Monday 1/28
This Trojan infects Chrome browser extensions, spoofs searches to steal cryptocurrency
The main thrust of the malware is its capability to steal cryptocurrency. Razy focuses on compromising browsers, including Google Chrome, Mozilla Firefox, and Yandex. Different infection vectors are in place depending on the type of browser found on an infected system.
https://zd.net/2COMgBC
Bypassing Network Restrictions Through RDP Tunneling
FireEye has observed threat actors using native Windows RDP utilities to connect laterally across systems in compromised environments. Historically, non-exposed systems protected by a firewall and NAT rules were generally considered not to be vulnerable to inbound RDP attempts; however, threat actors have increasingly started to subvert these enterprise controls with the use of network tunneling and host-based port forwarding.
http://bit.ly/2MBqvKa
Hackers are going after Cisco RV320/RV325 routers using a new exploit
Security researchers have observed ongoing internet scans and exploitation attempts against Cisco RV320 and RV325 WAN VPN routers, two models very popular among internet service providers and large enterprises.
https://zd.net/2CMxJq5
Tuesday 1/29
Researchers find a new malware-friendly hosting site after a spike in attacks
Deep Instinct analysts say in new findings out Tuesday that the resurgence in FormBook malware, used as part of password and information stealing campaigns currently targeting the retail and hospitality sectors, can be traced back to the newly discovered malware-friendly site that hosts the second-stage dropper used to infect a computer with malicious code after the user opens a booby-trapped document.
https://tcrn.ch/2B7ET8w
McAfee Advises Consumers that Weak Passwords, Phishing Scams and Malicious Apps Continue to Be a Threat
McAfee warns consumers that cybercriminals are continuing to access personal information through weak passwords, phishing emails, connected things, malicious apps and unsecure Wi-Fi networks. McAfee is committed to helping consumers take the necessary steps to protect what matters.
http://bit.ly/2WuYqse
Cisco Data Center Goes Anywhere Your Data Is
Cisco is announcing a new architecture that extends the data center to everywhere that data lives and everywhere applications are deployed. To bring this “data center anywhere” vision to life, Cisco is introducing a range of innovations across networking, hyperconvergence, security and automation.
http://bit.ly/2G8hnLG
Wednesday 1/30
Matrix has slowly evolved into a ‘Swiss Army knife’ of the ransomware world
While initially, the Matrix authors used the RIG exploit kit to mass-distribute their ransomware in its early days, in 2016 and 2017, since early 2018, the ransomware has been exclusively spread in attacks against carefully selected high-value targets, usually by taking advantage of unprotected RDP (Remote Desktop Protocol) endpoints.
https://zd.net/2DIQYT5
Cisco Brings Intent-Based Networking To The IoT Edge: 5 Things To Know
Intent-based networking makes it easier to scale and manage IoT networks, which can have as many as tens of thousands of devices in one company, by bringing automating key IT functions.
http://bit.ly/2BaBmWS
Thursday 1/31
Researchers Discover Malware That Targets Apple Mac Computers and Cryptocurrency Exchanges
CookieMiner lets hackers steal people’s digital cookies in both Apple Safari and Google Chrome browsers. Cryptocurrency exchanges like Coinbase, Binance, and Bitstamp use cookies to temporarily track users who visit the sites. Additionally, the malware can steal a person’s saved usernames, passwords, and financial information if that data is saved on the Chrome browser, but not the Safari browser (the researchers didn’t examine Firefox or Microsoft’s Edge browser).
http://bit.ly/2Wq5feK
The Data Breach Next Door
Small incidents might pose an equally big problem for consumers. Privacy Rights Clearinghouse, an advocacy group, maintains a database of breaches going back to 2005 that lists 8,980 incidents. Of that total, 8,448—or 94 percent—affected fewer than 100,000 consumers.
http://bit.ly/2HFY4vS
Airbus data breach impacts employees in Europe
According to a press release published earlier today, Airbus said that "some personal data was accessed," but "mostly professional contact and IT identification details of some Airbus employees in Europe."
https://zd.net/2HIOKY2
Friday 2/1
IoT botnet used in YouTube ad fraud scheme
TheMoon botnet has evolved from being a DDoS cannon to being used for brute-force attacks, credential stuffing attacks, for advertising fraud, general traffic obfuscation, and more.
https://zd.net/2D0bQ6J
2019 State of Malware report: Trojans and cryptominers dominate threat landscape
Our 2019 State of Malware report is here, and it’s a doozy. In our research, which covers January to November 2018 and compares it against the previous period in 2017, we found that two major malware categories dominated the scene, with cryptominers positively drenching users at the back end of 2017 and into the first half of 2018, and information-stealers in the form of Trojans taking over for the second half of the year.
http://bit.ly/2Tq6qJp