Articles In Security

By Nancy Rand, Posted in Security

January 4, SecurityWeek – (International) BlackEnergy malware used in Ukraine power grid attacks. Researchers from ESET reported that the BlackEnergy malware, which previously targeted Ukrainian government entities and U.S. critical infrastructure companies, and a Secure Shell (SSH) backdoor have been targeting news media and electrical power companies in the Ukraine after researchers found that the malware was planted on the networks of several regional power companies and news companies via a destructive... read more.

• January 05, 2016

By Nancy Rand, Posted in Security

December 31, SecurityWeek – (International) Details of 34,000 Steam users exposed during DDoS attack. Valve Corporation reported that its Internet-based platform, Steam deployed catching configurations, one that incorrectly cached traffic for unauthenticated users, which resulted in users’ personal information to be displayed to other users after the company tried to resolve distributed denial-of-service (DDoS) attacks against the Steam Store that affected 34,000 users. The company was working to identify a... read more.

• January 04, 2016

By Nancy Rand, Posted in Security

December 30, SecurityWeek – (International) Linode hit by DDoS attacks. The Cloud hosting company, Linode, reported that its website, Manager mobile application, Doman Name System (DNS) infrastructure, and data centers in Atlanta, Newark, and London were compromised after the company discovered hackers had conducted distributed denial-of-service (DDoS) attacks for several hours. Security researchers from the company were able to patch the vulnerabilities. Source December 29, SecurityWeek – (International... read more.

• January 04, 2016

By Nancy Rand, Posted in Security

December 16, Softpedia – (International) XRTN ransomware discovered, currently undecryptable. A researcher from Bleeping Computer’s released a report on the XRTN ransomware detailing how the malware infects a computer system by sending email attachments, such as malicious Word documents and batch files that are encoded with JavaScript commands, to a victim’s corporate or personal email, that if opened and downloaded, attackers can execute the JavaScript commands to run batch files that will encrypt personal... read more.

• December 18, 2015

By Nancy Rand, Posted in Security

December 16, Softpedia – (International) FireEye security devices provide attackers with backdoor into corporate networks. Two security researchers discovered several FireEye security products had two zero-day flaws, such as the RCE and privilege escalation bug that can execute malicious code disguised as the highly privileged Malware Input Processor (mip) user and gain administrative privileges on the infected device. FireEye released patches addressing the vulnerabilities. Source December 16, SecurityW... read more.

• December 17, 2015

By Ken Phelan, Posted in Security

One of the things that will pump a little adrenaline into an average Tuesday morning at Gotham is a call from one of our clients in the midst of a genuine cyber crisis. Unfortunately, these calls are more and more common, so I thought I’d spend a few minutes talking about some things you can do get prepared for such a call. I’m glad you’re calling me, but I’d prefer that you also had some type of Cyber Crisis Plan that you prepared for such an occasion. I know it’s customary at this point to spend a para... read more.

• December 16, 2015

By Nancy Rand, Posted in Security

December 15, Help Net Security – (International) 13 million MacKeeper users exposed in data breach. MacKeeper, the utility software for Apple Mac products, reported that its database containing passwords and the personal information of 13 million users were exposed in a data breach after a security researcher submitted a Shodan search and discovered four Internet Protocol (IP) addresses led to a MongoDB database belonging to Kromtech, the company that produces MacKeeper. MacKeeper patched the vulnerability... read more.

• December 16, 2015

By Nancy Rand, Posted in Security

December 14, SecurityWeek – (International) Twitter warns users of state sponsored hacking. Twitter reported December 14 that its customers’ user names, Internet Protocol (IP) addresses, phone numbers, and email addresses may have been compromised after a potential state sponsored attack occurred in its systems. Twitter officials advised users to use Tor Project, a software enabling anonymous communication, to protect affected users on social networks. Source December 12, Softpedia – (International) Malw... read more.

• December 15, 2015

By Nancy Rand, Posted in Security

December 11, SecurityWeek – (International) Stealthy backdoor compromised global organizations since 2013: FireEye. Researchers from FireEye reported that the malicious backdoor malware dubbed, LATENTBOT primarily targets the financial services and insurance sectors to steal passwords, record keystrokes, transfer files, and enable attached microphones or webcams by leveraging malicious emails with contaminated Word documents created with Microsoft Word Intruder (MWI) exploit kit (EK) that when opened, execu... read more.

• December 14, 2015

By Nancy Rand, Posted in Security

December 10, SecurityWeek – (International) Many Cisco products plagued by deserializations flaws. Cisco Systems reported that it is investigating which of its products are affected by the Java deserialization vulnerability that can be exploited for remote code execution (RCE) via the Apache Commons Collections library due to the failure of developers to ensure that untrusted serialized data is not accepted for deserialization. Cisco will release software updates addressing the flaw. Source December 10,... read more.

• December 11, 2015