Articles In Security

By Nancy Rand, Posted in Security

February 2, Softpedia – (International) Compromised WordPress sites hijacked over and over again to push malware. Security researchers from Sucuri discovered a new campaign that targets WordPress websites after finding that all of the sites’ JavaScript files were infected with malicious codes to load an iframe, show advertisements, and leave an unknown backdoor on each web page with the intention to reinfect websites once the pages were cleaned. Researchers reported that if victims hosted several domains on... read more.

• February 04, 2016

By Nancy Rand, Posted in Security

February 1, SecurityWeek – (International) New Cross-Platform backdoors target Linux, Windows. Security researchers from Kaspersky Lab reported that the Linux backdoor dubbed OLMyJuxM.exe was recently found infecting Window-based systems with new capabilities similar to the 32-bit Windows variant of the DropboxCache and uses the same filename templates to steal screenshots, audiocaptures, keylogs, and other arbitrary data by using the SetWindowsHook API for keylogger functionality to contact the command and... read more.

• February 02, 2016

By Ken Phelan, Posted in Security

A couple of weeks ago I had the pleasure of introducing Bruce Schneier and Larry Ponemon at an event focused on Cyber Resilience. If you’re interested in the material, there’s a recorded version available here. Bruce and Larry are both rock stars, so the content was terrific. I thought I would share some of the things I learned. Cyber resilience is an up and coming term in the cyber security world. It represents the ability to manage, mitigate, and move on from a cyberattack. It kind of reminds me of the... read more.

• February 01, 2016

By Nancy Rand, Posted in Security

January 29, Help Net Security – (International) 60+ trojanized Android games lurking on Google Play. Researchers from Dr. Web found over 60 game apps offered on the Google Play store were embedded with the malicious Xiny trojan that can download additional malicious apps and collect device information such as the device’s International Mobile Station Equipment Identity (IMEI) and International Mobile Subscriber Identity (IMSI), and send the data to a command and control (C&C) server via 30 different gam... read more.

• February 01, 2016

By Nancy Rand, Posted in Security

January 28, SecurityWeek – (International) Samsung patches critical vulnerabilities in Android devices. Samsung released a maintenance update for its major Android flagship Galaxy models that patched 16 vulnerabilities including a flaw in Skia which allowed attackers to conduct denial-of-service attacks via a crafted media file, and a remote code execution (RCE) flaw in Android Mediaserver, which allowed attackers to cause memory corruption, among other vulnerabilities. Source January 28, Softpedia – (In... read more.

• January 29, 2016

By Nancy Rand, Posted in Security

January 27, SecurityWeek – (International) Hackers can abuse HP enterprise printers for storage. A researcher from MacKeeper reported that misconfigured enterprise devices can be susceptible to hosting malicious code and evading detection by security products, in addition to allowing attackers to use free, open-source tools to upload files to HP printers and interact with the devices over port 9100 through access via a web browser at “http://<Printer_IP_Address>/ hp/device /<File_Name>.” HP advi... read more.

• January 28, 2016

By Nancy Rand, Posted in Security

January 26, SecurityWeek – (International) US government agencies asked about Juniper backdoor patching. The U.S. House Oversight and Government Reform Committee sent out letters to dozens of government agencies asking that each department provide documents and information on whether they used affected Juniper products, how each entity discovered the vulnerability, and if measures were taken before the Juniper patch was released following a December 2015 incident where an unauthorized code was found in Juni... read more.

• January 27, 2016

By Nancy Rand, Posted in Security

January 25, SecurityWeek – (International) Backdoor found in several Fortinet products. Fortinet released an advisory stating that several of its products including versions of FortiSwitch switches, FortiAnalyzer centralized log and reporting appliances, and FortiCache web cashing appliances were susceptible to a management authentication flaw after company researchers discovered the flaw affected various products following previous reports that the bug only affected its FortiOS system. The flaw can be expl... read more.

• January 26, 2016

By Nancy Rand, Posted in Security

January 22, ZDNet – (International) TeslaCrypt flaw opens the door to free file decryption. A security researcher discovered that the TeslaCrypt ransomware and variants of TeslaCrypt 2.0 contained a design flaw in how the ransomware’s encryption keys were stored in a victim’s computer following the discovery that a new Advanced Encryption Standard (AES) key was generated during each encryption session, revealing that researchers could use specialized programs to retrieve prime numbers of the stored keys to... read more.

• January 25, 2016

By Nancy Rand, Posted in Security

January 21, Softpedia – (International) Threat group uses dating sites to build a botnet of vulnerable home routers. Damballa security researchers reported that a Linux ELF binary, a variant of TheMoon worm, was targeting Home Network Administration Protocol (HNAP) by using adult dating websites to infect home routers and prevents consumers from using their routers’ inbound ports via a malicious iframe embedded on the malicious web pages. Researchers reported the worm is spread by opening outbound ports on... read more.

• January 22, 2016