This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On November 16, 2018

Monday 11/12

Security Breach at Nordstorm exposed sensitive employee data

Seattle-based retailer Nordstrom is notifying employees of an information-security breach that exposed their names, Social Security numbers, dates of birth, checking account and routing numbers, salaries and more.

U.S. Cyber Command Shares Malware Samples To Help Thwart Bad Actors

In a brief media release, USCYBERCOM stated that it plans to “share unclassified malware samples it has discovered that it believes will have the greatest impact on improving global cybersecurity.”

This banking malware just added password and browser history stealing to its playbook

The execution goes through a number of processes, culminating in PowerShell being executed to download a final payload from a fake Microsoft Office Excel address. This payload - pointer.exe - is TrickBot itself, which is listed as ""pointes.exe" once installed.

Tuesday 11/13

Hackers hide cryptocurrency mining malware in Windows installation files

“The malware arrives on the victim’s machine as a Windows Installer MSI file, which is notable because Windows Installer is a legitimate application used to install software,” the report reads. “Using a real Windows component makes it look less suspicious and potentially allows it to bypass certain security filters.”

Cisco updates SD-WAN portfolio with new security features

Among the key updates, Cisco said it's integrating application-aware enterprise firewall, intrusion prevention, and URL filtering into Cisco SD-WAN devices, whether Meraki or Viptela. Cisco is also integrating SD-WAN with Cisco Umbrella in an effort to make it easier for customers to block malicious destinations before a connection is established.

Why WannaCry ransomware is still a threat

Over 18 months after it first caused chaos by encrypting hundreds of thousands of PCs around the world, WannaCry ransomware is very much still alive, with the percentage of infection attempts actually higher than it was this time last year

Wednesday 11/14

FASTCash: How the Lazarus Group is Emptying Millions from ATMs

The operation, known as “FASTCash”, has enabled Lazarus to fraudulently empty ATMs of cash. To make the fraudulent withdrawals, Lazarus first breaches targeted banks’ networks and compromises the switch application servers handling ATM transactions.

Microsoft Resumes Windows 10 October 2018 Rollout

On Tuesday, Microsoft executive John Cable announced that the October 2018 Update rollout is now starting back up—which includes the re-release of the commercial version of the update. Cable said the company investigated "isolated reports of users missing files after updating" and has resolved the related issues with the update

This remote access Trojan just popped up on malware’s most wanted list

But for the first time ever, October saw the FlawedAmmyy RAT scrape into the top ten most detected malware threats in tenth place -- making it the first remote access trojan to make the list.

Thursday 11/15

Symantec Honored for its Collaboration with Leading Industry Group to Protect Against Business Email Compromise Scams

Symantec Corp. has been recognized for its work with the Business Email Compromise (BEC) List as a recipient of the annual 2018 JD Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG). The JD Falk Award honors an outstanding innovative project that protects internet security and embodies the spirit of volunteerism and community building.

Ivanti simplifies Endpoint software Distribution with Ivanti Package Studio

Ivanti Package Studio provides a 'Setup Store' which contains ready-to-use setups for most typical Windows desktop applications. These can be downloaded and configured automatically and deployed using Ivanti Unified Endpoint Manager.

With 100+ New Features – R80.20 Cyber Security Management is Here

With new, innovative AI engines – dubbed Cadet, Campaign Hunting, and Huntress – R80.20 boasts triple the threat prevention accuracy, with a higher catch rate and lower false positives.

Friday 11/16

Citrix pays $200M to acquire Sapho, which connects legacy software with ‘micro apps’

Citrix today is announcing that it has acquired Sapho, a startup that develops “micro apps” for legacy software so that workers could use them as they would more modern applications: in the cloud, on mobile and more.

Massive Data Leaks Keep Happening Because Big Companies Can Afford to Lose Your Data

The 2018 Cost of a Data Breach Study from the Ponemon Institute and IBM pegs average costs per data breach globally at $3.86 million, including IT expenses, insurance, notification, and lost customers and business. In the US, the average is $7.91 million.