U.S. Cyber Command’s Malware Inoculation: Linking Offense and Defense in Cyberspace | Council on Foreign Relations

In effect, some have interpreted “defend forward” to mean “the best defense is a good offense.” This misinterpretation, however, misses both the inextricable links between offense and defense, as well as distinctions between strategic and operational levels of analysis. The … Continue reading

Official Monero website is hacked to deliver currency-stealing malware | Ars Technica

The official site for the Monero digital coin was hacked to deliver currency-stealing malware to users who were downloading wallet software, officials with GetMonero.org said on Tuesday. The supply-chain attack came to light on Monday when a site user reported … Continue reading

Lockheed Martin launches cybersecurity strategy to safeguard weapons systems from malware attacks | Military & Aerospace Electronics

Pooling best practices from across the company’s weapons programs, the effort includes a growing database with hundreds of requirements and metrics for assessing them, a step-by-step how-to guide for Lockheed cyber staff, and a trademarked Cyber Resiliency Level framework to … Continue reading

U.S. Cyber Command shares malware samples to help thwart bad actors in cyber security

That’s why U.S. Cyber Command has been embracing collaboration with political allies and members of the cyber security community. In a brief media release, Cyber Command officials say they plan to share unclassified malware samples that will have the greatest … Continue reading

First Malware to Attack Industrial Control Safety Systems | EE Times

Less than two months after October’s U.S. Department of Homeland Security/FBI joint technical alert confirmed cyberattacks against industrial control systems, a new type of malware targeting industrial processes struck an unnamed critical infrastructure facility. The TRITON/TRISIS/HatMan malware is the first … Continue reading

This Tricky Malware Has Been Lying in Wait | Nextgov

The malware code spies on PCs through a multi-layer attack using a kernel mode module and a user mode module that essentially gives attackers unlimited access to an infected machine. They can steal passwords, keyboard strokes, screenshots, network traffic and … Continue reading

India and Pakistan hit by spy malware – cybersecurity firm

To install the malware, Symantec found, the attackers used decoy documents related to security issues in South Asia. The documents included reports from Reuters, Zee News, and the Hindu, and were related to military issues, Kashmir, and an Indian secessionist … Continue reading

Can the U.S. stop malware and buy it at the same time? | FCW

The National Security Agency, the FBI and elements inside the Department of Homeland Security are responsible for discovering flaws in existing software, alerting private companies and the public of their vulnerability and prosecuting malicious actors who create and sell these … Continue reading

New IoT malware strain uncovered | IoT Hub

The Linux/IRCTelnet-based software was discovered by security researchers at MalwareMustDie.org, and like the Mirai botnet that was used to attack DNS provider Dyn, it relies on default hard-coded credentials to spread across vulnerable devices. The malware is primed for DDoS … Continue reading

IRS warns: 400% flood in phishing and malware this tax year alone | Network World

The IRS said that when citizens people click on these email links, they are taken to sites designed to imitate an official-looking website, such as IRS.gov. The sites ask for Social Security numbers and other personal information. The sites also … Continue reading