Podcasts about necurs

According to a Microsoft research, a new type of domain name is ripe for fraudsters to abuse. Microsoft's new Digital Defence Report features a rogue's gallery of cyberthreats such as phishing, ransomware, and supply-chain intrusions. However, it introduces a new foe to the mix: blockchain domains. In Microsoft's latest annual security report, domain names inscribed into a distributed ledger maintained across a constellation of machines rather than housed in a traditional, centralised registry are referred to as "the next major threat." When domain names are stored on a blockchain, they can be difficult to shut down or to trace to their owners. It also renders them unavailable without the use of specialised software or configuration. "In recent years, we have observed blockchain domains incorporated into cybercriminal infrastructure and activities," the paper states, referring to Microsoft's experience dismantling a botnet known as Necurs last spring. That botnet employed a domain-generating algorithm to generate new hosts in bulk, including under the.bit blockchain top-level domain, rendering them unpoliced in the same way that a.com or other standards-compliant domain would be. Because of the possibility of abuse, a group called OpenNIC, which advocates alternatives to the existing domain-name system, voted in 2019 to prohibit the.bit domain, fearing that the organisation would be "directly responsible for the birth of a whole new kind of malware." "This trend of dangers employing blockchain domains as infrastructure with the means to establish an undeniable criminal network should be taken carefully," adds Microsoft's research. CAN'T GET THEM TO STOP Meanwhile, among supporters of a decentralised internet, there is a popular answer to the criticism that blockchain names cannot be removed: That's exactly right. According to the sales pitch on the webpage of one blockchain-domain registrar, Unstoppable Domains, "Unlike traditional domains, Unstoppable Domains are totally owned and controlled by the user with zero renewal costs ever (you buy it once, you own it for life! It lists one-time registration rates ranging from $20 to $100 for blockchain top-level domains like as.crypto,.wallet,.coin,.888, and.x, but costs can skyrocket for shorter, more memorable domains. Potomacriver.x, for example, would cost $100, whereas potomac.x would cost $7,500. Unstoppable Domains CEO Matthew Gould responded via email, dismissing the notion that his San Francisco-based company is an irresponsible actor. He mentioned the company's trademark-compliance regulations (it wouldn't let me start registration fastcompany.x because it said it was "protected") and applicant-screening procedures. "We have also prevented the registration of domains associated with known pirating software or other types of IP theft and fraud," he wrote, adding that Unstoppable can even take back a domain if registrants park it with its custody service rather than transferring it to their own cryptocurrency wallet—the former being an easier route that roughly 75% of registrants take today. Gould also argued that blockchain domains would improve trust in cryptocurrency transactions rather than decrease it. "Anonymous people like to generate new addresses every time since it is great practise," he wrote. "Domains establish a single memorable non-changing endpoint, which reduces the anonymity of cryptocurrency payments." Microsoft refused to comment further on the report's conclusions. REQUIRES A SPECIAL BROWSER While blockchain domains have been exploited for malware, Sean Gallagher, senior security researcher at Sophos, stated in an email that their need for bespoke routing rendered them an ineffective option for such assaults, because malware can't spread via standard web browsers that don't support the domains. He also pointed out that blockchain domains provide less privacy than Tor, the cloaked routing method used to avoid many censorship regimes: "They don't provide anonymity for the destination." The simplest method to navigate to a blockchain domain, such as brad.crypto—Unstoppable Domains cofounder Bradley Kam's online space—is to utilise one of the few browsers that already support that namespace, such as the Chrome-based, privacy-optimised Brave. Enter brad.crypto into Brave's URL bar, click to accept the blockchain routing, and you should view Kam's gallery of non-fungible token (NFT) artwork. Kevin Werbach, a professor at the University of Pennsylvania's Wharton School, said he doubted browser support for blockchain domains would spread anytime soon, despite the fact that he'd recently registered kwerb.eth (that suffix references another blockchain domain system, the Ethereum Name Service). "Google, Apple, and Microsoft aren't going to provide native support unless they're confident that those concerns will be addressed," he wrote. As a result, adoption will be contingent on people's willingness to switch browsers, instal browser extensions, or custom-configure DNS settings—the latter two practises being the types of fiddling that malware occasionally exploits. "DNS has security flaws that are partly related to its centralised structure," Werbach explained, "but putting domain names on a blockchain introduces a new set of security issues." "I don't believe we know enough about the size of the relative dangers to make categorical claims." The current frothiness of cryptocurrency and blockchain mania is cause for concern. Mike Masnick, founder of the Techdirt tech-policy blog and proponent of a more decentralised social internet, praised the potential for blockchain domains to "create both a different kind of incentive structure and one in which users may retain more control over their own information." However, he went on to say that the blockchain space today is "almost entirely populated by mercenary folks looking for profit, which has some useful elements—in terms of bringing in funding and incentivising certain behaviours—but also has the real potential for prioritising pure profit over societal benefit." Masnick didn't draw any comparisons between his work and today's commercial social media. However, why should he?   Support us!

