protect computer | Breaking Cybersecurity News | The Hacker News

This week Corey and Marty over at FixMeStick shared the specs of their recently released FixMeStick PRO with me. This Pro is the best remote malware remediation product we've seen. It retails for $299.99 per year, or $209.99 for the first 50 'The Hacker News' readers ( use coupon code  'THNFIX ' for 30% Discount ), and can be used an unlimited number of times on an unlimited number of PCs per year. The price is per year because the FixMeStick contains three anti-virus engines licensed from three anti-virus companies keeping three malware definition databases up to date etc... Finds: Three anti-virus engines working together to find the widest range of infections. Removes: 'Computer on a stick' architecture provides a separate and clean operating system to fix Windows operating systems. Delivers: Highest confidence remediation. Remote Access: Remote access independent of the host operating system, i.e. out-of-band remote management, like a remote access...

I have recently found an interesting post of Niranjan Jayanand, a researcher of McAfee and members of Facebook team and customer escalation team. The experts announced that his team has recently detected a Trojan that is able to steal every king of image files form a Windows PC, including a memory dump of the victim machine (.dmp files), and upload them to an FTP server. The activities observed are much suspected, they portend that there is an ongoing attack for cyber espionage or a massive information theft operation by  cyber crime  . This could be just a first stages of the attacks in which information are collected for further and complex initiatives. The stolen image files could be used for blackmailing the victims and demanding a ransom , it's nor first time, let's reminds what happened some months ago when nude pictures of celebrities were stolen. This is not the unique use that I could suppose, images could be also used for other purposes, they could be ...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...

Folks from abuse.ch spotted an interesting piece of ransomware malware currently circulating in the wild. Current release is infecting Windows users. It seems that Cybercrooks are taking advantage of Anonymous Banner, for conducting such malware campaigns and supposed to be another game by opposite parties for discredit/Infamous the name of Anonymous in the eyes of the world. Before twitter user @FawkesSecurity posted a threat to bomb a government building by Anonymous. But later, collective group clear themself by statement, " Anonymous is not a terrorist organization. Anonymous does not use bombs. Anonymous does not condone violence in any way. Anonymous supports justice and universal equal rights. We support peaceful protest ." Ransomware malware restricts access to the computer system that it infects and demands a ransom paid to the creator of the malware in order for the restriction to be removed. Message read " Your computer has been hacked by the Ano...

A high degree of stealthiness over a prolonged duration of operation in order to do a successful cyber attack can be defined as Advanced Persistent Threat. The attack objectives therefore typically extend beyond immediate financial gain, and compromised systems continue to be of service even after key systems have been breached and initial goals reached. Today's successful targeted attacks use a combination of social engineering, malware, and backdoor activities. Nart Villeneuve and James Bennett (Senior Threat Researcher) from Trend Mirco provide an  ultimate guide for Detecting (APT) Advanced Persistent Threat activities with Network Traffic Analysis , that can be used to identify malware command-and control (C&C) communications related to these attacks, illustrating how even the most high-profile and successful attacks of the past few years could have been discovered. Paper cover Detecting Remote Access Trojans like The GhostNet,...

Italian security Researchers Luigi Auriemma and Donato Ferrante from ' ReVuln ' reported the flaw in Steam Browser Protocol. Stream the popular online distribution platform with 54 million users. The flaw allow the attacker to write arbitrary text to file and direct victims to external payloads and even the computer can take over. The popular gaming platform uses the steam:// URL protocol in order to run, install and uninstall games, backup files, connect to servers and reach various sections dedicated to customers. It is possible to Safari, Maxthon and Firefox and other browsers based on the Mozilla engine, this quietly Steam URLs to invoke. In report they said that browsers including Firefox and software clients including RealPlayer would execute the external URL handler without warnings and were "a perfect vector to perform silent Steam browser protocol calls". The researchers demonstrated how users on the massive Source game engine, which hosts games...