August 25, Securityweek – (International) Tor increasingly used by malicious actors: IBM. IBM Security released findings from its third quarter X-Force Threat Intelligence report revealing that The Onion Router (Tor) network has been used increasingly by cybercriminals for malicious purposes, with about 180,000 malicious events originating from Tor U.S. exit nodes since May. Researchers found that most Tor-based attacks have been Structured Query Language (SQL) injections and primarily targeted the information and communications industries, among other findings. Source
August 24, Securityweek – (International) Dyre trojan uses semi- random file names to evade detection. Security researchers at IBM discovered that the developers of the Dyre banking trojan modified the malware’s persistence mechanism by making its execution a Microsoft Windows scheduled task, and assigned semi-random filenames to the trojan’s configuration files to evade detection. Source
August 24, Threatpost – (International) AlienSpy RAT resurfaces as Jsocket. Security researchers discovered that the AlienSpy remote access trojan (RAT) malware was renamed and repackaged as Jsocket, and has been involved in phishing campaigns against targets in utilities, government, telecommunications, and other industries. Source