Search This Blog

Showing posts with label McAfee. Show all posts

Resurgence in Ransomware Being Driven By a Surge of New Malware Families


A US based cyber security firm through its most recent threat report observed a 118% increase in new Ransomware strains basically in the first quarter of 2019 as compared with the last of 2018. It believes that the resurgence in ransomware is being driven by a flood of new malware families that are regularly more focused on.

The firm discovered that attackers were targeting the governments and organizations which were followed by companies in the financial, chemical, defence and education sectors. Their information corresponded with an ever expanding number of ransomware attacks standing out as truly newsworthy, especially US governments and urban communities, very much like the Texas Ransomware attack.

This new spate of ransomware attacks is said to have been a move away from 'spray and pray' ransomware strategies, in such targeted attacks, spear phishing – sending vindictive emails from an "apparently trusted person"  – is progressively being utilized to gain initial access 68% of the time.

Attackers are likewise said to have been utilizing unknown email services to oversee the ransomware crusades. The most widely recognized groups of ransomware during this period are known to be Dharma (otherwise called Crysis), GrandCrab and Ryuk.

In any case, McAfee, made some amazing disclosures also, first the cyber security firm found that culprits are turning to various attack approaches with regards to coin mining malware, like the CookieMiner malware focusing on Apple users.

Furthermore, also, it found an average of 504 'new threats per minute' in the first quarter of 2019 and noticed that more than 2.2 billion stolen account credentials were made accessible on the cybercriminal underground during the same period.

Its discoveries depend on the information accumulated from its Global Threat Intelligence cloud,, which comprises of over a billion sensors checking for different sorts of cyber dangers around the globe.

Raj Samani, McAfee fellow and chief scientist, stresses on the fact that the impact of these threats is very real and added further that “It’s important to recognise that the numbers, highlighting increases or decreases of certain types of attacks, only tell a fraction of the story. Every infection is another business dealing with outages, or a consumer-facing major fraud. And we must not forget that for every cyber-attack, there is a human cost.”

Amazon Prime Day A Cyber Attack Target?




Researchers discover that the upcoming Amazon Prime Day sale is said to bring about hackers setting up a variety of Prime Day-related tricks intended to fool users into giving up their sensitive data.

Utilizing an 'Amazon Phishing Kit' the hackers can ship out malignant emails that have all the earmarks of being sent from Amazon, consisting of links that direct the victims to a fake Amazon login page.

As reported by Wired, shopping occasions like Prime Day stand for an easy-to-access opportunity for scamsters hoping to hoodwink victims into forking over their own information.

Crane Hassold, threat intelligence manager at the digital fraud defense firm Agari told Wired, 'Cybercriminals take advantage of popular, highly visible events when consumers are expecting an increased frequency of emails, when their malicious emails can hide more easily in the clutter,'

As indicated by security researchers from McAfee, scammers can make an email that seems like it's originating from a real organization, while utilizing a pack called 16Shop.

The biggest risk for the users is their credit card information, birthdays, addresses, and even social security numbers. The kit was initially intended to target Apple users, however as indicated by researchers, Prime Day appears, by all accounts, to be hackers' current target.

To avoid from being misled, analysts suggest investigating emails sent by Amazon with additional thoroughness and ceasing from following links to enter login data sent through email.

Just making a decision about an email by whether the address it's sent from is never again adequate state security analysts, since even emails can be faked. Instead, it's ideal to go legitimately to an organization's page by entering a URL into your address bar and afterward continue from that point.

Amazon Prime Day takes will take place on July 15 and 16.

Around 25 million Home Voice Assistants vulnerable to hacking globally

          





According to a cybersecurity report of McAfee, over 25 million voice assistants which are connected  IoT(internet of things ) devices at home globally are at huge risk of hacking.

Raj Samani, McAfee Fellow and Chief Scientist at McAfee said “ Most IoT devices are being compromised by exploiting rudimentary vulnerabilities, such as easily guessable passwords and insecure default settings”

He further added that “From building botnets, to stealing banking credentials, perpetrating click fraud, or threatening reputation damage unless a ransom is paid, money is the ultimate goal for criminals,”

The hackers around the world are exploiting basic vulnerabilities of IoT devices like easily guessable passwords, weak security settings, exploitation through voice commands.

According to the “Mobile threat report” from McAfee, there has been a 550 percent increase in security vulnerabilities related to fake apps in the second half of 2018.

According to the report “"Most notably, the number of fake app detections by McAfee's Global Threat Intelligence increased from around 10,000 in June 2018 to nearly 65,000 in December 2018,"

 Gary Davis, Chief Consumer Security Evangelist at McAfee said "The rapid growth and broad access to connected IoT devices push us to deliver innovations with our partners that go beyond traditional anti-virus. We are creating solutions that address real-world digital security challenges,"


McAfee and Samsung are now in partnership to secure Samsung Galaxy S10 devices from a malicious hacking attempt