Tag Archive for: hard

Hard Numbers: Global vaccine good news, rampant ransomware, 5G growing fast, Spanish wind power

58.1: As of December 17, 56.6 percent of the global population has received at least one COVID vaccine shot. We sometimes don’t realize how big of an achievement this is from just a year ago, when frontline health workers were the first to get jabs.

11: A ransomware attack occurred every 11 seconds in 2021, according to one estimate. Earlier this year, hackers carried out their most famous attack to date against Colonial Pipeline, which supplies almost half of the oil and gas consumed in the US Eastern Seaboard.

540 million: Global 5G connections are expected to reach 540 million by the end of the year, according to a new report. That’s more than double the amount in all of 2020.

23.1: Wind became Spain’s top energy source this year, overtaking nuclear for the first time. Half of the country’s energy now comes from renewable sources, which the government hopes will help bring down sky-high power prices in 2021.


Software development companies hit hard by cyber crime

Research carried out by cyber crime experts FoxTech has revealed that among the worst industries at risk of cybersecurity breaches are computer software development companies.

These companies had an average cyber risk score of 166, followed by publishing (152), research (115), transportation, trucking and railroad (111), and civil engineering (102).

The cyber risk score, which is calculated using publicly available information and an analysis of a wide range of cyber security indicators, is an immediate indicator of how high or low the risk of a potential cybersecurity breach is for a company, according to FoxTech.

Companies with scores of 75 or more are at extreme risk of cyber attack, while those below 25 are considered to be low risk.

Anthony Green, CTO and cyber crime expert at FoxTech, explains, “We audited hundreds of companies across a wide range of sectors and found that while industries such as banking (cyber risk score 6) and performing arts (cyber risk score 5) are at very low risk of a potential attack, other industries fell woefully short when it came to ensuring their cyber protection was up to scratch.”

However, the issue is not that companies do not care about cybersecurity, but that they are unaware that their IT infrastructure is not robust enough to stave off an attack, Green says.

He says, “In many cases, companies will be entirely unaware that the antivirus or endpoint protection software they have invested in simply isn’t robust or far-reaching enough to prevent a cyber attack from occurring.

“Alternatively, companies might be under the misapprehension that they are safe from attack because they have invested in cloud-based services.

“Sometimes, a company can be exposed by something as simple as poorly managed user accounts, software that is out of date or inadvertently leaving their database visible to the internet and therefore exposed to hackers.”

On average, hackers will spend 207 days between breaching a company’s IT security and exploiting it. Green says this shows that it’s a gradual process rather than something that happens overnight.

He says, “The fact that hackers are going undetected for more than half a year tells us…


How to avoid installing AVG Internet Security Trial when upgrading AntiVirus Free

Snake malware biting hard on 50 apps for only $25


Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks.

Snake has been active since November 2020 and is a different project from the ransomware operation that used the same name in the past.

Written in .NET and using the same staging mechanism as FormBook and Agent Tesla, researchers from Cybereason take a deep dive into how the rising threat operates.

Wide range of malicious features

Cybercriminals currently sell Snake on dark web forums for as low as $25, which could be why we see a spike in its deployment.

Mainly deployed in phishing campaigns, Snake installed via malicious email attachments or through drops sites reached by clicking on email links.

When installed on a computer, Snake is capable of stealing credentials from over 50 apps, including email clients, web browsers, and IM platforms.

Some of the more popular programs targeted by Snake include:

  • Discord
  • Pidgin
  • FileZilla
  • Thunderbird
  • Outlook
  • Brave browser
  • Chrome
  • Edge
  • Firefox
  • Opera
  • Vivaldi
  • Yandex

Snake also features keystroke logging, clipboard data theft capabilities and can even capture screenshots of the entire screen, which are then uploaded back to the threat actor.

Snake's stealing capability diagram
Snake’s stealing capability diagram
Source: Cybereason


Other features include stealing OS data, memory space info, geolocation, date-time information, IP addresses, and more.

A previous analysis from HP has shown that threat actors may use the geolocation data to restrict installation based on the victim’s country.

All in all, it’s a versatile info-stealer for its cost and has been successful at hiding from security solutions.

Evading detection

To avoid detection, Snake disables AV defenses by killing the associated processes and goes as far as to disable network traffic analyzers such as Wireshark.

Snake then adds itself to the exclusion list of the Windows Defender, allowing it to execute malicious PowerShell commands without being detected.

Snake adds a scheduled task and edits a registry key to execute when a user logs in to Windows to establish persistence.

Finally, it is noteworthy that Snake gives its operators the versatility to choose what features they will…