This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On March 05, 2019

Monday 2/25

Phishing campaign attempts to spread a new brand of snooping malware

A series of spear-phishing attacks using fake emails with malicious attachments attempts to deliver a new family of malware, which researchers at Palo Alto Networks have identified and dubbed BabyShark. The campaign started in November and remained active at least into the new year.

Cisco HyperFlex Software Command Injection Vulnerability

A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user.

Mobile Malware on the Rise, Warns McAfee

McAfee pointed in particular to surging detections of mobile backdoor threats like TimpDoor – malware now twice as prevalent as its closest competitor – along with a sharp spike in the number of “fake” apps it noted towards the end of 2018, including trojans.

Tuesday 2/26

7 mobile security threats you should take seriously in 2019

While it's easy to focus on the sensational subject of malware, the truth is that mobile malware infections are incredibly uncommon in the real world — with your odds of being infected significantly less than your odds of being struck by lightning, according to one estimate. The more realistic mobile security hazards lie in some easily overlooked areas, all of which are only expected to become more pressing as we make our way through 2019.

CyberArk Named Best Privileged Access Security Solution

The CyberArk Privileged Access Security Solution is the industry’s most comprehensive solution for protecting against the exploitation of privileged accounts, credentials and secrets anywhere – across on-premises, cloud and DevOps environments, and on the endpoint. CyberArk helps eliminate the most advanced cyber threats by identifying existing credentials across networks, locking them down, and leveraging continuous monitoring to detect and isolate anomalous behavior to stop attacks early on.

Security Bulletin: NVIDIA GPU Display Driver – February 2019

NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to denial of service, escalation of privileges, code execution, or information disclosure.

Wednesday 2/27

Hackers Can Slip Invisible Malware into ‘Bare Metal’ Cloud Computers

On Tuesday, researchers at the security firm Eclypsium published the results of an experiment in which they showed that they could, for a certain class of cloud computing servers, pull off an insidious trick: They can rent a server from a cloud computing provider—they focused on IBM in their testing—and alter its firmware, hiding changes to its code that live on even after they stop renting it and another customer rents the same machine.

74% Of Data Breaches Start With Privileged credential Abuse

Attackers are increasingly logging in using weak, stolen, or otherwise compromised credentials. Centrify’s survey underscores how the majority of organizations’ IT departments have room for improvement when it comes to protecting privileged access credentials, which are the ‘keys to the kingdom.’

UConn health notifies up to 326,000 patients of data breach

A third party illegally gain access to several employee email accounts. As many as 326,000 patients were potentially affected by the attack, according to local news station WFSB. UConn Health discovered the email accounts were attacked on Dec. 24, 2018. The email accounts contained names, dates of birth, addresses and limited medical information, such as billing and appointment information. Of the patients affected, 1,500 also have their Social Security number at risk.

Thursday 2/28

Cisco: Patch routers now against massive 9.8/10-severity security hole

The vulnerability allows any attacker with any browser to execute code of their choice via the web interface used for managing Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. The networking giant has assigned the bug, tagged as CVE-2019-1663, with a severity score of 9.8 out of a possible 10 under the Common Vulnerability Scoring System (CVSS).

Farseer malware brings Windows exploits to attack group’s Android arsenal

Generally focused on smartphones, the hackers have now expanded their horizons with the launch of Farseer. The malware is spread through phishing campaigns and malicious .PDF files which employ social engineering tactics through the copy-and-paste of news articles sourced through a Myanmar website.

Symantec Boosts Tech Integrations With Data Exchange, Startup Help

The ICD Exchange standardized APIs, EVP and enterprise products GM Art Gilliland said, making it possible for technology partners to develop and deliver value to customers faster. With the ICD Exchange, Gilliland said products and systems from different vendors end up using the same language to understand what's happening in an environment.