DMSniff POS Malware Uses DGA to Stay Active

Infosecurity Magazine | March 15, 2019

DMSniff POS Malware Uses DGA to Stay Active
Researchers have discovered a rare strain of POS malware which uses a domain generation algorithm (DGA) to maintain persistence. Flashpoint’s Jason Reaves and Joshua Platt revealed in a blog post that the DMSniff malware may have been in use undetected for as long as four years, targeting small and mid-sized businesses in the restaurant and entertainment sectors. DGAs are used to evade detection and takedown by creating large numbers of new C&C domains on an ongoing basis. The duo said they have found 11 variants of the DGA in DMSniff, claiming such a feature is unusual in POS malware. It’s also not the only tactic the malware authors have used to protect it from investigators. Another discovered by Reaves and Platt was a simple string encoding routine designed to prevent researchers from understanding the malware’s capabilities.

Spotlight

The specter and cost of the recent high-profile data theft cases has had a chilling effect-and it's just the beginning of a long-term trend. The lure of easy and substantial financial gain, as well as the explosion in the number of threat actors, all but guarantees that this costly trend will continue. Potentially more damaging is loss to company brand and reputation after data is stolen. Don't allow fear to stifle growth and innovation. Fixating on the latest "cool technology" or getting distracted by the latest media-hyped threat equally does little to elevate data security. The "Data Theft Prevention" report examines the holistic approach to protecting critical data from a broader in-scope, more intelligent in application perspective.

Related News

DATA SECURITY

CyberMDX and Alphatron Medical to Partner for Improving Data Security in Healthcare Sector Worlwide

CyberMDX | June 29, 2021

CyberMDX, a leading healthcare cybersecurity provider, works in delivering visibility and threat prevention for clinical networks and medical devices, and Alphatron Medical, has announced its partnership to support manage risks in cybersecurity and protect the workflow of data for customers of Alphatron Medical. Due to the augmented digitization of hospitals, Alphatron Medical offers data workflows, various IT solutions, and medical workwear, enabling professionals in healthcare to work comfortably and smoothly throughout the entire process of care. The company's integrated approach helps healthcare delivery organizations (HDOs) manage progressively complex healthcare IT environments of today. As it serves hospitals in the Netherlands, Belgium, and Germany, the solutions of Alphatron help maximize their customers’ IT systems and enable healthcare providers to concentrate more on caring for patients. Electronic personal health information (ePHI) value has dramatically increased cyber-attacks against healthcare organizations. As a result, it has underlined the criticality of cybersecurity as a constituent of any healthcare administration's IT strategy. The corporation will help progress the superiority of security for Alphatron's customers, using CyberMDX's Healthcare Security Suite to confirm the data security of Alphatron's data management solutions. CyberMDX's solution offers endpoint perceptibility, network threat deterrence, and functioning analytics to any linked medical, IT, or IoT devices. About CyberMDX CyberMDX, an IoT security leader, is dedicated to ensuring the quality of providing healthcare worldwide. CyberMDX offers cloud-based cybersecurity solutions that assist the progression of The IoT. The CyberMDX solution recognizes endpoints and judges susceptibilities to notice, respond to, and stop cyber occurrences. Deployed worldwide, CyberMDX is designed to integrate with our customers' existing environments through its easy-to-deploy, scalable, and agentless solution.

