Articles In Security

By Nancy Rand, Posted in Security

August 26, Softpedia – (International) New Locky ransomware version delivered as DLL file. Cyren security researchers discovered that a variant of the Locky ransomware, Zepto received updates and is now installed on infected devices as dynamic-link library (DLL) files, instead of executable (EXE) files. Researchers also found that the DLL file uses a custom packer in order to prevent detection from anti-malware scanners. Source August 26, SecurityWeek – (International) Apple issues emergency fi... read more.

• August 29, 2016

By Nancy Rand, Posted in Security

August 25, SecurityWeek – (International) Cisco updates ASA software to address NSA-linked exploit. Cisco began releasing updates for its Adaptive Security Appliance (ASA) software resolving a remote code execution flaw leveraged by a zero-day exploit, dubbed EXTRABACON which affects the Simple Network Management Protocol (SNMP) code of the ASA software and can be exploited by a remote hacker to cause a system crash or execute arbitrary code. Cisco advised users to update their installations to versio... read more.

• August 26, 2016

By Nancy Rand, Posted in Security

August 24, Help Net Security – (International) Leaked EXTRABACON exploit can work on newer Cisco ASA firewalls. Researchers from SilentSignal discovered the EXTRABACON exploit of the zero-day buffer overflow vulnerability affecting the Simple Network Management Protocol (SNMP) code of the Cisco Adaptive Security Appliance (ASA), Private Internet eXchange (PIX), and Firewall Services Module versions 8.4. (4) and earlier leaked by ShadowBrokers, can also be modified to compromise ASA version 9.2.(4). Ci... read more.

• August 25, 2016

By Nancy Rand, Posted in Security

August 23, Softpedia – (International) Intruders use virtual machines on infected PCs to hide their actions. SecureWorks discovered malicious actors were attempting to install and launch a new virtual machine (VM) on an infected host in order to connect to the compromised device’s VM and withdraw sensitive data or execute other malicious actions without being detected by security software after finding that the attacker was using the Microsoft Management Console (MMC) to launch the Hyper-V Manag... read more.

• August 24, 2016

By Nancy Rand, Posted in Security

August 18, SecurityWeek – (International) Cisco patches critical flaws in Firepower Management Center. Cisco released patches for its Firepower Management Center to address several flaws in the appliance’s Web-based graphical user interface (GUI) including a medium-severity cross-site scripting (XSS) flaw, a critical vulnerability that could allow an authenticated attacker to remotely execute arbitrary commands on a device with root-level privileges, and a flaw that could allow an authenticated... read more.

• August 22, 2016

By Nancy Rand, Posted in Security

August 18, SecurityWeek – (International) Flaws in smart sockets expose networks to remote attacks. Bitdefender researchers reported a popular brand of smart electrical sockets is plagued with serious vulnerabilities that could be exploited by a remote attacker who knows the media access control (MAC) and default password to take control of the device, make configuration changes, and obtain user information after finding that the socket’s hotspot is protected by default credentials and users are... read more.

• August 22, 2016

By Nancy Rand, Posted in Security

August 17, SecurityWeek – (International) Backdoor abuses TeamViewer to spy on victims. Dr. Web security researchers discovered a backdoor trojan, dubbed BackDoor.TeamViewrENT.1 and distributed under the name “Spy-Agent” was installing legitimate TeamViewer components on a compromised device to spy on victims in the U.S., Europe, and Russia, steal victims’ personal information, and to install other malicious programs on a device. Researchers found that the trojan disables error messa... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 8, Help Net Security – (International) Remote Butler attack; APT groups’ dream come true. Microsoft security researchers developed an extension of the “Evil Maid” attack dubbed “Remote Butler” which allows attackers to bypass local Windows authentication to defeat full disk encryption without physical access to the targeted device. A patch released by Microsoft for the “Evil Maid” attack also prevents attackers from carrying out a “Remote Butler&r... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 9, SecurityWeek – (International) Vulnerabilites found in several Fortinet products. Vulnerability Lab released the details of several flaws affecting the Web interface of the Fortinet FortiManager and FortiAnalyzer security management and reporting appliances including a vulnerability that can be exploited by a remote attacker with access to a low-privileged user account to inject arbitrary code into the application if a victim clicks on a link or visits a Webpage containing the malicious code... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 10, Softpedia – (International) Data of nearly 2 million users exposed in Dota2 forum hack. Researchers from LeakedSource reported that the Dota2 official developers forum was breached after hackers stole the usernames, email addresses, user identifiers, passwords, and IP addresses of nearly 2 million of the forum’s users July 10 by hashing and salting the password with the MD5 algorithm. Forum administrators patched the vulnerability and reset all user account passwords. Source August 1... read more.

• August 18, 2016