December 11, SecurityWeek – (International) Stealthy backdoor compromised global organizations since 2013: FireEye. Researchers from FireEye reported that the malicious backdoor malware dubbed, LATENTBOT primarily targets the financial services and insurance sectors to steal passwords, record keystrokes, transfer files, and enable attached microphones or webcams by leveraging malicious emails with contaminated Word documents created with Microsoft Word Intruder (MWI) exploit kit (EK) that when opened, executes malicious code and connects to a MWISTAT server and a LuminosityLink, a remote access trojan (RAT). Source
December 11, SecurityWeek – (International) WP engine resets password after data breach. Officials from WP Engine reported that users’ credentials may have been compromised in a security breach and recommended that users reset passwords associated with WP Engine user portal, the original WP-Admin account, the WordPress database, and Secure File Transfer Protocol (SFTP), among others. The company continues to investigate the breach. Source
December 11, SecurityWeek – (International) Ship data recorders vulnerable to hacker attacks. A researcher from IOActive released a report addressing serious vulnerabilities in a Furuno voyage data recorder (VRD), used in ships, including weak encryption, insecure authentication, a defective firmware mechanism, services plagued by buffer overflow, and command injection vulnerabilities that can be exploited by an unauthenticated attacker with access to the vessel’s network in order to remotely execute arbitrary commands with root privileges, fully compromising the devices. Source