Avast Blog_Security News:

[harlan4096]

Chronicle teams up with Avast on a new platform and the NSA gives a gift to the cybersecurity community plus more security news.
New platforms to clobber cybercrimeTwo major announcements at this week’s RSA mark strident leaps forward in cybersecurity, and both rely on the same core principal — sharing knowledge. The combined efforts that make these cybersecurity tools so potent go to prove that there is, in fact, safety in numbers.

One of the tools is nothing less than a global security telemetry platform built by Chronicle Security, a new Alphabet company focused on enterprise security. The platform is called Backstory, and it is a cloud-based service that compares an enterprise’s network activity against a constantly updating database of threat intelligence. Aggregating the most reliable threat intelligence for the project, Chronicle has partnered with Avast and a couple of other security entities. “It made sense for Chronicle to work with Avast, who has the biggest threat intelligence network,” comments Luis Corrons, Avast security expert. “Thanks to Backstory and the threat intelligence we can feed into it, companies all around the world will be safer.”

The other platform unveiled at RSA is called Ghidra, a reverse-engineering tool developed by the National Security Agency (NSA) to allow cybersecurity researchers to better analyze malware they find in the wild. The NSA has been developing the software for years, and the agency is publishing it as open source, calling it “a contribution to the nation’s cybersecurity community.” The tool is designed to allow analyzers to work collaboratively within it, and it includes various features that simplify the reverse-engineering process so that researchers can more easily get to the heart of today’s worst malware.

Here’s a video from NBC's Jonathan Bloom on highlights from RSA.

Jokeroo starts Ransomware-as-a-Service membership

A new underground company calling itself Jokeroo has been promoting itself on Twitter as a Ransomware-as-a-Service (RaaS), a one-stop shop for a would-be cybercriminal, providing all the tools needed to run a ransomware campaign from the malware to the payment system all the way to the customizable ransom note. The RaaS offers a tiered membership system. The least expensive package starts at $90, which includes the full ransomware service, a bitcoin payment system, and 15% of each ransom payment going to Jokeroo. The more premium packages, at $300 and $600, do not include the 15% skim and offer other cryptocurrency payment systems as well as extra features. The company is so new that researchers have not yet seen traces of its branded ransomware in the wild.
 
Luis Corrons notes, “This is not the first time we have seen this kind of ‘business’ model, however, you can usually find them on the dark web or hacking forums. Offering itself openly on Twitter is not that common. This approach looks like an offer for script kiddies and wannabe cybercriminals. Let's hope Twitter takes quick measures to stop these guys from using their platform to promote illegal business.”   

Continue Reading