Viruses & Malware
Canada's electronic spy agency says it is taking the "unprecedented step" of releasing one of its own cyber defence tools to the public, in a bid to help companies and organizations better defend their computers and networks against malicious threats.
The Communications Security Establishment (CSE) rarely goes into detail about its activities — both offensive and defensive — and much of what is known about the agency's activities have come from leaked documents obtained by U.S. National Security Agency whistleblower Edward Snowden and published in recent years.
Shamoon—the mysterious disk wiper that popped up out nowhere in 2012 and took out more than 35,000 computers in a Saudi Arabian-owned gas company before disappearing—is back. Its new, meaner design has been unleashed three time since November. What's more, a new wiper developed in the same style as Shamoon has been discovered targeting a petroleum company in Europe, where wipers used in the Middle East have not previously been seen.
The most common way for threat actors to compromise a network router is to attack it directly. The other and potentially more scalable way is to try and get individual users to unwittingly do it for them.
Security researchers at Kaspersky Lab have discovered a dangerous new Trojan dubbed Switcher that is designed to infect and hijack WiFi routers via compromised Android end user devices.
Planned operations and outpatient appointments have been cancelled at three hospitals in northeastern England after a computer virus infected a health service network, the National Health Service Trust said.
In a post on its website, the Northern Lincolnshire and Goole NHS Foundation Trust called the attack a "major incident" and said it had cancelled all planned operations, outpatient appointments and diagnostic procedures for Wednesday.
The miscreants behind the Nymaim malware dropper have updated their code to include better obfuscation and blacklisting against security software.
Analytics outfit Verint, which discovered the latest version and offers its analysis here, says the new code base targets phishing rather than the drive-by-download approach favoured by the original version of the malware.