Gotham Security Daily Threat Alerts

By Nancy Rand
Posted in Security
On August 26, 2015

August 25, Securityweek – (International) Tor increasingly used by malicious actors: IBM. IBM Security released findings from its third quarter X-Force Threat Intelligence report revealing that The Onion Router (Tor) network has been used increasingly by cybercriminals for malicious purposes, with about 180,000 malicious events originating from Tor U.S. exit nodes since May. Researchers found that most Tor-based attacks have been Structured Query Language (SQL) injections and primarily targeted the information and communications industries, among other findings. Source

August 24, Securityweek – (International) Dyre trojan uses semi- random file names to evade detection. Security researchers at IBM discovered that the developers of the Dyre banking trojan modified the malware’s persistence mechanism by making its execution a Microsoft Windows scheduled task, and assigned semi-random filenames to the trojan’s configuration files to evade detection. Source

August 24, Threatpost – (International) AlienSpy RAT resurfaces as Jsocket. Security researchers discovered that the AlienSpy remote access trojan (RAT) malware was renamed and repackaged as Jsocket, and has been involved in phishing campaigns against targets in utilities, government, telecommunications, and other industries. Source

Nancy Rand

Nancy Rand

Nancy has more than 20 years’ experience in information technology and security, solving business issues and implementing best-practice solutions that support organizational objectives. Her expertise includes leveraging, optimizing, and implementing diverse technology platforms, and management of large-scale technology projects.