Articles In Security

By Nancy Rand, Posted in Security

July 6, Securityweek – (International) KINS malware toolkit leaked online. Security researchers from MalwareMustDie reported that version 2.0 of the KINS banking trojan toolkit was leaked and widely distributed on the Internet, and that the malware’s developers have integrated ZeusVM banking trojan technology in the newest release, including the use of stenography to conceal configuration data. Source July 6, Softpedia – (International) Govt supplier of surveillance software gets hacked, 400GB of data le... read more.

  • July 07, 2015

By Nancy Rand, Posted in Security

July 2, Threatpost – (International) Cisco UCDM platform ships with default, static password. Cisco warned customers that its Unified Communications Domain Manager Platform software versions prior to 4.4.5 have a default, static password for an account with root privileges, possibly allowing an unauthenticated remote attacker to take full control of an affected system with root privileges. Source July 2, Softpedia – (International) GhostShell hackers reveal 548 targets, links to dumps. Hackers associated... read more.

  • July 06, 2015

By Nancy Rand, Posted in Security

July 1, Securityweek – (International) Attackers abuse RIPv1 Protocol for DDoS reflection: Akami. Security researchers from Akami discovered that malicious actors have been leveraging routers running Routing Information Protocol version 1 (RIPv1) to reflect distributed denial-of-service (DDoS) attacks by creating malicious requests for routes and then spoofing the source Internet protocol (IP) address to match the one of the targeted system. Source July 1, Softpedia – (International) iOS 8.4 fixes 33 sec... read more.

  • July 02, 2015

By Nancy Rand, Posted in Security

June 30, Softpedia – (International) Dridex is the most prevalent banking malware in the corporate sector. SecurityScorecard released findings from a report revealing that the Dridex banking trojan was the most prevalent malware found in corporate environments from January – May, primarily targeting the manufacturing and retail sectors, followed by the Beloh and Tinba trojans, which targeted telecommunications and technologies companies. Source June 30, Securityweek – (International) Yahoo patches SSRF v... read more.

  • July 02, 2015

By Nancy Rand, Posted in Security

June 29, Securityweek – (International) Security firm discloses details of Amazon Fire Phone vulnerabilities. MWR InfoSecurity released details on three recently patched Amazon Fire Phone vulnerabilities, including flaws in the CertInstaller package that can allow third party applications to install digital certificates to intercept encrypted traffic via man-in-the-middle attacks, and an issue with the Android Debug Bridge (ADB) in which an attacker could bypass the lock screen, steal information, add and r... read more.

  • June 30, 2015

By Nancy Rand, Posted in Security

June 25, Help Net Security – (International) Samsung disables Windows Update, undermines the security of your devices. A security researcher discovered that the Samsung SW Update software for Microsoft Windows personal computers (PCs) runs an executable file upon start-up that disables Windows Update to prevent driver and update software conflicts, posing a security risk to users. Microsoft has reportedly contacted Samsung to address the issue. Source June 25, Help Net Security – (International) The down... read more.

  • June 29, 2015

By Nancy Rand, Posted in Security

June 24, Softpedia – (International) Dyre banking malware uses 285 command and control servers. Security researchers from Symantec released a report revealing that multiple groups are running at least 285 command and control (C&C) servers, as well as 44 machines to deliver payloads and execute man-in-the-browser (MitB) attacks. The servers are located primarily in Ukraine and Russia but located worldwide, and are primarily targeting financial organizations in the U.S. and United Kingdom. Source June... read more.

  • June 25, 2015

By Nancy Rand, Posted in Security

June 23, Help Net Security – (International) Critical RubyGems vulns can lead to installation of malicious apps. Security researchers at Trustwave discovered a vulnerability in the RubyGems package manager in which an attacker could redirect a RubyGem client using hypertext transfer protocol secure (HTTPS) to an attacker controlled gem server, bypassing HTTPS verification and allowing the attacker to install malicious or trojan gems. Source June 23, Softpedia – (International) Minor Chrome release fixes... read more.

  • June 24, 2015

By Nancy Rand, Posted in Security

June 22, Softpedia – (International) Hackers disrupt Polish airline LOT, ground 10 flights. Officials from LOT Polish Airlines reported that their ground operation systems at Warsaw’s Frederic Chopin Airport suffered a 5-hour cyber-attack that grounded 10 national and international flights and affected about 1,400 passengers June 21. An investigation into the attack is ongoing. Source June 22, Help Net Security – (International) New password recovery scam hitting Gmail, Outlook and Yahoo Mail users. Secu... read more.

  • June 24, 2015

By Nancy Rand, Posted in Security

June 19, Threatpost – (International) Static encryption key found in SAP HANA database. Security researchers from ERPScan discovered a vulnerability in SAP’s HANA in-memory relational database management system in which an attacker could use various web-based external attacks to remotely execute code, and then leverage static encryption keys to read encrypted passwords, stored data, and backups. Source June 18, International Business Times – (International) Samsung to issue fix for SwiftKey keyboard bug... read more.

  • June 22, 2015