A years-long investigation and global cooperation disrupted one of the biggest botnets ever.

We’ve said it before, but it pays to know the cyber threats you face on a day-to-day basis. What you’re likely to encounter. So you can take action to protect yourself, your network, and of course, your bottom line.On Episode 15, we talk with SonicWall’s Brook Chelmo about the security company’s 2020 Cyber Threat Report (https://www.sonicwall.com/2020-cyber-threat-report/). The report compiles information about the latest criminal advances and security advances. We go over the highlights (or lowlights depending on your perspective) including a trend to more targeted attacks in both ransomware and phishing. And the move toward perimeter-less security. We summarized the report on a recent blog post (https://www.firewalls.com/blog/a-wireless-world-ping-podcast/). As a bonus, we also get an update from Brook about his conversations with the Hildacrypt ransomware cell, which we first spotlighted on Episode 8.Learn more about everything network security on our Firewalls.com Blog. And you can learn more about the Professional Services offered by our Certified Experts: https://www.firewalls.com/professional-services.html or by calling 866-403-5305.Our cyber security headlines discussed on the episode include:DoppelPaymer ransomware used to steal data from supplier to SpaceX, Teslahttps://threatpost.com/doppelpaymer-ransomware-used-to-steal-data-from-supplier-to-spacex-tesla/153393/ Microsoft takes down Necurs botnethttps://www.forbes.com/sites/zakdoffman/2020/03/10/microsoft-confirms-takedown-of-worlds-most-prolific-malware-millions-of-victims-globally/#a9f1dd1b9f2b Gender Equality in Cybersecurity Could Drive Economic Boosthttps://www.darkreading.com/risk/gender-equality-in-cybersecurity-could-drive-economic-boost-/d/d-id/1337290Cybersecurity’s Diversity Problem Puts Us All At Riskhttps://www.fastcompany.com/90475976/cybersecuritys-diversity-problem-puts-us-all-at-risk While our Engineer’s Minute took an episode off, you’re welcome to submit a question for a future edition, suggest an episode topic, or offer any other feedback you may have to podcast@firewalls.com. Remember, new episodes are released every other Wednesday, so subscribe/follow to ensure you get the latest first - and please rate and review.Thanks for listening!

Hallo meine Digitalkrieger und Analogmäuse, lange ist es her seitdem es die letzte Folge gab. In dieser Folge gibt es Erklärungen, auch ein paar aktuelle Themen, ich bin wieder da, zurück und künftig wieder fleißig(er). Viel Spaß mit der Folge und jetzt schon wieder Gruß an die Community und DANKE das ihr mir soooo fleißig folgt.

Dallas is packing up the podcast… don’t fret. The team is just moving offices. RIP (rest in podcast). The team also packs a ton of news updates in this week. (Yeah, we went there). Here’s this week’s highlights: - Necurs Botnet Indictment - TA505 - SMB Vulnerability: Cve 2020 0796 - Coronavirus Scams, Fraud, and Misinformation - New cybercrime findings from the team on Envoy and Kilos Rounding up this week, we have some Pi Day history (and jokes of course!). Thanks for listening. Check out this week’s intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary. ***Resources From this Week*** Coronavirus Scams, Fraud, and Misinformation Findings: https://www.digitalshadows.com/blog-and-research/how-cybercriminals-are-taking-advantage-of-covid-19-scams-fraud-misinformation/ Envoy Addressing Suicide Awareness: https://www.digitalshadows.com/blog-and-research/how-one-cybercriminal-forum-is-helping-to-address-suicide-awareness-envoy/ Kilos Dark Web Search Engine: https://www.digitalshadows.com/blog-and-research/dark-web-search-engine-kilos/

Nous sommes le 12 mars 2020 et voici notre 249ème épisode hebdomadaire. On y parle de deepfakes, d’un FireFox anti-Facebook, du démantèlement de l’un des botnets les plus puissants au monde, d’hackers se faisant hacker. On parlera de sexisme, d’Arnold Schwarzenegger et de trottinettes mais pas dans le même sujet. N’hésitez pas à commenter et ... Lire la suite #249: Deepfake, FireFox 74, Necurs démantelé, anti sexisme en extension,… L’épisode #249: Deepfake, FireFox 74, Necurs démantelé, anti sexisme en extension,… et les sources des sujets sont disponible sur Les Technos.

