Ransomware and distributed denial-of-service (DDoS) campaigns continue to dominate the news at week's end. The Magnitude exploit kit has been spotted delivering CryptoWall in a malvertising campaign. And, in the black market, ransomware purveyors offer their services (under the CryptoLocker brand) in exchange for ten percent of any ransom paid.
High-end Australian email provider FastMail sustains a DDoS attack similar to the ones that recently crippled Runbox, Zoho, Hushmail and ProtonMail. FastMail takes pains to say that it has no intention of paying ransom to get out from under the attack. Security blogger Graham Cluley sustains his own DDoS incident, noting that it occurred even as he was speaking about the Armada Collective and other DDoS hoods. He says the attackers used UPnP reflection, DNS reflection, and TCP SYN flooding, but have issued no ransom demands. As of this writing his site appears still under attack.
Point-of-sale malware remains a problem even as we reach the second anniversary of the Target breach that brought the issue to prominence. Trustwave describes "Cherry Picker," which has been infesting targets since 2011 (and cleaning up after itself). Proofpoint discovers a newer strain, "Abbadon," which researchers noticed downloading in the course of a Vawtrak banking Trojan infection.
Several interesting proofs-of-concept are out, including the use of barcodes as a malware vector.
Microsoft fixes the patch that caused Outlook problems.
Investors take a new look at the cyber sector, informed by Tenable funding and Cisco results. Microsoft's German cloud servers will be secured by G-Data.