A cyber “war game” will test Britain’s financial system to its limits in a virtual attack which will test the defenses of banks, markets and payments systems against a simulated “major” attack by cybercriminals.
The FBI has offered temporary security clearances to security officers from U.S. banks in order to share information into repeated cyber attacks which have disrupted online banking websites in recent months.
This comprehensive look at the problems of malware on Linux Apache web servers explains the threats to business and helps you figure out if your organization is likely to be affected.
The American banking system needs to prepare or further cyber attacks in the coming months, a leading financial stability group has warned.
The European cyber security agency ENISA said Internet Service Providers in the EU have failed to implement a set of best practice recommendations which have been in place for 13 years – which could reduce the scope of even the largest DDoS attacks.
Representative Mike Rogers, Chairman of the Permanent Select Committee on Intelligence, said that Congress needs to act quickly, in an interview with NBC this week. The websites of major U.S. banks have been offline for 249 hours in the past six weeks, due to a series of sustained cyber attacks by an unknown foreign group.
Issues with malware are always with us. There may or may not be a current media storm, or companies hoping for a slice of the anti-malware pie by proclaiming the death of antivirus in a press release, but AV labs continue to slog their way every day through tens of thousands of potentially malicious samples.
Could distributed denial of service (DDoS) malware be evolving to defeat anti-DDoS security measures like CloudFlare? We do not usually see a lot of innovative denial-of-service malware in our day-to-day work. What we do see usually boils down to the basic flooding techniques: TCP Syn, UDP and ping floods, and sometimes HTTP-oriented floods. Of course,
We have just completed fresh analysis of the malicious software known as Win32/Festi. While the "Festi" botnet created with this malware has been in business since the autumn of 2009 we can see that the software is frequently updated, as described in our analysis, and these updates mean Festi continues to be a potent threat
We’ve just come across an IRC controlled backdoor that enables the infected machine to become a bot for Distributed Denial of Service attacks. The interesting part about it is that it’s a Mach-O binary – targeting Mac OS X. ESET’s research team compared this to samples in our malware collection and discovered that this code
One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans. At around the same time, there were innumerable hoaxes describing malware with
The US Department of Justice's announcement yesterday of the takedown of the command and control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime. This particular botnet,
Here’s a little information from ESET’s point of view about the Coreflood botnet, whose C&C (Command and Control) servers were taken down yesterday by the Department of Justice. The Coreflood bot is detected by ESET products as Win32/Afcore and has been active since the early years of the last decade (certainly since 2001), though our
WordPress.com is a popular blogging host. Recently, for unknown reasons miscreants launched a massive distributed denial of service attack (DDOS) against WordPress.com. According to TechCrunch (http://techcrunch.com/2011/03/03/wordpress-com-suffers-major-ddos-attack/) WordPress.com is responsible for 10% of the websites in the world. So far I have not seen anyone take responsibility for the attacks. With so many websites being hosted
Our colleagues in ESET Latin America have just blogged about an interesting botnet creation tool: the original blog is at http://blogs.eset-la.com/laboratorio/2010/05/14/botnet-a-traves-twitter/, by Jorge Mieres and Sebastián Bortnik, Security Analysts. (Mistakes in interpretation are, as usual, down to me!) In the last years we have seen many security incidents driven by botnets and exploiting the technologies
1. Every security blogger in the world will mark the transition from 2009 to 2010 with at least one top ten something-or-other article. Except me, of course. 2. There will be headlines about the death of anti-virus, and a famous security guru will state that anti-malware only catches malware that's already been identified and analysed, that
I came across a nice article today by Dennis Fisher on “The Root of the Botnet Epidemic”. It's the start of what looks like an interesting series on "the roots, growth and effects of the botnet epidemic" and the first aricle takes a historical overview of the situation around the turn of the century, looking