This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On February 22, 2019

Monday 2/18

Symantec Improves Email Security With Fraud Protection

Jane Wong, vice president of Engineering and Product Management, explained that Symantec Email Security protects customers from email attacks by blocking threats such as phishing, malware, spam and BEC; Email Fraud Protection helps customers automate implementation of sender authentication standards such as DMARC, DKIM and SPF.

Detected Cryptojacking Prompts Microsoft to Remove Eight Free Apps from Microsoft Store

The applications — which were marketed as part of the top free app listings on the Microsoft Store — reportedly included “a computer and battery optimization tutorial, internet search, web browsers, and video viewing and download”. Upon closer investigation, Symantec has proposed that all eight apps have in fact likely been developed by the same person or group, rather than by three distinct entities.

The Pentagon Doubles Down on AI – And Wants Help From Big Tech

The plan depends on the Pentagon working closely with the tech industry to source the algorithms and cloud computing power needed to run AI projects. Federal contracting records indicate that Google, Oracle, IBM, and SAP have signaled interest in working on future Defense Department AI projects.

Tuesday 2/19

Gotham Technology Group is excited to announce that we have been named to the Security 100 of CRN’s 2019 Managed Service Provider 500 list based on our off-premises and cloud-based security service offerings. This annual list recognizes North American solution providers with innovative approaches to managed services. 
A huge thanks to The Channel Co and CRN and congratulations to all the others named to the list.

This malware turns ATM hijacking into a slot machine game

On Tuesday, the Kaspersky Labs cybersecurity team explored the emergence of WinPot, an ATM hijacking malware family that first appeared in underground forums in March 2018. While simple in its core functionality, WinPot -- named internally by Kaspersky as ATMPot -- is designed to compromise the ATMs of an unnamed but popular vendor and force these machines to empty their cassettes of all funds.

Wednesday 2/20

Hard-to-detect credential-theft malware has infected 1,200 and is still going

Over the past few weeks, Separ has returned with a new version that has proven surprisingly adept at evading malware-detection software and services. The source of its success: a combination of short scripts and legitimate executable files that are used so often for benign purposes that they blend right in.

Fast Company Names FireEye One of the World’s Most Innovative Companies

FireEye has a unique advantage that no other security company can match. For 15 years, the company has been gathering insights on the front lines of cyber security. Today, its team of more than 3,200 employees includes more than 700 highly experienced threat researchers, platform engineers, malware analysts, intelligence analysts and investigators. This real-time threat intelligence and expertise is built into FireEye products and enables FireEye to provide the best line of defense against cyber threats.

Pure Storage makes flash, cloud case to replace tape backup

Pure Storage launched a data protection and recovery system designed for flash and cloud environments called ObjectEngine. The aim of ObjectEngine is to unify cloud and on-premise infrastructure to provide fast data recovery and backup.

Thursday 2/21

Nasty code-execution bug in WinRAR threatened millions of users for 14 years

The vulnerability was the result of an absolute path traversal flaw that resided in UNACEV2.DLL, a third-party code library that hasn’t been updated since 2005. The traversal made it possible for archive files to extract to a folder of the archive creator’s choosing rather than the folder chosen by the person using the program. Because the third-party library doesn’t make use of exploit mitigations such as address space layout randomization, there was little preventing exploits.

Cisco patches a couple of root access-granting security flaws

The two root access-granting bugs impact Cisco HyperFlex, a piece of software for linking data centers together for easier data and resource sharing. The most critical of the two flaws is the one tracked under the identifier of CVE-2018-15380, which also has a severity rating of 8.8 on a scale of 1 to 10.The third vulnerability (CVE-2019-1662) that we chose to highlight for this article impacts Cisco's Prime Collaboration Assurance (PCA) software, one of the company's many team collaboration suites.

STEALTHbits Launches Purpose-Built Active Directory Threat Detection & Response Platform

StealthDEFEND v2.0 features support for 15 new Active Directory attack tactics, techniques, and procedures (TTP), additional response playbook actions, and contextual resource tagging for enhanced risk profiling. This allows organizations to prevent attackers from compromising Active Directory, the most critical service within virtually any organization.

Friday 2/22

Symantec Warns of Shifting Threat Landscape as Formjacking Risk Grows

The 61-page report reveals a number of changes in the threat landscape, including a move toward an attack known as formjacking, where hackers take over online forms and steal user information, including payment card details. The report also outlines the changing landscape for ransomware attacks, which are on the decline overall, though ransomware attacks against enterprises are on the rise.

Ivanti Environment Manager Extends Cache Roaming Capabilities to Accelerate Office 365 Adoption and User Experience on Virtual Desktops

This enterprise-scale solution delivers flexibility and granular control while offering deep integration with Office 365 Profile Management to uniquely enable the native coupling of roaming cached Outlook data with the Personalization of the user's default Outlook Profile and all other aspects of the user desktop.