted US lawmakers to revive a bill that would require technology companies such as Facebook and Twitter to report suspected online terror activity.
- Hacker Lexicon: Malvertising, the Hack That Infects Computers Without a Click (Wired)
The news page looked perfectly innocent. Apart from the reams of celebrity gossip stories and throw-away magazine layout, nothing about the the website for UK news site The Daily Mail seemed particularly malicious. But, if you visited the site in October, you might have fallen victim to a sophisticated hacking campaign without even realizing it.
- When kids start getting hacked, it’s time to wake up about cybersecurity (Washington Post)
It was not an auspicious beginning to the holiday season. On Black Friday, we learned that a hacker had broken into the servers of Chinese toymaker VTech and lifted the personal information of nearly five million parents and more than 200,000 children. The data haul included home addresses, names, birth dates, email addresses, and passwords. Worse still, it had photographs and chat logs of parents with their children.