Monday 3/11
Windows malware: Slub taps Slack, GitHub to steal your info
The malware also exploits an even older Windows bug, CVE-2015-1705, a win32k.sys local elevation of privilege flaw that was found to be useful by targeted attackers because it could be used to bypass a Windows application's sandbox. Once a machine has been fully compromised, the backdoor uses a private Slack channel to check commands taken from 'gist' snippets hosted on GitHub, and then sends the commands to a private Slack channel controlled by the attacker.
https://zd.net/2HeqUlV
Citrix discloses security breach of internal network
In a short statement posted on its blog, Citrix Chief Security Information Officer Stan Black said Citrix found out about the hack from the FBI earlier this week. "On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that international cyber criminals gained access to the internal Citrix network," Black said.
https://zd.net/2UDd2o4
Financial Cyberthreats in 2018
The past year has seen a wide range of changes in the financial cyberthreats landscape, with new infiltration techniques, attack vectors and extended geography. But perhaps the most interesting thing to have happened is the changes in how people are victimized. With block chain and cryptocurrency now becoming popular, many new means of payment emerged on both on the white and black markets – attracting unwanted criminal attention.
http://bit.ly/2TwgGnu
Tuesday 3/12
Companies are leaking sensitive files via Box accounts
The problem lies with Box.com account owners who don't set a default access level of "People in your company" for file/folder sharing links, leaving all newly created links accessible to the public. If the organization also allows users to customize the link with vanity URLs instead of using random characters, then the links of these files can be guessed using dictionary attacks.
https://zd.net/2J4OZx1
The Top 7 Things to Know about Windows 7 End-Of-Life
The Windows 7 end-of-life deadline could be the tipping point. Microsoft’s end of support date for Windows 7 is now less than a year away, set for Jan. 14, 2020. While there are certainly some good reasons for businesses to migrate off Windows 7, Microsoft will provide two options for businesses to still receive security updates on Windows 7 past the January deadline.
http://bit.ly/2JmcS3F
McAfee Protects Against Suspicious Email Attachments
McAfee endpoint products use a combination of product features and content for increased agility. In McAfee Endpoint Security (ENS) 10.5+, such protection is enabled via the ‘Detect suspicious email attachments’ option and maintained through DAT content.
http://bit.ly/2u0s9wt
Wednesday 3/13
Symantec Mobile Threat Defense: Smarter Incident Classification
The amount of data and tools enterprise security professionals need to manage today is constantly growing, resulting in greater cyber security complexity. SEP Mobile’s smart content manipulation classification is a prime example of how we’re using innovative research, big data and proprietary technology to give security professionals threat accuracy and focus – so they can do their jobs better.
https://symc.ly/2J9i62h
Ivanti Cloud Unifies IT Operations and Security Processes So Organizations Can Quickly Discover, Gain Insights and Take Action
[Ivanti’s] new cloud-based platform unifies IT operations and security data and processes so organizations can quickly assess their environment and gain insights. Providing a real-time view into device analytics, the new cloud-based solution also offers prescriptive recommendations through Ivanti Smart Advisors, which provide prioritized, data-driven guidance for what to do next to help analysts be more effective.
https://prn.to/2F19nd8
WordPress shopping sites under attack
Hackers are targeting WordPress sites that use the "Abandoned Cart Lite for WooCommerce," a plugin installed on over 20,000 WordPress sites, according to the official WordPress Plugins repository. These attacks are one of those rare cases where a mundane and usually harmless cross-site scripting (XSS) vulnerability can actually lead to serious hacks.
https://zd.net/2XRH0XE
Thursday 3/14
New Android App Malware Infects 250 Million Downloads – Here’s What You Need To Know
Check Point Research has uncovered two large-scale malware campaigns that have infected Android apps with more than 250 million downloads in total. The first campaign, dubbed SimBad as many of the infected apps were simulator games, infected 210 apps found in the official Google Play Store.
http://bit.ly/2XQURxk
FireEye Wins Best Email Security Solution at 2019 SC Awards
Email is a favorite attack vector for distributing malware. Bad actors are continually adapting their techniques to improve their ROI. In the past year, FireEye has observed a shift from malicious attachments or code to malware-less threats such as spear phishing emails wrapped in impersonation packages. FireEye Email Security counters both breeds of threats, not only blocking attachments weaponized with malware, but also seeking and destroying fraudulent wire transfer requests, URL links to credential phishing sites, and other social engineering and impersonation techniques.
http://bit.ly/2JdL1m9
This banking malware just returned with new sneaky tricks to steal your data
Researchers have uncovered a new, previously undocumented version of Ursnif which applies different, stealthier infection tactics than other campaigns. This includes what researchers refer to as "last minute persistence" - a means of installing the malicious payload which tries to ensure a lower chance of being uncovered.
https://zd.net/2Fb3BqY
Friday 3/15
A new rash of highly covert card-skimming malware infects ecommerce sites
Researchers on Thursday revealed that seven sites—each with more than 500,000 collective visitors per month—have been compromised with a previously unseen strain of sniffing malware designed to surreptitiously swoop in and steal payment card data as soon as visitors make a purchase.
http://bit.ly/2HB2tOM
‘100 unique exploits and counting’ for latest WinRAR security bug
In a report published yesterday, US cyber-security firm McAfee described the latest of these campaigns, one using an Ariana Grande lure to trick users into opening booby-trapped archives that plant malware on their systems. All in all, McAfee experts say they've seen "100 unique exploits and counting" that used the WinRAR vulnerability to infect users.
https://zd.net/2TOeAP7
70% Of Android Antivirus Apps Are Fake, Won’t Detect Malware
The report said out of 250 apps tested, only 80 qualified the basic benchmark of 30 percent detection of malware during individual tests. 170 of the 250, Android antivirus apps failed the basic tests and turned out to be a sham. Most of the apps tested were enjoying a score of 4 and above on the Google Play Store reviews.
http://bit.ly/2O4m7nJ