Microsoft to use AI to filter game chat

Microsoft to use AI to filter game chat

Microsoft is turning to AI and machine learning to let Xbox gamers filter the language they see in text messages. It is introducing customisable filters that let gamers choose the vocabulary they see in messages from friends and rival players. The four levels of filtering
/
Mozilla to Firefox users: Here's how we're protecting you from code injection attacks

Mozilla to Firefox users: Here’s how we’re protecting you from code injection attacks

Mozilla cleans up Firefox to cut risk of code injection attacks and deter use of a dangerous JavaScript function Firefox-maker Mozilla has detailed its recent efforts to harden the browser against code injection attacks. That hardening work has focused on removing "potentially dangerous artifacts" in
/
wild-wild-west

Domain Shadowing – Wild West Of Internet Cyber Attacks

World Wide Web Labeled Wild Wild West of Internet Cyber Attacks

A new “threat report” labels the World Wide Web (www) the Wild Wild West of cyber warfare stating that the Internet is still “an untamed frontier.”

The report from Bromium Labs, security analysts, that study key trends in the cyber attack landscape and specialize in innovative technologies aimed to defend and counter advanced attacks against computer networks, warns that hackers prey on popular websites and widely used software. Titled Endpoint Exploitation Trends, the report, released this morning, identified key trends for the first half of 2015. Ultimately, it states, while established patterns of attack and defense can still be identified, attackers are increasingly innovative.

pic-secure

Rahul Kashyap, SVP Security & Solutions Engineering, Bromium

It’s been a whirlwind 6 months in terms of threats. One of the big trends we’re witnessing is a huge growth of malvertisements targeting news and entertainment websites, places where people tend to feel safe if anything. CBSNews.com, StarTribune.com and Weather.com were just a few of the sites we saw higher quantities of malvertisements, so recommend consumers be extra vigilent when visiting those sites.

We’re also seeing the continued dark underbelly of bitcoin: it didn’t end with Silk Road. Cybercriminals are using bitcoin as a means to create and proliferate malware without being traced.

Finally, crypto ransomware is on the rise—the appearance of new families has nearly doubled in H1 2015 over the entirety of 2014. Crypto ransomware has become an increasingly lucrative business for attackers the past few years. Reactive technologies such as anti-virus are too late to protect against such infections and are inadequate in most cases. Other newer approaches, such as robust application containers that isolate threats from end users, can provide a defensible layer to prevent both malvertisement and ransomware infections.”

Cyber Criminals Target Popular News and Entertainment Websites

Alarmingly, Bromium Labs researchers found that the most dangerous (for users) websites are those we assume to be the safest, specifically sites that focus on entertainment and news. In fact, more than 50 percent of malvertisements on the web were found by researchers to be hosted (unknowingly) by popular news and entertainment sites.

They also found that Adobe Flash has become an overwhelming target that attackers use to launch digital “drive-by attacks.” One popular attack prompts Mozilla to disable the app in the Firefox browser. But Flash (together with Internet Explorer) is also targeted by a notorious malicious toolkit known as Angler Exploit, posing an especially serious security threat.

The Angler Exploit Kit (EK) is currently regarded as highly sophisticated and dangerous. Cisco has identified a relatively new technique used by cyber attackers to hijack domain registration accounts and create subdomains. Known as domain shadowing,  it takes victims to a web page that is controlled by the attacker via a malicious ad, and then redirects them to subdomains. Blacklisting doesn’t work, and blocking is very difficult. According to the new threat report, all the WWW attacks they have picked up in the past six months are operated by EKs, Angler being the most prevalent.

Current Cyber Attack Trends

dark-shadowing

According to the new threat report, trends cover all elements from new ways to monetize malware to new, effective means of delivering vectors through malvertising. As BitCoin gains traction it is becoming a particularly easy way for cybercriminals to make money, as has Crypto-Ransomware, which demands ransoms from computer users (often via BitCoin) and is an increasing threat to both organizations and individuals.

They identified zero-day exploits and kernel-mode vulnerabilities as the possible “next major window of opportunity” for cyber attackers.

Malvertisements have become very popular with attackers, particularly news (31.7 percent) and entertainment (25.4 percent) sites. They found that of the other websites targeted by malvertising, 12.7 percent were search sites, 7.9 percent were learning sites, and forums, shopping sites, video, and “other” sites each attracted 4.8 percent of this malicious advertising. Only 3.2 percent of social sites were found to be infected by this malware. One of high-profile websites the report names is goodreads.com.

Detection evasion trends show that attackers are continually upgrading their skills, and are able to bypass:

  • Antivirus and Host Intrusion Prevention Systems (HIPS)
  • Honeypots and analysis environments
  • Network filters and Network Intrusion Detection Systems (NIDS)

Key malware trends identified in the report show that:

  • Crypto-Ransomware has increased radically since 2013 when there were only two known ransomware families; now there are nine.
  • Macro attacks are back. Since there are very few “reliable” MS Office vulnerabilities, attackers now resort to an old trick of embedding macro-based malware in MS Office documents. This usually focuses on banking, and is bundled with Dridex Trojan.
  • Windows kernel exploits are gaining attention and becoming more popular when it comes to launching targeted attacks.

In conclusion, the researchers state that while well-worn patterns of both attack and defense can be seen quite clearly, there is still also a lot of “the same old game.”

(Image Source: Shutterstock)

By Penny Swift

Penny Swift Contributor
Penny has been a professional writer since 1984 – Penny has written more than 30 general trade books and eight college books. She has also written countless newspaper and magazine articles for: Skills on Site, Popular Mechanics (SA) and SA Conference, Exhibitions and Events Guide. Penny has a BA in Social Sciences and currently resides in Cape Town, South Africa.
How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove ...
Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Cloud-Enabled Managed Hosting Provider We are all familiar with the old saying “That's like comparing apples to oranges” and though we learned this lesson during ...
The Cloud Debate - Private, Public, Hybrid or Multi Clouds?

The Cloud Debate – Private, Public, Hybrid or Multi Clouds?

The Cloud Debate Now that we've gotten over the hump of whether we should adopt the cloud or not, "which cloud" is now the center ...
Daren Glenister

What’s Next In Cloud And Data Security?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had a huge increase in data ...
Michela Menting

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been ...
It Programs Compressor