Actionable, Page 2

Coordinating Incident Response at Internet Scale (CARIS)

Coordinating incident response at Internet scale as a concept sounds fabulous, but can we achieve it? What will it take? For those working in incident response and information sharing efforts, we know there is much to be done. While there is a lot of good work progressing this area of information security, there are still very few…

Understanding & Detecting Backoff POS Malware

Point of Sale (POS) malware has had its share of headlines this year. Now with the holiday shopping season underway POS systems will certainly be an enticing target for hackers to explore due to the payoff of thousands of fresh credit card numbers that will be run through these devices. “Backoff” is part of a…

RSA Uncovers Boleto Fraud Ring in Brazil

With the 2014 World Cup in full swing, all eyes have been on Brazil since the middle of June. As the world watches their favorite national teams battle on the pitch, IT security professionals at a number of Brazil’s banks are being challenged in a separate battle of their own with cybercriminals. Through a coordinated…

iBanking Mobile Bot Raising Its Shields

In the cyber-underground, one can never be too careful.  Between researchers and law enforcement, cybercriminals are always wary of being shut-down or worse, caught and prosecuted.  The developers of the iBanking Trojan—a malicious mobile app targeting Android devices— are no exception.  Following in the footsteps of its older PC-based brothers that—looking to stay ahead in the…

What You need to Know About Heartbleed

The world has been talking about a new security buzzword and that buzzword is “HeartBleed”.  What is Heartbleed? Heartbleed is the nickname given to the vulnerability known as CVE-2014-0160, which is a flaw in the TLS/DTLS heartbeat extension implementation in certain versions of OpenSSL.  In plain English, this vulnerability allows an attacker to use a…

RSA Uncovers New POS Malware Operation Stealing Payment Card & Personal Information

By Yotam Gottesman, Senior Security Researcher, RSA FirstWatch team In a recent investigation, RSA researchers uncovered the server infrastructure used in a global Point-of-Sale (PoS) malware operation responsible for the electronic theft of payment card and personal data from several dozen retailers, mostly based in the U.S. Infection activity has also been detected in 10…

New Trojan #INTH3WILD: Is Cybercrime Ready to Crown a New “KINS”?

Was that a typo? What is a “KINS”? Well, it appears that KINS is the name of a new professional-grade banking Trojan that is very likely taking its first steps in the cybercrime underground and could be poised to infect new victims as quickly and effectively as its Zeus, SpyEye and Citadel predecessors. Some Cybercrime…

New Commercial Trojan #INTH3WILD: Meet Beta Bot

By Limor S. Kessem, Cybercrime and Online Fraud Communications Specialist, RSA It appears that a much anticipated event has finally transpired in the cybercrime arena, with the release and active sale of a new commercially-available Trojan family that has begun around January this year, circulating under the name Beta Bot. RSA researchers have recently come…