Read More

Leveraging Greater Social Engagement for Improved Cyber Hygiene

Cisco | May 19, 2020

Social Cybersecurity is a new and emerging concept and paradigm that basically involves how better cybersecurity behaviors can be inclined positively using social influence. Practicing proper cyber hygiene in order to protect themselves and others, from the ill effects of cybercrime or cybersecurity issues. There exist any number of tasks and approaches that can be undertaken to protect our computer systems from cybersecurity risks. You don’t have to look too far around to find someone who may not be practicing proper cyber hygiene in order to protect themselves and others, from the ill effects of cybercrime or cybersecurity issues. For example, despite the fact that we may be aware that using the same user ID or email account and password, for different cloud services, is considered risky behavior, and could result in a potential account hack or data breach, yet we do not change this behavior. How often do you share your best practices for securing your devices, cloud service applications, mobile applications and home networking equipment for connecting to the Internet with those around you in a social situation or manner? Do you recommend the use of available security settings to those around you in your social circles? Do you show them how to quickly implement the security settings? In this article we discuss some ways for improving cyber hygiene. Social Cybersecurity is a new and emerging concept and paradigm that basically involves how better cybersecurity behaviors can be inclined positively using social influence. It’s worth to keep an eye out for the research going on regarding social cybersecurity, because it may have some answers to getting people and companies to better protect themselves. Learn more: CORONAVIRUS-THEMED CYBERATTACKS ON BUSINESSES RISE, EXPERTS RECOMMEND BEEFING UP NETWORK SECURITY “Even if this approach has a small positive effect on improving cyber hygiene, it is worth it, because something must change if we are going to help individuals better protects themselves.” ~ Stan Mierzwa, Director Even if this approach has a small positive effect on improving cyber hygiene, it is worth it, because something must change if we are going to help individuals better protects themselves. There exist any number of tasks and approaches that can be undertaken to protect our computer systems from cybersecurity risks. This ranges from ensuring you install and keep your anti-virus or endpoint protection system up to date, apply software security updates, encrypt sensitive data, backup our important data, and this list can continue to grow. “Social Cybersecurity brings a dimension with consideration for the individual, not the computer, and how with social psychology, usable and powerful social forces, such as social norms, can have outsized influences on people’s behaviors and perceptions of risk.” Social Cybersecurity brings a dimension with consideration for the individual, not the computer, and how with social psychology, usable and powerful social forces, such as social norms, can have outsized influences on people’s behaviors and perceptions of risk. The Human-Computer Interaction Institute at Carnegie Mellon University and other researchers are bringing focus to this new scientific area of cybersecurity. As their website (www.socialcybersecurity.org) mentions, this group is leveraging insights from social psychology and other fields to develop novel interventions and strategies for nudging adoption of expert-recommended tools and practices. Can we leverage social interactions or the influence of social situations to enhance our cyber hygiene or help thwart cyber threats? The research results from interviews done provided a theme that the observability of security feature usage was a key enabler of socially triggered behavior change and conversation – in encouraging the spread of positive behaviors, discouraging negative behaviors, and getting participants in the study to talk about security. The work presented is innovative and brings encouragement and opportunities in how systems can be designed to encourage better cybersecurity behaviors. One can also think of Social Cybersecurity in contrast and comparison to the criminological theory called “Social Learning Theory”. In Social Learning theory, delinquents are likely to engage in deviant or criminal behavior when those actions have been positively reinforced. Learn more: PHISHING ATTACKS DISGUISED AS FAKE CERT ERRORS ON CISCO WEBEX USED TO STEAL USER CREDENTIALS

Read More

DATA SECURITY

Malicious actors in the hospitality industry reserving their cyber attacks

tripwire | January 31, 2021

Digital assaults that lead to information penetrates are getting progressively basic in all ventures, yet there are particular kinds of organizations that are more helpless than others. The cordiality business specifically is perhaps the most probable enterprises to be focused by cybercriminals notwithstanding retail and account. It just bodes well that the movement business would be a particularly tempting objective for malevolent entertainers. All things considered, what number of businesses do you are aware of that save duplicates of full lawful names for reservations, relate with their clients by means of email for affirmations and store Mastercard data for quite a long time or even a very long time ahead of time before a forthcoming stay? Add this to the way that cybercrime has risen definitely since the pandemic hit. It's not difficult to perceive any reason why; 78% of network safety experts at organizations have been taking extra protects this year. In this article, we will talk about the huge danger confronting travel organizations today and stress the significance of utilizing advancements that eliminate hazards and secure put away delicate information. We'll additionally address how travel organizations can deal with fix their digital protection conventions and guarantee clients that their data is protected.

Read More

Spotlight

The specter and cost of the recent high-profile data theft cases has had a chilling effect-and it's just the beginning of a long-term trend. The lure of easy and substantial financial gain, as well as the explosion in the number of threat actors, all but guarantees that this costly trend will continue. Potentially more damaging is loss to company brand and reputation after data is stolen. Don't allow fear to stifle growth and innovation. Fixating on the latest "cool technology" or getting distracted by the latest media-hyped threat equally does little to elevate data security. The "Data Theft Prevention" report examines the holistic approach to protecting critical data from a broader in-scope, more intelligent in application perspective.