This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On March 29, 2019

Monday 3/25

FEMA ‘major privacy incident’ reveals data from 2.5 million disaster survivors

The data mishap, discovered recently and the subject of a report by the Department of Homeland Security’s Office of Inspector General, occurred when the agency shared sensitive, personally identifiable information of disaster survivors who used FEMA’S Transitional Sheltering Assistance program, according to officials at FEMA. Those affected included the victims of California wildfires in 2017 and Hurricanes Harvey, Irma and Maria, the report said.

Facebook’s Password Breach Suggests the Public Sees Cybersecurity as Obsolete

The company acknowledged that as many as 600 million users’ passwords were stored in plain text and accessible to 20,000 employees, of which 2,000 made more than 9 million searches that accessed the passwords going back to 2012. Making matters worse, the company discovered the breach three months ago but was trying to keep it secret until a concerned whisleblower leaked details to KrebsOnSecurity, which forced the company to make a hasty admission on Thursday.

Gotham Technology Group is seeking a new Marketing Manager

Gotham Technology Group is seeking a Marketing Manager to join our team in Montvale, New Jersey. The Marketing Manager will be responsible for representing Gotham Technology Group and managing our technology partnerships. See the attached job description for more details.

Tuesday 3/26

Asus software updates were used to spread malware, security group says

The malware was disguised as a “critical” software update, distributed from Asus’ servers, and signed using a real Asus certificate that made it appear to be valid. Details of the hack were first revealed by Motherboard, and Kaspersky plans to release more details at an upcoming conference.

Hackers using steganography to spread Powload Malware: Research

Steganography is a technique used by attackers to hide malicious code within the image that is mainly employed by exploiting kits to hide their malvertising traffic. The attackers use a publicly available script called Invoke-PSImage that helps to embed malicious scripts in the pixels of a PNG file. Later, the attackers approach the victims via spam email campaigns that contain a document with an embedded malicious macro code.

Malware warning: Ransomware up, phishing down – and here’s how crooks are changing their tricks

Global malware volume is up for the third straight year, with security company SonicWall recording 10.52 billion malware attacks in 2018 via a network of one million sensors the company has deployed in its customers networks. Despite some efforts to thwart ransomware attacks, criminal groups are still spewing it out in an attempt to catch out the unwary or the unlucky.

Wednesday 3/27

How Hackers Are Able To Outsmart Sandboxes

Sandboxes have evolved, but so have hackers, creating new methods and technologies that can easily outclass the traditional sandbox. Delayed execution of malware, embedding malicious content in archive files or within links, encrypted data that calls malware -- all of these actions and more are virtually immune to sandbox inspection, and attackers that use these tricks can infiltrate a network and cause havoc.

These are the top ten security vulnerabilities most exploited by hackers

Applying the appropriate patches to operating systems and applications can go a long way to protecting organizations against of some the most commonly deployed cyber attacks, as can having some intelligence on the potential risks posed by cyber attackers.

Thursday 3/28

Cisco Releases Flood of Patches for IOS XE, But Leaves Some Routers Open to Attack

Cisco Systems issued 24 patches Wednesday tied to vulnerabilities in its IOS XE operating system and warned customers that two small business  routers (RV320 and RV325) are vulnerable to attack and that no patches are available for either. A total of 19 of the bugs were rated high severity by Cisco, with the others rated medium.

Citrix Virtual Apps and Desktops get UX, security upgrades

On security, the Citrix Virtual Apps and Desktops upgrades included two-factor authentication and configuration logging for admins, which enables them to keep a record of all administrative tasks performed within Citrix Virtual Apps and Desktops. Citrix is also in the process of deploying Virtual Apps and Desktops on Google Cloud, expanding the product line beyond Azure and AWS.

Microsoft Azure’s Expanded Hybrid Cloud Portfolio: 5 Things to Know

Microsoft announced expanded hybrid cloud offerings, unveiling Azure Stack HCI solutions for customers that want to run virtualized applications on hyperconverged infrastructure, and signaling the general availability of Azure Data Box Edge and Dell EMC Tactical Microsoft Azure Stack.

Friday 3/29

Nvidia patches code execution vulnerability in GeForce Experience

While the security issue cannot be activated remotely, being able to execute code without authorization can result in additional malware payloads being deployed on impacted machines. Depending on the environment in which the software is operating, such as on a network, exploiting this single flaw could result in multiple machines becoming vulnerable to attack.

McAfee Unveils Integration with Microsoft Teams to Secure and Manage Collaboration in the Cloud

McAfee MVISION Cloud for Microsoft Teams nicely complements Team’s capabilities by using a frictionless API-based cloud-native approach that allows IT teams to seamlessly enforce data loss prevention (DLP) policies and collaboration controls, contextual access control, address threats from insiders and compromised accounts, audit all user activity and secure corporate data as users collaborate in the cloud.

Windows security: Microsoft Defender AV can now stop malware from disabling it

The new feature can be enabled from within the Windows Security app under a new toggle simply called 'Tamper Protection'. The feature stops malware from changing core settings such as real-time protection, a feature that Microsoft says "should rarely, if ever, be disabled".

Cloud Provider Microsoft Azure Rolls Out Security Center for IoT

Microsoft Azure announced Azure Security Center for IoT, which provides hybrid cloud security management and threat protection capabilities to help its manufacturing customers monitor the security status of their Azure-connected Internet of Things devices used in industrial applications. The cloud provider’s new offering is designed to make it easier for partners and customers to build enterprise-grade industrial IoT solutions with open standards and ensure their security.