This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On February 15, 2019

Monday 2/11

Microsoft: Improved Security features are delaying hackers form attacking Windows users

New features have made it much harder for mundane cybercrime operations to come up with zero-days or reliable exploits for newly patched Microsoft bugs, reducing the number of vulnerabilities exploited at scale.

Citrix Cloud comes to Cisco HyperFlex

Customers who want to take advantage of the benefits of moving the Citrix control plane to the cloud and have Citrix manage the environment as a service from the cloud, all while keeping their critical apps and data securely on HyperFlex in the data center, can deploy everything in a matter of hours with just a few clicks.

Check Point Refining Its Security Offerings to Meet Evolving Demands

With the arrival of powerful smartphones starting with Apple's iPhone in 2007, the explosive growth of cloud computing, and with the continuing spread of mobile computing, internet of things devices and other new technologies, Check Point has been facing fast-moving customer demands and technology changes that are helping to define its next moves.

Tuesday 2/12

New Security Flaw Targets Kubernetes, Docker RunC Container Runtime

The vulnerability allows malicious containers to overwrite the host and gain root-level code execution on the host machine. The flaw affects runC, an open-source tool for spawning and running containers used by programs such as Docker, Kubernetes, containerd, Podman, and CRI-O.

Now this Android spyware poses as a privacy tool to trick you into downloading

First uncovered in August last year, Triout malware collects vast amounts of information about victims by recording phone calls, monitoring text communications, stealing photos, taking photos, and even collecting GPS information from the device, allowing the user's location to be tracked.

Hackers wipe US servers of email provider VFEmail

"At this time, the attacker has formatted all the disks on every server," VFEmail said yesterday. "Every VM is lost. Every file server is lost, every backup server is lost."

Wednesday 2/13

Symantec Buys Startup Luminate Security To Aid Application Defense

Symantec’s acquisition of-based cybersecurity startup Luminate Security will make it possible to deliver private secure application access, granting user connections only to the specific applications and resources for which they are authorized.

Researchers hide malware in Intel SGX enclaves

Until today, the only known vulnerabilities impacting SGX enclaves had been side-channel attacks that leaked the data being processed inside an enclave, revealing an app's secrets. But in a research paper published today, security researchers showed that SGX enclaves could be used as a place to hide undetectable malware.

New macOS security flaw lets malicious apps steal your Safari browsing history

A bug in a developer API allows malicious apps installed on macOS Mojave to gain access to a normally protected folder from where attackers can extract Safari browsing history data. The bug affects all known macOS Mojave versions.

Thursday 2/14

Dirty Sock vulnerability lets attackers gain root access on Linux systems

In technical jargon, Dirty Sock is a local privilege escalation flaw that lets hackers create root-level accounts. The actual vulnerability isn't in the Ubuntu operating system itself, but in the Snapd daemon that's included by default with all recent Ubuntu versions, but also with some other Linux distros.

Friday 2/15

What is a man-in-the-middle attack? How MitM attacks work and how to prevent them

MitM attacks consist of sitting between the connection of two parties and either observing or manipulating traffic. This could be through interfering with legitimate networks or creating fake networks that the attacker controls. Compromised traffic is then stripped of any encryption in order to steal, change or reroute that traffic to the attacker’s destination of choice (such as a phishing log-in site).

New Shlayer Malware Variant Targeting Macs

Victims are directed to rogue Flash Player update warnings through compromised legitimate websites and malicious advertisements. This means the distribution campaigns are more aggressive and widespread and no longer target just users who are actively looking to download content through BitTorrent sites.

Windows App Runs on Mac, Downloads Info Stealer and Adware

We found EXE files in the wild delivering a malicious payload that overrides Mac’s built-in protection mechanisms such as Gatekeeper. This routine evades Gatekeeper because EXE is not checked by this software, bypassing the code signature check and verification since the technology only checks native Mac files.