Articles In Security

By Nancy Rand, Posted in Security

February 17, SecurityWeek – (International) Flaw allowed attackers to bypass FireEye detection engine. FireEye released patches fixing an evasion technique vulnerability in its Virtual Execution Engine (VXE), Network Security (NX), Email Security (EX), File Content Security (FX), and Malware Analysis (AX) products after researchers from Blue Frost Security discovered that attackers could bypass the company’s detection engine and temporarily whitelist malware by copying the system engine’s binary into a virt... read more.

• February 19, 2016

By Nancy Rand, Posted in Security

February 17, SecurityWeek – (International) Fysbis backdoor preferred by Pawn Storm group to target Linux. Security researchers at Palo Alto Networks released a report revealing that the Pawn Storm threat group improved their obfuscation technique for their preferred Linux malware, Fysbis, to ensure that the malware installation information is no longer available in the open and that the malware runs a series of shell commands to establish persistency through newly found command and control (C&C) domain... read more.

• February 18, 2016

By Nancy Rand, Posted in Security

February 15, SecurityWeek – (International) Misconfigured database exposed Microsoft site to attacks. A researcher from MacKeeper discovered that attackers could have accessed and modified content of a MongoDB database connected to the mobile version of Microsoft’s careers website and maintained by Punchkick Interactive due to misconfigured databases as the MongoDB database was not write-protected. Attackers could insert arbitrary Hyper Text Markup Language (HTML) code to exploit a victim to a phishing page... read more.

• February 18, 2016

By Nancy Rand, Posted in Security

February 11, Softpedia – (International) Fake Netflix apps deliver banking trojans. Symantec security researchers reported that a new malware campaign was targeting Netflix users in an effort to gain victims’ Netflix credentials and to steal users’ credit card data to make fraudulent purchases by tricking victims into believing the campaign is a company method of accessing online content at a cheaper rate. The malware steals information by using ads to redirect victims to a direct download website embedded... read more.

• February 16, 2016

By Nancy Rand, Posted in Security

February 11, Softpedia – (International) Severe vulnerability affects Cisco ASA VPN server equipment. Cisco released patches for a buffer overflow vulnerability in its firewall equipment embedded in several versions of its Adaptive Security Appliance (ASA) software for corporate networks and data centers after a researcher found an issue in the InternetKey Exchange (IKE) protocol that could allow attackers to craft malicious User Datagram Protocol (UDP) packets and send it to an ASA device, exploiting the v... read more.

• February 16, 2016

By Nancy Rand, Posted in Security

February 9, SecurityWeek – (International) Cross-platform backdoor adwind hits 443,000 users: Kaspersky. Security researchers from Kaspersky Lab reported that a remote access trojan (RAT) dubbed Adwind RAT had infected approximately 443,000 victims by 2015 and targets Windows, Linux, Mac OS X, and other platforms that run Java, to log keystrokes and steal virtual private network (VPN) certificates, cryptocurrency wallet keys, passwords and other data from web forms, among other malicious actions via spear-p... read more.

• February 11, 2016

By Nancy Rand, Posted in Security

February 8, Help Net Security – (International) Twitter suspended 125,000 terrorism-related accounts. Twitter reported that they have suspended over 125,000 accounts since 2015 for threatening or promoting terrorist acts related to the Islamic State and have started using spam-fighting tools to discover potentially offending accounts to counter extremist content online. The company is working with law enforcement agencies around the world to stop terrorist organizations from using Twitter as a platform for... read more.

• February 10, 2016

By Nancy Rand, Posted in Security

February 5, SecurityWeek – (International) Avast patches vulnerability in SafeZone Tool. A researcher from Google discovered a vulnerability in Avast’s SafeZone tool, also known as Avastium, that allowed attackers to gain additional privileges and conduct various actions on the system by convincing a victim to visit a malicious Uniform Resource Locator (URL). The vulnerability was exploited due to Avast’s low security check which allowed any URL to pass through without any restrictions. Source February 4... read more.

• February 09, 2016

By Nancy Rand, Posted in Security

February 4, SecurityWeek – (International) Cisco patches high severity flaws in several products. Cisco released software updates for its Application Policy Infrastructure Controller (APIC) and several other products that patched high severity vulnerabilities including a denial-of-service (DoS) flaw in Nexus 900 switches, a remote authentication flaw in ASA-CX and Prime Security Manager (PRSM), and a logic issue in the role-based access control (RBAC) processing code that allowed unauthenticated attackers t... read more.

• February 05, 2016

By Nancy Rand, Posted in Security

February 3, Softpedia – (International) Dual-Mode DMA ransomware cracked, users can recover files for free. Security researchers from Malwarebytes discovered a flaw in the DMA ransomware that could allow victims to decrypt their encrypted files without paying the ransomware after discovering that the ransomware’s encryption key was hard-coded in its binary, allowing victims to re-download the malicious file and input the encryption key inside the ransom note to unlock their files. Source February 3, Secu... read more.

• February 05, 2016