minute read
Share this article:
A new variant of the Gafgyt botnet – that’s actively targeting vulnerable D-Link and Internet of Things devices – is the first variant of the malware to rely on Tor communications, researchers say.
Researchers have discovered what they say is the first variant of the Gafgyt botnet family to cloak its activity using the Tor network.
Gafgyt, a botnet that was uncovered in 2014, has become infamous for launching large-scale distributed denial-of-service (DDoS) attacks. Researchers first discovered activity from the newest variant, which they call Gafgyt tor, on Feb. 15.
In order to evade detection, Gafgyt tor uses Tor to hide its command-and-control (C2) communications, and encrypts sensitive strings in the samples. The use of Tor by malware families is nothing new; however, researchers said they haven’t seen Gafgyt leveraging the anonymity network until now.
The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers.
A communications and IT vendor for 90 percent of the world’s airlines, SITA, has been breached, compromising passenger data stored on the company’s U.S. servers in what the company is calling a “highly sophisticated attack.”
The affected servers are in Atlanta, and belong to the SITA Passenger Service System (SITA PSS), company spokeswoman Edna Ayme-Yahil told Threatpost. SITA PSS operates the systems for processing airline passenger data and belongs to a group of SITA companies, headquartered in the E.U.
Malaysia Air and Singapore Airlines have already made headlines in recent days after alerting their customers they’ve been compromised as part of the attack.
EFF worries that the Google’s ‘privacy-first” vision for the future may pose new privacy risks.
This month Google begins a public test of a technology it says will eventually replace browser cookies in an effort to boost Chrome browser user privacy. However, critics say the switch is a half-measure and does not protect the web movements of Chrome users adequately.
The Google solution–called Federated Learning of Cohorts (FLoC) is promoted as a way to put people’s privacy first by limiting the capability of third parties to track their activity across the web using Cookies.
How Does Federated Learning of Cohorts Protect Privacy?
minute read
Share this article:
Cybercriminals are using the COVID-19 vaccine to steal Microsoft credentials, infect systems with malware and bilk victims out of hundreds of dollars.
As Moderna, Pfizer and Johnson & Johnson roll out COVID-19 vaccines cybercriminals are preying on the those hungry to get in line for immunization.
Between October and January the average number of COVID-19 vaccine-related spear-phishing attacks grew 26 percent, said Barracuda Networks researchers. At the same time, researchers with Check Point say they have found at least 294 potentially dangerous vaccine-related domains over the last four months.
The types of cybercriminal activity varies, from sending malicious emails that purport to be from the Centers for Disease Control and Prevention (CDC), to posting advertisements on underground forums touting vaccine doses for sale. But with the vaccines being rolled out on a widespread basis, these new reports show attackers ramping up their