This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On February 01, 2019

Monday 1/28

This Trojan infects Chrome browser extensions, spoofs searches to steal cryptocurrency

The main thrust of the malware is its capability to steal cryptocurrency. Razy focuses on compromising browsers, including Google Chrome, Mozilla Firefox, and Yandex. Different infection vectors are in place depending on the type of browser found on an infected system.

Bypassing Network Restrictions Through RDP Tunneling

FireEye has observed threat actors using native Windows RDP utilities to connect laterally across systems in compromised environments. Historically, non-exposed systems protected by a firewall and NAT rules were generally considered not to be vulnerable to inbound RDP attempts; however, threat actors have increasingly started to subvert these enterprise controls with the use of network tunneling and host-based port forwarding.

Hackers are going after Cisco RV320/RV325 routers using a new exploit

Security researchers have observed ongoing internet scans and exploitation attempts against Cisco RV320 and RV325 WAN VPN routers, two models very popular among internet service providers and large enterprises.

Tuesday 1/29

Researchers find a new malware-friendly hosting site after a spike in attacks

Deep Instinct analysts say in new findings out Tuesday that the resurgence in FormBook malware, used as part of password and information stealing campaigns currently targeting the retail and hospitality sectors, can be traced back to the newly discovered malware-friendly site that hosts the second-stage dropper used to infect a computer with malicious code after the user opens a booby-trapped document.

McAfee Advises Consumers that Weak Passwords, Phishing Scams and Malicious Apps Continue to Be a Threat

McAfee warns consumers that cybercriminals are continuing to access personal information through weak passwords, phishing emails, connected things, malicious apps and unsecure Wi-Fi networks. McAfee is committed to helping consumers take the necessary steps to protect what matters.

Cisco Data Center Goes Anywhere Your Data Is

Cisco is announcing a new architecture that extends the data center to everywhere that data lives and everywhere applications are deployed. To bring this “data center anywhere” vision to life, Cisco is introducing a range of innovations across networking, hyperconvergence, security and automation.

Wednesday 1/30

Matrix has slowly evolved into a ‘Swiss Army knife’ of the ransomware world

While initially, the Matrix authors used the RIG exploit kit to mass-distribute their ransomware in its early days, in 2016 and 2017, since early 2018, the ransomware has been exclusively spread in attacks against carefully selected high-value targets, usually by taking advantage of unprotected RDP (Remote Desktop Protocol) endpoints.

Cisco Brings Intent-Based Networking To The IoT Edge: 5 Things To Know

Intent-based networking makes it easier to scale and manage IoT networks, which can have as many as tens of thousands of devices in one company, by bringing automating key IT functions.

Thursday 1/31

Researchers Discover Malware That Targets Apple Mac Computers and Cryptocurrency Exchanges

CookieMiner lets hackers steal people’s digital cookies in both Apple Safari and Google Chrome browsers. Cryptocurrency exchanges like Coinbase, Binance, and Bitstamp use cookies to temporarily track users who visit the sites. Additionally, the malware can steal a person’s saved usernames, passwords, and financial information if that data is saved on the Chrome browser, but not the Safari browser (the researchers didn’t examine Firefox or Microsoft’s Edge browser).

The Data Breach Next Door

Small incidents might pose an equally big problem for consumers. Privacy Rights Clearinghouse, an advocacy group, maintains a database of breaches going back to 2005 that lists 8,980 incidents. Of that total, 8,448—or 94 percent—affected fewer than 100,000 consumers.

Airbus data breach impacts employees in Europe

According to a press release published earlier today, Airbus said that "some personal data was accessed," but "mostly professional contact and IT identification details of some Airbus employees in Europe."

Friday 2/1

IoT botnet used in YouTube ad fraud scheme

TheMoon botnet has evolved from being a DDoS cannon to being used for brute-force attacks, credential stuffing attacks, for advertising fraud, general traffic obfuscation, and more.

2019 State of Malware report: Trojans and cryptominers dominate threat landscape

Our 2019 State of Malware report is here, and it’s a doozy. In our research, which covers January to November 2018 and compares it against the previous period in 2017, we found that two major malware categories dominated the scene, with cryptominers positively drenching users at the back end of 2017 and into the first half of 2018, and information-stealers in the form of Trojans taking over for the second half of the year.