#CyberFLASH: Canadian cyberthreats differ from those in the U.S., report says

CANADA-storyThe U.S. and Canada both see their fair shares of malware such as Dridex and other banking trojans, but there was one threat conspicuously absent from Canada’s list of common threats – ransomware

While prominent in the U.S., ransomware is just not a thing north of the border Trend Micro researchers revealed in it Canada threat landscape report.

“For whatever reasons the market forces just aren’t driving them in that direction,” Christopher Budd, global threat communications manager at Trend Micro, told SCMagazine.com.

Though the report didn’t specify a reason for ransomware’s absence, Budd hinted that cost-benefit analyses by cybercriminals could show that using ransomware may have a low-yield because Canadians are not culturally attuned to falling victim such attacks.

Budd pointed out that ransomware attacks have worked their way around the globe, initially rising to prominence in New Zealand and the U.K., before cybercriminals used it to target Americans. So, it is possible that Canadians may be targeted more in the future, he said.

OpenCandy adware toolbar and Dridex malware are currently the most prominent threats in Canada.

Cybercriminals in the U.S. influence the Canadian threat landscape by providing the infrastructure for hosting malicious content. And the majority of malicious sites that Canadians visit are predominantly hosted in the U.S. – malicious hosting in Canada simply isn’t as sophisticated as it is in other countries.

Read more here

#CyberFLASH: Malware – the gift you don’t want re-gifted

cra-passwords-security_211076204-e1402005190177OTTAWA – Online retail in Canada continues to increase, and according to a recent survey by TD Bank (Anatomy of an Online Shopper), more than seven in 10 (72 percent) of Canadians surveyed do at least some of their holiday shopping online.

As the online industry grows, cybercriminals are continuously finding ways to take advantage of unaware users or unsecured processes. How can you prevent this unwanted gift? For starters, simply being aware of the most common online threats — such as spam/junk mail, phishing and adware — can help ensure a safer online shopping experience.

Follow these proactive steps to help safeguard your online shopping security and privacy:

Connect to a secure network – avoid using open or public Wi-Fi. There’s a bigger chance for attackers to intercept your connection and obtain your access details such as passwords, and usernames.

Bookmark websites – to avoid typing in the wrong address, always bookmark your most trusted shopping sites.

Avoid opening unusual emails and links – to the untrained eye, distinguishing a valid email from a fake one could be a little difficult. If you want to make sure, look out for outrageous subject lines that come with “offers” that seem too good to be true. If you’re still unsure, you can double check with an official source.

Read more here

#CyberFLASH: RawPOS Point-of-Sale Malware Checks in to Hotels and Casinos

NYBZ120-15_2013_124926_highSecurity researchers have shed new light on seven-year-old point-of-sale (POS) malware still being used today, most recently to attack casinos and resort hotels.

RawPOS was first spotted in a Visa Data Security alert in 2008 and has been used repeatedly with success by cyber-criminals in order to steal valuable magstripe data from victims in the United States, Canada, Europe, the Middle East, and Latin America.

As such, it may have been “instrumental to previous credit card breaches documented and not previously attributed to this particular PoS threat,” Trend Micro claimed in a blog post.

RawPOS features a three-stage modular design.

The first is designed for persistence, installing the malware and ensuring its memory dumper and file scraper are launched.

The second features two memory dumpers: “one generic dumper that can be called to dump a specific process, and another dumper that is designed for specific processes that target specific PoS applications.”

This generic dumper element is time-sensitive, so that if an attacker isn’t able to return to the target environment a month after compile time, it will stop all suspicious activity, making dynamic file analysis difficult, Trend Micro claimed.

The file scraper parses the dumped files from the memory dumper, scrapes the credit card data and encodes the dumped data.

The modular design means attackers can tailor the threat according to target environments, Trend Micro said.

Read more here

Trend Micro and INTERPOL to Collaborate in Support of Global Law Enforcement’s Efforts Against Cybercrime

trend_micro-interpol-formation-cybercriminel-depannage-maintenance-formation-informatique-domicile-Paris-14eme-arrondissement-75014

OTTAWA – Trend Micro Inc., a global leader in security software and solutions, today announced its collaboration with INTERPOL to support global law enforcement programs against cybercrime.

Today’s cyber threats are becoming increasingly more targeted and sophisticated with criminal networks operating across the world, coordinating complex attacks against targets in a matter of minutes.

Due to the complexity of the cyber-threat landscape, cybercrime investigations are profoundly different in nature to traditional crime, requiring high-level technical expertise and large-scale cross-jurisdictional investigations. It is essential that law enforcement prioritize resources, build cross-jurisdictional and cross-sectorial collaboration in addition to developing the technical expertise, tools and infrastructure required to effectively combat threats and eventually enhance digital security.

Read more here

Trend Micro’s Ottawa team readies ‘Deep Discovery’ offensive to root out authors of security threats

OTTAWA — A crack team of Ottawa programmers is quietly toiling away on revolutionary security technology that could change the way governments around the globe combat computer hackers.

The team, formerly known as Third Brigade before being acquired by global computer security giant Trend Micro in 2009, aims to target the hackers making trouble, instead of simply reacting to the viruses they release.

Read more here

© 2013 CyberTRAX Canada - All Rights Reserved.
Sponsored by C3SA Corp.