May 29, Softpedia – (International) Non-sophisticated malware steals thousands of credentials from targeted SMBs. Security researchers from Kaspersky discovered a large malware campaign, dubbed Grabit that has infiltrated small and medium businesses worldwide across a variety of sectors with a commercial keylogger called HawkEye and several remote administration tools (RATs) distributed via emails containing malicious macro-laden Microsoft Word documents. The researchers reported that the campaign has collected about 10,000 files from the U.S., India, and Thailand since February. Source
May 29, Securityweek – (International) Researchers find over 50 security flaws in D-Link NAS, NVR devices. Security researchers at SEARCH-LAB identified over 50 vulnerabilities in network-attached storage (NAS) and network video recorder (NVR) products from D-Link, including information leakage, authentication flaws, CGI vulnerabilities, input validation problems, and Web page issues, some of which attackers could exploit remotely to execute arbitrary code and take over affected devices. Source
May 29, Threatpost – (International) Angler Exploit Kit exploiting new Adobe vulnerability, dropping CryptoWall 3.0. A security researcher at SANS Internet Storm Center discovered variants of the Angler Exploit Kit (EK) dropping CryptoWall ransomware on affected machines for the first time, and security researchers at FireEye observed that the EK added a recent Adobe Flash Player vulnerability in which attackers could exploit a race condition in its shader class to execute arbitrary code. Source
May 29, Security Week – (International) Sally Beauty: Cybercriminals planted malware on PoS Systems for 6 weeks. Sally Beauty announced May 28 that cybercriminals had deployed malware on multiple company point-of-sale (PoS) systems between March and April, and that it had cleaned the malware from all affected systems. The company believes attackers accessed names, credit and debit card numbers, expiration dates, cardholder verification values, and service codes in the breach. Source