Nous sommes le 12 mars 2020 et voici notre 249ème épisode hebdomadaire. On y parle de deepfakes, d’un FireFox anti-Facebook, du démantèlement de l’un des botnets les plus puissants au monde, d’hackers se faisant hacker. On parlera de sexisme, d’Arnold Schwarzenegger et de trottinettes mais pas dans le même sujet. N’hésitez pas à commenter et à partager cet épisode dans vos réseaux. Merci de nous accueillir. Bonne écoute ! A comme AMD (00:02:41) Une petite faille processeur, chez AMD ce coup-ci! (mais aussi Intel). (source, source, source) B comme Botnet (00:13:55) Microsoft démantèle un réseau de botnet. (source) D comme Datas (00:20:12) Le tape revient au goût du jour, je vous jure! (source) D comme Deepfake (00:24:52) Les deepfakes encore plus crédibles. (source, source) F comme Firefox (00:31:12) Firefox 74 débarque avec une protection "anti Facebook". (source) M comme Mobilité (00:38:02) Bird veut ajouter une fonctionnalité à ses trottinettes . (source, source, source) S comme Sécurité (00:43:23) Quand des hackers s'en prennent à d'autres. (source) S comme Sexisme (00:47:15) Mozilla lance une extension anti sexisme assez drôle. (source) W comme Wéménon (00:49:59) Arnold Schwarzenegger n'est pas content. (source)

Nous sommes le 12 mars 2020 et voici notre 249ème épisode hebdomadaire. On y parle de deepfakes, d’un FireFox anti-Facebook, du démantèlement de l’un des botnets les plus puissants au monde, d’hackers se faisant hacker. On parlera de sexisme, d’Arnold Schwarzenegger et de trottinettes mais pas dans le même sujet. N’hésitez pas à commenter et à partager cet épisode dans vos réseaux. Merci de nous accueillir. Bonne écoute ! A comme AMD (00:02:41) Une petite faille processeur, chez AMD ce coup-ci! (mais aussi Intel). (source, source, source)B comme Botnet (00:13:55)Microsoft démantèle un réseau de botnet. (source)D comme Datas (00:20:12)Le tape revient au goût du jour, je vous jure! (source)D comme Deepfake (00:24:52)Les deepfakes encore plus crédibles. (source, source)F comme Firefox (00:31:12)Firefox 74 débarque avec une protection « anti Facebook ». (source)M comme Mobilité (00:38:02)Bird veut ajouter une fonctionnalité à ses trottinettes . (source, source, source)S comme Sécurité (00:43:23)Quand des hackers s’en prennent à d’autres. (source)S comme Sexisme (00:47:15)Mozilla lance une extension anti sexisme assez drôle. (source)W comme Wéménon (00:49:59)Arnold Schwarzenegger n’est pas content. (source)

Nous sommes le 12 mars 2020 et voici notre 249ème épisode hebdomadaire. On y parle de deepfakes, d’un FireFox anti-Facebook, du démantèlement de l’un des botnets les plus puissants au monde, d’hackers se faisant hacker. On parlera de sexisme, d’Arnold Schwarzenegger et de trottinettes mais pas dans le même sujet. N’hésitez pas à commenter et à partager cet épisode dans vos réseaux. Merci de nous accueillir. Bonne écoute !A comme AMD (00:02:41)Une petite faille processeur, chez AMD ce coup-ci! (mais aussi Intel). (source, source, source)B comme Botnet (00:13:55)Microsoft démantèle un réseau de botnet. (source)D comme Datas (00:20:12)Le tape revient au goût du jour, je vous jure! (source)D comme Deepfake (00:24:52)Les deepfakes encore plus crédibles. (source, source)F comme Firefox (00:31:12)Firefox 74 débarque avec une protection « anti Facebook ». (source)M comme Mobilité (00:38:02)Bird veut ajouter une fonctionnalité à ses trottinettes . (source, source, source)S comme Sécurité (00:43:23)Quand des hackers s’en prennent à d’autres. (source)S comme Sexisme (00:47:15)Mozilla lance une extension anti sexisme assez drôle. (source)W comme Wéménon (00:49:59)Arnold Schwarzenegger n’est pas content. (source)L’épisode #249: Deepfake, FireFox 74, Necurs démantelé, anti sexisme en extension,… et les sources des sujets sont disponible sur Les Technos.

