Articles In Security

By Nancy Rand, Posted in Security

August 13, Securityweek – (International) SAP Security updates patch 22 vulnerabilities. SAP released patches for 22 vulnerabilities and updated four previously release patches, including a remote code execution flaw in SAP ST-P that an attacker could leverage to compromise SAP servers and access information stored on them, and a Reflected File Download (RFD) in SAP’s NetWeaver AFP Servlet that could be exploited to push malware onto victims’ devices using a specially crafted link, among other flaws. Source... read more.

• August 14, 2015

By Nancy Rand, Posted in Security

August 12, Securityweek – (International) Firefox 40 patches vulnerabilities, expands malware protection. Mozilla released version 40 of its Firefox web browser patching about 20 issues and listing four critical advisories including, buffer overflow, integer overflow, use-after-free, and memory safety vulnerabilities which can result in exploitable crashes, among others. Source August 12, The Register – (International) Blacklists miss 90% of malware blogged IP love. RecordedFuture released findings from... read more.

• August 13, 2015

By Nancy Rand, Posted in Security

August 11, Securityweek – (International) Darkhotel APT uses Hacking Team exploit to target specific systems. Security researchers from Kaspersky Lab reported that the Darkhotel advanced persistent threat (APT) group recently started leveraging a Flash zero-day vulnerability revealed in the July Hacking Team Breach to target specific systems, and that the group has been using a variety of techniques to attack defense industrial bases, energy policy makers, militaries, governments, electronics, pharmaceutica... read more.

• August 12, 2015

By Nancy Rand, Posted in Security

August 10, Softpedia – (International) First vulnerability found in Microsoft Edge, affects other software as well. Security researchers discovered a vulnerability in Microsoft’s Server Message Block (SMB) protocol used for local-network file-sharing impacting all versions of Windows, in which a faulty dynamic link library (DLL) could allow an attacker to extract user credentials from a closed Window domain via a man-in-the-middle (MitM) for SMB technique. The vulnerability affects Microsoft’s new Edge Web... read more.

• August 12, 2015

By Nancy Rand, Posted in Security

August 7, Securityweek – (International) Mozilla patches Firefox zero-day exploited in the wild. Mozilla released Firefox version 39.0.3 to address a zero-day vulnerability in the browser’s mechanism that enforces JavaScript’s same origin policy and Firefox’s PDF Viewer, in which an attacker can inject a JavaScript payload to steal local files containing sensitive information. The attack was observed being exploited in the wild, targeting certain types of files hosted on Windows and Linux systems. Source ... read more.

• August 10, 2015

By Nancy Rand, Posted in Security

August 6, Securityweek – (International) GameOver Zeus gang leader engaged in espionage: Researchers. Officials from FBI, Fox-IT, and Crowdstrike released analysis revealing that in addition to using the GameOver Zeus malware to steal about $100 million from banks, the cybercriminal ring used botnets to commit cyberespionage against various countries, including members of the Organization of the Petroleum Exporting Countries (OPEC). Source August 6, Softpedia – (International) Researcher hacks his way in... read more.

• August 10, 2015

By Nancy Rand, Posted in Security

August 5, Securityweek – (International) Symantec patches critical vulnerabilities in Endpoint Protection. Security researchers from Code White discovered 6 vulnerabilities in Symantec Endpoint Protection (SEP) 12.1, including an authentication bypass, 3 path traversals, a privilege escalation, multiple structured query language (SQL) injections, and a high severity binary planting flaw which could allow an unauthenticated attacker to execute arbitrary commands on the SEP Manager (SEPM) server and on SEP cl... read more.

• August 06, 2015

By Nancy Rand, Posted in Security

August 4, Securityweek – (International) Chinese VPN used by APT actors relies on hacked servers. Security researchers at RSA analyzed a Chinese virtual private network (VPN) service dubbed “Terracotta” and found that the service has at least 31 hacked Windows server nodes worldwide in hospitality, government organizations, universities, technology services providers, and private firms. Researchers have observed compromised servers running the Ghost Remote Administration Tool (RAT), the Mitozhan trojan, and... read more.

• August 06, 2015

By Nancy Rand, Posted in Security

August 3, Help Net Security – (International) Fake “Windows 10 Free Upgrade” emails deliver ransomware. Security researchers from Cisco’s Talos Group discovered a ransomware campaign in which attackers purporting to be from Microsoft send victims emails with a fake Windows 10 installer attached that is actually a variant of the CTB-Locker crypto-malware. Source August 3, Softpedia – (International) Chrome extensions can be disabled without user interaction. Security experts from Detectify Labs discovered... read more.

• August 04, 2015

By Nancy Rand, Posted in Security

July 31, Help Net Security – (International) Cybercriminals are preying on existing vulnerabilities to plan future attacks. An analysis of cyber threats by Solutionary identified several campaigns consisting of over 600,000 events worldwide that targeted the bash vulnerability in the second quarter of 2015, and found that the U.S. was a leading source of command and control traffic and malware threats, among other findings. Source July 30, Securityweek – (International) Stack ranking the SSL vulnerabilit... read more.

• August 03, 2015