In the energy sector, the stakes are high when it comes to cybersecurity. Unlike other fields where malware could cause havoc and delay services, attacks within the energy sector could potentially cut off electricity to millions of customers in the United States and around the world. Leo Simonovich, VP and Global Head of Industrial Cyber and Digital Security at Siemens Energy, is focused on ensuring that doesn’t happen.
Operators used four different DLL side-loading scenarios to install and execute new malware after removing a resident PlugX Backdoor
November 4, 2020
Sophos uncovered attackers using DLL side-loading to execute malicious code and install backdoors in the networks of targeted organizations. A report published, “A New APT uses DLL Side-loads to Killl Someone,” outlines the discovery of four different DLL side-loading scenarios, which all share the same program database path and some of which carry a file named “KilllSomeOne.”
Internet of Things (IoT) devices are now responsible for 32.72% of all infections observed in mobile networks, up from 16.17% in 2019, according to a new Nokia Threat Intelligence Report 2020. This trend lines up with the growing number of IoT devices that are now connected to mobile networks, says Nokia's Threat Intelligence Lab.
According to the Center for Internet Security (CIS), in September 2020, three malware returned to the Top 10: CoinMiner, CryptoWall, and Emotet. The Top 10 Malware variants composed 87% of Total Malware activity in September 2020, up from 78% in August 2020.
Emotet — a sophisticated Trojan commonly functioning as a downloader or dropper of other malware — resurged in July 2020, after a dormant period that began in February. Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. This increase has rendered Emotet one of the most prevalent ongoing threats.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Defense (DOD) Cyber National Mission Force (CNMF) have identified a malware variant — referred to as SLOTHFULMEDIA — used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and repository, VirusTotal.
Security teams in the financial services sector are experiencing even more exacting demands as they defend their organizations in a world under a new and unexpected threat — a global pandemic, says a new Accenture report, "2020 Future Cyber Threats: The latest extreme but plausible threat scenarios in financial services."
ESET researchers have analyzed a new version of Android spyware used by APT-C-23, a threat group active since at least 2017 that is known for mainly targeting the Middle East. The new spyware, detected by ESET security products as Android/SpyC23.A, builds upon previously reported versions with extended espionage functionality, new stealth features and updated C&C communication.
At least three TikTok profiles with more than 350,000 followers combined have been promoting multiple fraudulent mobile apps that generated $500,000 in profit, according to an Avast report.
Mozilla has patched a security flaw that could allow cybercriminals to hijack all vulnerable Firefox for Android browsers running on devices connected to the same Wi-Fi network.