Sunday, December 28, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Sophos

SecuritySophos
admin

Emotet 101, stage 5: a delivery vehicle for more malware

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:59:17 +0000

By SophosLabs Research Emotet is a botnet in its own right, one so prolific and dominant that the United States CERT, the body tasked with tracking cyberthreats to the country, named Emotet in July, 2018 &#8220;among the most costly and destructive malware&#8221; to affect governments, enterprises and organizations large and small, and individual computer users. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/A9JdHdI4I94″ height=”1″ width=”1″ alt=””/>

Read More
SecuritySophos
admin

Emotet 101, stage 4: command and control

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:58:33 +0000

By SophosLabs Research The Emotet family could not do what it does without receiving a constant stream of instructions from its owners, or in the absence of the detailed level of feedback about its operating environment each bot sends home from an infected host machine. It also uses huge numbers of compromised websites that belong [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/tuvtIYBP4JI” height=”1″ width=”1″ alt=””/>

Read More
SecuritySophos
admin

Emotet 101, stage 3: The Emotet executable

Credit to Author: hajnalkakope| Date: Tue, 05 Mar 2019 13:57:54 +0000

By SophosLabs Research Emotet&#8217;s arrival is usually preceded by a deceptive spam email, which has a malicious attachment. Opening the attachment starts a process which can lead to an Emotet infection. The Emotet application is an evolved binary, in the sense that it has gone through thousands of iterations over its existence. Its presence as [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/CfniXxu0bac” height=”1″ width=”1″ alt=””/>

Read More
SecuritySophos
admin

Emotet 101, stage 2: The malicious attachment and killchain

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:56:43 +0000

By SophosLabs Research The Emotet malware family is in a constant state of evolution and change. From day to day or week to week, the malware&#8217;s creators and distributors take an active role in changing up the killchain – the sequence of events that begins with a victim receiving a malicious file attachment, and ends [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/C8Iq5Z7cCTc” height=”1″ width=”1″ alt=””/>

Read More
SecuritySophos
admin

Emotet 101, stage 1: The spam lure

Credit to Author: Andrew Brandt| Date: Tue, 05 Mar 2019 13:55:43 +0000

By SophosLabs Research Emotet operates on a mass scale. Everything it does, it does in bulk. A typical infection begins when the victim receives a specially crafted spam email. Emotet&#8217;s creators send these out by the thousands and, in some cases, the bots themselves send more. The lures employ mass-created malicious document files. The payload [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/7i2oOO4OT8A” height=”1″ width=”1″ alt=””/>

Read More
SecuritySophos
admin

Thunderclap: periféricos maliciosos Thunderbolt ponen en peligro los Mac

Credit to Author: Naked Security| Date: Fri, 01 Mar 2019 11:53:20 +0000

Investigadores han revelado como periféricos Thunderbolt y PCI Express (PCIe) maliciosos pueden ser utilizados para comprometer ordenadores macOS, Windows, Linux y FreeBSD. En una presentación del Network and Distributed System Security Symposium (NDSS) de la semana pasada, la vulnerabilidad llamada “Thunderclap” tiene que ver con el acceso directo a memoria (DMA), una técnica estándar para [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Q9NA40ShsEc” height=”1″ width=”1″ alt=””/>

Read More
SecuritySophos
admin

Nvidia soluciona ocho vulnerabilidades en sus tarjetas gráficas

Credit to Author: Naked Security| Date: Thu, 28 Feb 2019 10:38:52 +0000

El fabricante de chips Nvidia ha publicado su primera actualización de seguridad de 2019 (ID 4772), con la que arregla ocho vulnerabilidades CVE en los drivers de sus tarjetas gráficas para Windows y Linux. Se recomienda a los usuarios que apliquen los parches tan pronto como sea posible. La empresa utiliza el sistema CVSS (Common [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/08Ict_KHaoI” height=”1″ width=”1″ alt=””/>

Read More
SecuritySophos
admin

ICANN pide DNSSEC para combatir el secuestro de DNS

Credit to Author: Naked Security| Date: Wed, 27 Feb 2019 16:33:36 +0000

El Sistema de Nombres de Dominio (DNS por sus siglas en inglés), sin el cual la red solo sería una masa de números de red sin nombres fáciles de recordad como ejemplo.net o news.sophos.com, se encuentra bajo amenaza de ataques por lo que el supervisor de dominios ICANN quiere que las empresas de internet hagan [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/73-ofh228ig” height=”1″ width=”1″ alt=””/>

Read More