Monday 6/10
Enterprise under attack: Dark web cyber criminals sell hacking tools aimed at business
In many cases, attackers are specifically advertising their products as a means of compromising enterprises. For example, researchers found listings for Nuke malware being advertised in this way – a particularly worrying example because of how destructive it can be.
https://zd.net/2KGR2XA
Interns and Social Media: A Goldmine for Hackers
Through my experiences, I’ve learned the best spots to search for intel that will help me break into a company. Social media is a goldmine. About 75 percent of the time, a social media search turns up the information I’m seeking within just a few hours.
https://ibm.co/2IAIQFH
The Endless Scourge of Malicious Email
According to Verizon’s 2018 Data Breach Investigations Report, email is the number one vector for both malware distribution (92.4 percent) and phishing (96 percent). Attackers know that, unfortunately, this channel just works.
http://bit.ly/2WuzVKO
Tuesday 6/11
The Network Gets Smarter, Simpler and More Secure with Artificial Intelligence and Machine Learning
To help customers simplify the unprecedented complexity of modern IT, Cisco is building an architecture that spans every domain of the intent-based network -- campus, branch, WAN, IoT, data center and cloud.
https://prn.to/2MGABNr
Check Point Introduces 16000 and 26000 Series Security Gateways That Deliver Terabit-Per-Second Threat Prevention
This nearly limitless scalability enables cloud-level resilience and reliability along with Terabit/second firewall throughput, allowing organizations to support 5G network high data rates and ultra-low latency while securing the most demanding network computing workloads.
http://bit.ly/2KI2cLF
Cryptocurrency hackers sneak malware into Oracle Servers to mine Monero
Security researchers have identified yet another cryptocurrency mining malware. This time it’s installing itself on enterprise application servers, and using a clever trick to remain hidden. If that wasn’t enough, the malware has already claimed its first major victim: Oracle servers.
http://bit.ly/2Zrd70v
Wednesday 6/12
This unsual Windows malware is controlled via a P2P network
It is the first malware found in the wild that is using IPFS' p2p network for its command and control communication. By using a legitimate p2p network, the malware can hide its network traffic among legitimate p2p network traffic.
https://zd.net/2F5w8xo
Microsoft Power Platform update aims to put AI in reach of business users
“The basic idea is that you can select any field in the Common Data Service and just say, ‘I want to predict this field.’ Then we’ll actually go look at historical records for that same table or entity to go predict [the results],” explained Charles Lamanna, general manager at Microsoft.
https://tcrn.ch/2wQLXUu
Thursday 6/13
FIN8 Group Returns, Targeting POS Devices With Malware
As with previous hacking attempts, this new attack started with a spear-phishing campaign that would allow the FIN8 group to install the ShellTea malware backdoor into a victim's network in an effort to steal data from POS devices.
http://bit.ly/2WHzSLS
Cybercriminals Target Americans Planning Summer Vacations to Mexico and Other Destinations
Two in five (40%) Americans put their companies at risk of cyberattacks by using their work devices while travelling and connecting to unsecure Wi-Fi networks.
http://bit.ly/2ZnPxRX
Latest Mirai Malware Variant Contains 18 Exploits, Focuses on Embedded IoT Devices
Researchers suggested that cybercriminals working with the Linux open-source operating system are trying to take over an increasingly wide range of IoT devices and use them to run distributed denial-of-service (DDoS) attacks.
https://ibm.co/2IDqq7d
Friday 6/14
STEALTHbits Delivers Important Enhancements to Active Directory and LDAP Auditing Functionality in the Latest Release of StealthINTERCEPT
“Version 6.1 introduces new capabilities to help further filter out excessive, inconsequential noise activities, as well as pinpoint specific scenarios like applications leveraging unsecured LDAP protocols and inefficient queries that can be optimized to reduce unnecessary load on Domain Controllers,” said Rod Simmons, STEALTHbits’ VP of Product Strategy – Active Directory.
https://yhoo.it/2X7DvyD
Cisco alert: Patch this dangerous bug open to remote attacks via malicious ads
This newly disclosed issue, tracked as CVE-2019-1904, can be exploited by a remote attacker using a cross-site request forgery (CSRF) attack on affected systems.
https://zd.net/31wMQzo
New Echobot malware adds exploits, targets enterprise apps
A new version of the Echobot malware, which is tied to the Mirai IoT botnet, has surfaced and includes exploits for eight more vulnerabilities than previous versions, some of which may be unpatched by the affected vendors. The new variant also strays from the path of older versions by targeting not just embedded devices, but also enterprise applications.
https://duo.sc/2X8Huv7