Articles by 'Nancy Rand'

By Nancy Rand, Posted in Security

July 13, Securityweek – (International) APT group uses Seaduke trojan to steal data from high-value targets. Security researchers from Symantec released an analysis of the highly-configurable Seaduke trojan used by an advanced persistent threat (APT) group known for cyber-espionage attacks against high-value targets including government organizations. The report revealed that the trojan is installed onto select systems through the CozyDuke trojan, and that it shares similarities with other “Duke” malware. S... read more.

• July 14, 2015

By Nancy Rand, Posted in Security

July 10, Securityweek – (International) Chinese APT group uses Hacking Team’s Flash Player exploit. Security researchers from Volexity reported that the Wekby advanced persistent threat group (APT), also known as APT 18, Dynamite Panda, and TG-0416, was leveraging an Adobe Flash Player exploit revealed through the July breach of the software company Hacking Team by sending spear-phishing emails purporting to be from Adobe which directed users to download a compromised Flash Player file containing malware. S... read more.

• July 13, 2015

By Nancy Rand, Posted in Security

July 9, Securityweek – (International) APT-style evasion techniques spotted in “Kofer” ransomware campaign. Security researchers from Cybereason discovered a ransomware campaign primarily targeting European users dubbed “Operation Kofer” that is mimicking advanced persistent threat (APT) operations by continuously generating new variants of the same malware to evade detection, among other anti-detection techniques. Source July 9, CSO Online – (International) Despite warnings, majority of firms still run... read more.

• July 10, 2015

By Nancy Rand, Posted in Security

July 7, Help Net Security – (International) Flaw allows hijacking of professional surveillance AirLive cameras. Engineers from Core Security discovered vulnerabilities in AirLive’s surveillance cameras in which an attacker could invoke computer-generated imagery (CGI) files without authentication or utilize backdoor accounts to execute arbitrary operating system commands, possibly allowing the attacker to see camera’s transmission stream and compromise network devices. Source July 6, Threatpost – (Intern... read more.

• July 08, 2015

By Nancy Rand, Posted in Security

July 6, Securityweek – (International) KINS malware toolkit leaked online. Security researchers from MalwareMustDie reported that version 2.0 of the KINS banking trojan toolkit was leaked and widely distributed on the Internet, and that the malware’s developers have integrated ZeusVM banking trojan technology in the newest release, including the use of stenography to conceal configuration data. Source July 6, Softpedia – (International) Govt supplier of surveillance software gets hacked, 400GB of data le... read more.

• July 07, 2015

By Nancy Rand, Posted in Security

July 2, Threatpost – (International) Cisco UCDM platform ships with default, static password. Cisco warned customers that its Unified Communications Domain Manager Platform software versions prior to 4.4.5 have a default, static password for an account with root privileges, possibly allowing an unauthenticated remote attacker to take full control of an affected system with root privileges. Source July 2, Softpedia – (International) GhostShell hackers reveal 548 targets, links to dumps. Hackers associated... read more.

• July 06, 2015

By Nancy Rand, Posted in Security

July 1, Securityweek – (International) Attackers abuse RIPv1 Protocol for DDoS reflection: Akami. Security researchers from Akami discovered that malicious actors have been leveraging routers running Routing Information Protocol version 1 (RIPv1) to reflect distributed denial-of-service (DDoS) attacks by creating malicious requests for routes and then spoofing the source Internet protocol (IP) address to match the one of the targeted system. Source July 1, Softpedia – (International) iOS 8.4 fixes 33 sec... read more.

• July 02, 2015

By Nancy Rand, Posted in Security

June 30, Softpedia – (International) Dridex is the most prevalent banking malware in the corporate sector. SecurityScorecard released findings from a report revealing that the Dridex banking trojan was the most prevalent malware found in corporate environments from January – May, primarily targeting the manufacturing and retail sectors, followed by the Beloh and Tinba trojans, which targeted telecommunications and technologies companies. Source June 30, Securityweek – (International) Yahoo patches SSRF v... read more.

• July 02, 2015

By Nancy Rand, Posted in Security

June 29, Securityweek – (International) Security firm discloses details of Amazon Fire Phone vulnerabilities. MWR InfoSecurity released details on three recently patched Amazon Fire Phone vulnerabilities, including flaws in the CertInstaller package that can allow third party applications to install digital certificates to intercept encrypted traffic via man-in-the-middle attacks, and an issue with the Android Debug Bridge (ADB) in which an attacker could bypass the lock screen, steal information, add and r... read more.

• June 30, 2015

By Nancy Rand, Posted in Security

June 25, Help Net Security – (International) Samsung disables Windows Update, undermines the security of your devices. A security researcher discovered that the Samsung SW Update software for Microsoft Windows personal computers (PCs) runs an executable file upon start-up that disables Windows Update to prevent driver and update software conflicts, posing a security risk to users. Microsoft has reportedly contacted Samsung to address the issue. Source June 25, Help Net Security – (International) The down... read more.

• June 29, 2015