Tag Archive for: Cybercriminals

Cybercriminals adopt recently patched zero-day exploit in a flash

/in

Just four days after Adobe Systems patched a vulnerability in Flash Player, the exploit was adopted by cybercriminals for use in large-scale attacks. This highlights the increasingly small time frame users have to deploy patches.

On Saturday, a malware researcher known online as Kafeine spotted a drive-by download attack done with the Magnitude exploit kit that was exploiting a Flash Player vulnerability patched Tuesday.

The flaw, tracked as CVE-2015-3113 in the Common Vulnerabilities and Exposures database, had zero-day status—that is, it was previously unpatched—when Adobe released a patch for it. It had already been exploited by a China-based cyberespionage group for several weeks in targeted attacks against organizations from the aerospace, defense, construction, engineering, technology, telecommunications and transportation industries.

To read this article in full or to leave a comment, please click here

Network World Security

Some cybercriminals are improving customer service for their victims

/in

The past two years has seen a dramatic increase in ransomware, malware such as the infamous CryptoWall that encrypts data on the infected device and demands a ransom payment for the decryption key. One interesting side effect has been an unexpected focus on the level service that the cybercriminals provide to their victims while trying to make sure they pay up.

Ever since this strain of malware has been on the internet, security experts have universally urged victims not to pay the ransom. Part of the reason for this is that it perpetuates the scam, incentivizing criminals to get into this business and spread it to more victims. Another major reason – and the only one that the scam’s victims are likely to care about – is that there is no guarantee that paying the ransom would persuade the scammers to return the files safely. They could just as well make off with the money or demand further payments. Meanwhile, the victim loses both their files and the money they paid to get them back.

To read this article in full or to leave a comment, please click here

Network World Colin Neagle

Cybercriminals create platform for automating rogue credit card charges

/in

Cybercriminals have a new tool to make the most of stolen credit card details before payment processors detect the fraud, security researchers warn.

A Web-based application called the Voxis Platform is being advertised on underground forums as a tool for cashing out money from stolen credit cards by automating fraudulent purchases, according to security researchers from cybercrime intelligence firm IntelCrawler.

There are three main parties involved in every online transaction: the buyer, the seller and a payment processing provider that operates a payment gateway. In order to receive money from transactions, the seller needs to have a merchant account registered with the payment gateway.

To read this article in full or to leave a comment, please click here

Network World Security

Cybercriminals exploiting Android Flash Player gap on Google Play – Techworld.com

/in

Cybercriminals exploiting Android Flash Player gap on Google Play
Techworld.com
Most Popular in Security. McAfee antivirus update causes problems for home and enterprise customers · Swiss Army knives to lose USB drive security features · The best 5 secure browsers · Five free Android security apps tried and tested · Mask your

“android security” – read more