This past week we’ve seen a lot of previously announced malware campaigns emerging once again, enhanced with new tricks to do even more damage.

Today we’ve updated the details for the latest Dridex-dropping campaign, which is currently targeting the United Kingdom. What’s more, other experts agree that the situation is increasingly worrisome. Eward Driehuis, a director at cybersecurity and threat-intelligence firm Fox-IT, said:

Cybercriminals are now using Dyre and Dridex to gather data that can help track patterns of human and corporate behavior, which might later be used to help attackers evade network intrusion detection

We’ve also published additional details about the post office scam that infects victims with Cryptolocker2 (crypt0l0cker): the attackers have modified the malware to harvest email addresses from the infected machines. More than 7,000 PCs have become infected in the Scandinavian region, and we expect that the email addresses being captured to be used to distribute future versions of crypt0l0cker.

What’s more, there was another reason for concern for Scandinavians: a ransomware campaign targeting them went by completely undetected for hours! Detection rates have increased since we announced the campaign, but remain unsatisfactory.

Never before in the history of humankind have people across the world been subjected to extortion on a massive scale as they are today.

That’s how Symantec’s August 2015 “The evolution of ransomware” report starts and we couldn’t agree more. Ransomware victims are often left to answer a burning question by themselves: should they pay to get their data back or not?

What’s clear is that Internet users are confronted with a lot of threats that didn’t exist until recently and which they can’t stop because they lack cyber security knowledge and the right tools. That’s why this week we chose to write about the 6 Cyber Threats You Didn’t Have to Worry About 10 Years Ago.

And because we always want to play an active role in protecting users worldwide and helping them understand what they need to do to stay safe, we’re inviting everyone interested to join our beta testing program for the new Heimdal PRO!

Also, we really hope that CyberSecMonth, which will unfold throughout October, will help users become friendly with cyber security and grasp its importance for their wellbeing.

Now here is what else happened this week that we believe it’s important to know and get protected from: let’s see the 10 news included in the Weekly Security Roundup.



Security articles of the week


1. Watch out for URL hijacking & associated scams

Graham Cluley shows how a well-executed scam could trick any user into clicking on infected websites, links and banners. That’s why we recommend you choose the right tools to get protected from this kind of attacks.

2. Cookie handling in browsers putting HTTPS security at risk

The infamous HTTP cookies used to monitor website activity and help enhance experience for the user became a huge liability when “a team of researchers from University of California, Berkeley, Tsinghua University in Beijing, the International Computer Science Institute and Microsoft tested the implications of such attacks on different high-profile HTTPS websites and presented their findings in August at the USENIX conference.”

3. Scareware(d) into submission

Earlier this week, the biggest pirate torrent site in the world, KickAss Torrents, served scareware advertising to its users, persuading the gullible ones into allowing cunning call center operators to take control of their PCs.

4. Cyber crime looks to enhance its return on investment

In a recent blogpost, Google spoke about its efforts to help dismantle the mechanisms that fuel the development of the underground cyber criminal market and called for collaboration as a necessary condition for success.

Over the last decade, Internet crime has matured into an underground economy where a large number of globally distributed criminals trade in data, knowledge, and services specifically geared towards defrauding users and businesses. Within this black market, criminals buy and sell compromised machines, scam hosting, exploit kits, and wholesale access to pilfered user records including usernames and passwords, credit card numbers, and other sensitive personal data. The availability of such specialized resources has transformed for-profit abuse into a cooperative effort among criminals each satisfying a cog in a supply chain.

Since there has been a “66% year-over-year increase in cyberattacks since 2009“, the value of threat intelligence is only bound to increase, which we also believe should be a key area of focus for those who want to help fight cyber crime and its malicious outcomes.

5. DDoS attacks: “it’s not if, not when, but how frequently

DDoS attacks are an issue that’s not new, but it certainly is always pressing. These key global DDoS trends are worth reading, especially since:

A new type of distributed denial of service attack has recently been reported by CloudFlare, involving the use of mobile advertisement networks and funneling traffic from real users.


Ad networks are also being using for DDoS attacks, and it happens more often than not for these type of attacks to be a smoke screen for APTs and data breaches.

6. 18 million Americans, victims of identity theft

The problem is that people are not aware of the risks and they usually find out only when a financial institution contacts them. Don’t let this happen to you as well. Learn how to protect yourself.

7. Malvertising listed in Google search results

Cyber criminals always look for new ways to infiltrate web locations that users trust. And this week they even managed to get into search engine page results, a section that users know is normally safe. Read more details on the same story.

8. Macro malware is on the menu again

It seems that users have gotten over the fear of infected email attachments sent to them by cyber criminals. But these old school threats are back and they’re vicious.

9. Life-threatening security issues – who should know about them?

If an attack on critical infrastructure puts people’s lives in danger, shouldn’t that become a public issue?

If security researchers get no response from manufacturers when disclosing vulnerabilities with life-threatening implications, the majority of IT security professionals (64%) believe that the information should then be made public, according to AlienVault.


10. September’s list of data breaches and cyber attacks

We really wish it was shorter.




We can’t emphasize this enough, but the need for cyber security education is more prominent now than ever! Maybe CyberSecMonth will help those who are curious or willing to learn about cyber protection to finally get around to it.

Leave a Reply

Your email address will not be published. Required fields are marked *