Nous sommes le 12 mars 2020 et voici notre 249ème épisode hebdomadaire. On y parle de deepfakes, d'un FireFox anti-Facebook, du démantèlement de l'un des botnets les plus puissants au monde, d'hackers se faisant hacker. On parlera de sexisme, d'Arnold Schwarzenegger et de trottinettes mais pas dans le même sujet. N'hésitez pas à commenter et à partager cet épisode dans vos réseaux. Merci de nous accueillir. Bonne écoute !A comme AMD (00:02:41)Une petite faille processeur, chez AMD ce coup-ci! (mais aussi Intel). (source, source, source)B comme Botnet (00:13:55)Microsoft démantèle un réseau de botnet. (source)D comme Datas (00:20:12)Le tape revient au goût du jour, je vous jure! (source)D comme Deepfake (00:24:52)Les deepfakes encore plus crédibles. (source, source)F comme Firefox (00:31:12)Firefox 74 débarque avec une protection « anti Facebook ». (source)M comme Mobilité (00:38:02)Bird veut ajouter une fonctionnalité à ses trottinettes . (source, source, source)S comme Sécurité (00:43:23)Quand des hackers s'en prennent à d'autres. (source)S comme Sexisme (00:47:15)Mozilla lance une extension anti sexisme assez drôle. (source)W comme Wéménon (00:49:59)Arnold Schwarzenegger n'est pas content. (source) Voir Acast.com/privacy pour les informations sur la vie privée et l'opt-out.

Cyber: Phishing campaign reveals new Marap downloader malware, possibly distributed by Necurs botnet https://thehackernews.com/2018/09/ransomware-coinmining-botnet.html https://www.engadget.com/2018/09/19/california-connected-devices-security-law-cybersecurity/ Crypto: https://www.coindesk.com/us-banking-giant-pnc-becomes-latest-to-adopt-ripples-xcurrent/ https://www.coindesk.com/new-york-ags-office-takes-aim-at-crypto-exchanges-in-new-report/ Follow me on Twitter: @eenglish34 https://itunes.apple.com/us/podcast/cyber-security-cryptocurrency-podcast-with-eric-english/id1414720078?mt=2#

In today's podcast, we hear that an evolved DarkHotel campaign is under way. A new malware dropper is out and about thanks to the Necurs botnet. Researchers demonstrate proof-of-concept exploits. Cyber espionage follows trade. Notes on election meddling. Google and Facebook encounter some regulatory and legal headwinds over data collection. Connected cars know a lot about their drivers, and there's money in those data. Robert M. Lee from Dragos on the notion of cyber attacks as a distraction.  For links to all today's stories, check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_20.html

In today's podcast we run through a brief guide to election risks, and the difference between hacking and influence operations. An Alaskan trade mission prompts a wave of Chinese industrial espionage. Misconfigured project management pages may have exposed Canadian and British Government information. Necurs flared up in a short-lived spam campaign against banks this week. Crooks use bogus Fortnite download pages. Final briefs are submitted in Kaspersky's court challenge to its US ban. Emily Wilson from Terbium Labs on her experience getting certified as a fraud examiner. Guest is Marco Rubin from the Center for Innovative Technology, on the security of UAVs and drones.  For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_17.html

In today's podcast, we hear about the long-expected US Executive Order, with commentary from Politico's Eric Geller. It was signed yesterday, and gives prominence to the NIST Framework, DHS,and OMB. Eternal Blue is used to spread WannaCry ransomware, and the UK's NHS is hard hit. Fancy Bear prances in NATO costume. US Intelligence Community leaders warn the Senate that the Russian cyber threat is large, growing, and not going away. The University of Maryland's Jonathan Katz explains some potential browser protocol vulnerabilities. And spamming celebrates its thirty-ninth birthday—no happy returns for you, spammers.

Craig, Nigel, Joel and Mitch discuss spam resurgence via Necurs waking up, vuln dev in niche spaces, Crypt010cker, and hacking video games as a gateway drug for researchers.

In today's podcast, we hear that laptop flight restrictions spread as security services continue to grapple with ISIS inspiration operations. The Necurs botnet returns, but now it's swapped pump-and-dump scams with penny stocks for its usual ransomware payloads. MajikPOS is active in the North American wild. Joe Carrigan from the Johns Hopkins University Information Security Institute reviews lessons learned from the Cloudbleed event. Philip Susmann describes Norwich University's DECIDE cyber simulation platform. And the Bangladesh Bank hack looks like it may have been a North Korean job. 

In today's podcast, we hear that yesterday's Internet outages were due to errors in Amazon's S3 servers. Dridex has evolved to become more evasive. The Necurs botnet acquires a DDoS capability. Web cache deception attack technique is described. Austrian authorities think they have a suspect in the attempted cyberattack on Vienna's airport. Palo Alto buys LightCyber. Companies continue to grapple with GDPR compliance. Uncertainty about US policy direction expected to drive an increase in foreign cyber espionage. The University of Maryland's Jonathan Katz reviews encryption types. Jon Gross from Cylance explains Snake Wine. Congress thinks about casus belli in cyberspace. And in the IoT, people are worried about everything from Terminators to Teddy bears.

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : Todo (00:01:30) { "options": { "theme": "default" }, "extensions": { "ChapterMarks": { "disabled": false }, "EpisodeInfo": {}, "Playlist": { "disabled": true }, "Transcript": { "disabled": true } }, "