This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On April 26, 2019

Monday 4/22

Popup enlarges at the last second so users click on ads instead of ‘Close’ button

When the user moves his mouse to close the popup, CSS code from that page will expand the popup and move the ad in the cursor's path, so any click on the close button will actually land on the ad instead.

How to prevent rootkit-enabled malware Scranos from harming your organization

Scranos cloaks itself as cracked software or apps that pose as legitimate programs, such as ebook readers, video players, drivers, and even security products. Upon execution, a rootkit driver is installed to hide the malware. Scranos then contacts the command and control centers to trigger the download of other components.

Doctor-services firm says private data of patients exposed

Company representative Aliese Polk said the breached employee email accounts contained personal information on fewer than 60,000 people, including about 31,000 patients. The company, based in Plantation, Florida, says it doesn’t know if the personal information was taken, and there’s no indication it was used for fraud or identity theft.

Tuesday 4/23

Symantec joins DoD’s Defense Industrial Base Cybersecurity program

Cybersecurity company Symantec announced it has become a member of the United States’ Department of Defense’s (DOD) Defense Industrial Base (DIB) Cybersecurity (CS) program. The DIB CS program is a voluntary cyber threat information-sharing initiative established by the DOD to enhance and supplement DIB participants’ capabilities to mitigate cyber attacks.

Debunking the Myths and Reality of Artificial Intelligence

Unfortunately, with confusing and conflicting messages about what AI can and can’t do, it is challenging for industry leaders to distinguish between facts and fiction in the rapidly crowded and noisy ecosystem of enthusiasts, platform vendors, and service providers.

Source code of Carbanak Trojan found on VirusTotal

The source code of one of the world's most dangerous malware strains has been uploaded and left available on VirusTotal for two years, and almost nobody has noticed. It was discovered by security researchers from US cyber-security firm FireEye, analyzed for the past two years, and made public today, so other members of the cyber-security community can also benefit from the company's finding.

Wednesday 4/24

Supply Chain Hackers Snuck Malware into Videogames

Now researchers have uncovered evidence that the same hackers who targeted Asus with that sort of supply chain hack earlier this year have also targeted three different videogame developers—this time aiming even higher upstream, corrupting the programming tools relied on by game developers.

Google File Cabinet Palys Host to Malware Payloads

Cybercriminals are now using File Cabinet to upload malware to websites and send the links to victims via phishing emails. Victims who click the links — which are displayed with Google URLs — are taken to attackers' websites. There, they are presented with a malicious executable, typically a PDF disguised as a guesthouse or hotel reservation.

Thursday 4/25

Cisco: DNSpionage attack adds new tools, morphs tactics

Talos researchers said they discovered that DNSpionage added a reconnaissance phase, that  ensures the payload is being dropped on specific targets rather than indiscriminately downloaded on every machine. This level of attack also returns information about the workstation environment, including platform-specific information, the name of the domain and the local computer, and information concerning the operating system

A new cryptocurrency mining malware uses leaked NSA exploits to spread across enterprise networks

Security researchers at Symantec say they’ve seen a recent spike in a new malware, dubbed Beapy, which uses the leaked hacking tools to spread like wildfire across corporate networks to enslave computers into running mining code to generate cryptocurrency.

Data breach exposes up to 1.3M Georgia Tech faculty, students

The school disclosed the breach, its second in less than a year, on Tuesday, saying it feared the exposed information included names, addresses, social security numbers and birth dates.

Check Point launches new cloud security product

With CloudGuard Dome9, when a firm transitions to a public cloud, it can be used to visualize and assess the security state of a company, detect misconfigurations, implement the best security practices, and protect the company from data theft and data loss. This system is already used by Amazon Web Services, Microsoft Azure, and Google Cloud Platform.

Friday 4/26

Pure Storage buys Compuverde to put object storage on steroids

Organisations need to feed their new analytics applications or test future projects with real data. And to do this, they need data stored in object format to be as rapidly accessible as if it is in production SAN arrays, says Gabriel Ferreira a technical director at Pure Storage.

FINTEAM: Trojanized TeamViewer Against Government Targets

The attack, which starts with a malicious attachment disguised as a top secret US document, weaponizes TeamViewer, the popular remote access and desktop sharing software, to gain full control of the infected computer.