This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On April 19, 2019

Monday 4/15

CyberArk Named Top Security Solution for Government Agencies

CyberArk is recognized as the premier cybersecurity solution for government agencies and organizations to protect against the exploitation of privileged accounts, credentials and secrets across every environment – including on the endpoint and across on-premises, hybrid cloud and DevOps environments.

‘Exodus’ spyware posed as a legit iOS app

Once installed, Exodus could access photos, videos, device IDs, audio recordings, and contacts on target devices, while also potentially tracking a victim's location and listening to their conversations through the iPhone or iPad's microphone.

Microsoft discloses security breach that impacted some Outlook accounts

According to Microsoft, between January 1, 2019, and March 29, 2019, a hacker, or group of hackers, compromised the account of a Microsoft support agent, one of the company's customer support representatives that handles technical complaints.

Wednesday 4/17

VPN Applications insecurely store session cookies

Multiple Virtual Private Network (VPN) applications store the authentication and/or session cookies insecurely in memory and/or log files. If an attacker has persistent access to a VPN user's endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods.

Cloudy with a Chance of Security Breach

Information on private networks hosted in a public cloud is not safe. This is because private networks, even without access to the Internet, are still able to communicate with it via DNS. Most of the time, no specific configuration is required to get full DNS access from the workloads pushed onto public cloud infrastructures. As a result, DNS tunneling, DNS file systems, and data exfiltration are possible on most public cloud providers by default.

Citrix Introduces SD-WAN for Google Cloud Platform

If you’ve decided to use Google Cloud Platform (GCP), Citrix has good news for you. Providing more freedom in cloud choice than ever before, we’re now offering an easy on-ramp to GCP with our virtual SD-WAN appliance, available in the GCP Marketplace. This delivers all the advantages of Citrix SD-WAN and enables you to confidently extend your network to the cloud.

Thursday 4/18

Ubiquitous Bug Allows HIPAA-Protected Malware to Hide Behind Medical Images

A bug in a 30-year-old standard used for the exchange and storage of medical images has been uncovered; it allows an adversary to embed fully-functioning executable code into the image files captured by medical devices such as CT and MRI machines.

Cisco warns over critical router flaw

Cisco has disclosed 29 new vulnerabilities and is warning customers using its ASR 9000 Series Aggregation Services Routers to install an update to address a critical flaw that can be exploited remotely without user credentials.

How to Defend Your Organization Against Fileless Malware Attacks

The general thrust of how to combat fileless malware begins with making sure your Windows computers are patched and up to date. Since one of the first tenets of threat actors is taking advantage of unpatched, older systems, to delay patch management is to introduce a vulnerability into your network.

Malvertising campaign abuses Chrome for iOS bug to target iPhone users

The bug allows malicious code hidden in online ads to break out of sandboxed iframes (a technology often used to load ad slots) and redirect the user to another site, or show an intrusive popup on top of a legitimate site.

Friday 4/19

Facebook admits to storing plaintext passwords for millions of Instagram users

Facebook admitted today to storing the passwords of millions of Instagram users in plaintext format in internal server logs. Facebook states an internal investigation revealed that none of these plaintext passwords were abused by employees.

New Baldr information stealer could target businesses

Information stealer is a type of malware that typically operates in a grab-and-go mode. It gathers data from a victim computer to send it to the attacker and typically targets credentials used in online banking services, social media sites, emails or FTP accounts, according to Malwarebytes.

Arctic Wolf Networks Achieves ISO 27001 Certification

The scope of the ISO/IEC 27001:2013 certification includes Arctic Wolf Networks’ Information Security Management System (ISMS) and encompasses the in-scope applications, systems, people, and processes that support AWN CyberSOC. The AWN CyberSOC service demonstrates Arctic Wolf’s commitment to properly managing information to ensure customers are able to meet compliance standards through the combination of human expertise and machine intelligence, in order to effectively combat cyber threats.