Articles In Security

By Nancy Rand, Posted in Security

August 30, Softpedia – (International) New and mysterious FairWare ransomware targets Linux server. A Bleeping Computer analyst reported that at least 3 Linux server administrators discovered that a ransomware variant, dubbed FairWare hacked their servers, removed their Website root folders, and left a ransom note in the /root folder demanding a 2 Bitcoin, or roughly $1,150, payment in order to retrieve the files. The researcher stated there is no evidence that the ransomware encrypts the user’s... read more.

• August 31, 2016

By Nancy Rand, Posted in Security

August 29, Help Net Security – (International) XSS flaw in D-Link NAS devices allows attackers to mess with your data. A security researcher discovered seven D-Link network-attached storage (NAS) devices were plagued with a cross-site scripting (XSS) flaw in the device’s administrative Web interface that can be exploited through an authenticated Server Message Block (SMB) login attempt and could allow attackers to access a targeted device and change the stored contents after detecting the flaw i... read more.

• August 30, 2016

By Nancy Rand, Posted in Security

August 26, Softpedia – (International) New Locky ransomware version delivered as DLL file. Cyren security researchers discovered that a variant of the Locky ransomware, Zepto received updates and is now installed on infected devices as dynamic-link library (DLL) files, instead of executable (EXE) files. Researchers also found that the DLL file uses a custom packer in order to prevent detection from anti-malware scanners. Source August 26, SecurityWeek – (International) Apple issues emergency fi... read more.

• August 29, 2016

By Nancy Rand, Posted in Security

August 25, SecurityWeek – (International) Cisco updates ASA software to address NSA-linked exploit. Cisco began releasing updates for its Adaptive Security Appliance (ASA) software resolving a remote code execution flaw leveraged by a zero-day exploit, dubbed EXTRABACON which affects the Simple Network Management Protocol (SNMP) code of the ASA software and can be exploited by a remote hacker to cause a system crash or execute arbitrary code. Cisco advised users to update their installations to versio... read more.

• August 26, 2016

By Nancy Rand, Posted in Security

August 24, Help Net Security – (International) Leaked EXTRABACON exploit can work on newer Cisco ASA firewalls. Researchers from SilentSignal discovered the EXTRABACON exploit of the zero-day buffer overflow vulnerability affecting the Simple Network Management Protocol (SNMP) code of the Cisco Adaptive Security Appliance (ASA), Private Internet eXchange (PIX), and Firewall Services Module versions 8.4. (4) and earlier leaked by ShadowBrokers, can also be modified to compromise ASA version 9.2.(4). Ci... read more.

• August 25, 2016

By Nancy Rand, Posted in Security

August 23, Softpedia – (International) Intruders use virtual machines on infected PCs to hide their actions. SecureWorks discovered malicious actors were attempting to install and launch a new virtual machine (VM) on an infected host in order to connect to the compromised device’s VM and withdraw sensitive data or execute other malicious actions without being detected by security software after finding that the attacker was using the Microsoft Management Console (MMC) to launch the Hyper-V Manag... read more.

• August 24, 2016

By Nancy Rand, Posted in Security

August 18, SecurityWeek – (International) Cisco patches critical flaws in Firepower Management Center. Cisco released patches for its Firepower Management Center to address several flaws in the appliance’s Web-based graphical user interface (GUI) including a medium-severity cross-site scripting (XSS) flaw, a critical vulnerability that could allow an authenticated attacker to remotely execute arbitrary commands on a device with root-level privileges, and a flaw that could allow an authenticated... read more.

• August 22, 2016

By Nancy Rand, Posted in Security

August 18, SecurityWeek – (International) Flaws in smart sockets expose networks to remote attacks. Bitdefender researchers reported a popular brand of smart electrical sockets is plagued with serious vulnerabilities that could be exploited by a remote attacker who knows the media access control (MAC) and default password to take control of the device, make configuration changes, and obtain user information after finding that the socket’s hotspot is protected by default credentials and users are... read more.

• August 22, 2016

By Nancy Rand, Posted in Security

August 17, SecurityWeek – (International) Backdoor abuses TeamViewer to spy on victims. Dr. Web security researchers discovered a backdoor trojan, dubbed BackDoor.TeamViewrENT.1 and distributed under the name “Spy-Agent” was installing legitimate TeamViewer components on a compromised device to spy on victims in the U.S., Europe, and Russia, steal victims’ personal information, and to install other malicious programs on a device. Researchers found that the trojan disables error messa... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 8, Help Net Security – (International) Remote Butler attack; APT groups’ dream come true. Microsoft security researchers developed an extension of the “Evil Maid” attack dubbed “Remote Butler” which allows attackers to bypass local Windows authentication to defeat full disk encryption without physical access to the targeted device. A patch released by Microsoft for the “Evil Maid” attack also prevents attackers from carrying out a “Remote Butler&r... read more.

• August 18, 2016