Monday 6/17
This data-stealing malware has returned with new attacks and nasty upgraded features
The new version of Scranos comes with an updated infection technique based around a fake application called CClear. It's based on the legitimate and widely used system optimisation application CCLeaner and is advertised as carrying out similar functionalities.
https://zd.net/2ZjaIVs
AMCA data breach has now gone over the 20 million mark
Exposed data included names, home addresses, phone numbers, dates of birth, Social Security numbers, payment card details, and bank account information
https://zd.net/2Fcs8eU
Streaming Video Fans Open to TV Hijacking
A suite of critical remote code-execution vulnerabilities in a streaming TV platform could expose entire databases of subscribers’ personal info and financial details – and could open the door to attackers hijacking the service, streaming any content they wish to customer screens.
http://bit.ly/31ERrji
8 Biggest Microsoft Azure Security Issues You Need To Know About
From focusing more heavily on applications than infrastructure to having more customers with data that’s private and inaccessible over the internet, here are eight of the biggest Microsoft Azure security issues solution providers are grappling with.
http://bit.ly/2Ko2W9a
Tuesday 6/18
Houdini malware targets victims with keylogger, online bank account theft tools
The payload first communicates with its command-and-control (C2) server, controlled by the attacker, to request three additional .tar.gz files. These files, however, are actually PE32 executables which provide the Trojan with a Windows keylogger, a mail credential viewer, and a browser credential viewer module.
https://zd.net/2RjotRa
How fraudulent domain names are powering phishing attacks
The proliferation of alternative, "generic" TLDs—such as .app and .online—as well as the ability to register domain names using non-latin characters are enabling phishing attacks, according to the 2019 Proofpoint Domain Fraud Report.
https://tek.io/2WRvBoR
Wednesday 6/19
EatStreet food ordering service discloses security breach
For customers who ordered food through the EatStreet app and website, information the hacker might have accessed or stolen included names, credit card numbers, expiration dates, card verification codes, billing addresses, email addresses, and phone numbers.
https://zd.net/2IqPnnu
Samsung TVs should be regularly virus-checked, the company says
Security advisers disagreed with Samsung’s warning saying the tweet was “pointless advice”. “There is a tiny number of known malware that might attack a TV,” said security expert Ken Munro. He continued, “A better solution would be for Samsung to automatically update its operating system for you.”
https://bbc.in/2Xl4DdL
New Plurox malware is a backdoor, cryptominer, and worm, all packed into one
Despite being in early testing, Plurox has some pretty advanced features and can act as a backdoor into infected enterprise networks, can spread laterally to compromise even more systems, while also possessing the ability to mine cryptocurrencies using one of eight different plugins.
https://zd.net/2NcA5XZ
Thursday 6/20
Google Announces Security Flaw That Could Let an Attacker Access Your Device
According to Google, "it is possible for an attacker who is physically close to you at the moment you use your security key to (a) communicate with your security key, or (b) communicate with the device to which your key is paired."
http://bit.ly/2Rr8JMc
Cisco critical-flaw warning: These two bugs in our data-center gear need patching now
Cisco's Digital Network Architecture (DNA) Center appliance has once again been found to be vulnerable to an authentication bypass, which could allow an "adjacent" attacker to skip authentication and cause damage to an organization's critical internal services.
https://zd.net/2N18g4z
How AI-enhanced malware poses a threat to your organization
By determining what AI-powered security software looks for when trying to identify malware, cybercriminals can adapt their payloads to more easily avoid detection. Malware writers could even dirty their samples to trick the AI into flagging legitimate files as malware, thus triggering a lot of false positives.
https://tek.io/2Rq7vAs
Friday 6/21
The Mixed Blessing of Subscription-Based Pricing
On the customer side, they often talk about subscription as a more agile buying style where they only pay for things that create value, when they create value. This is obviously completely at odds with the manufacturer’s “locked-in” concept. They may even be open to paying a little more for this agility but there’s no reason to pay more and not have any flexibility.
http://bit.ly/2WXbACc
New Bird Miner malware targets Mac pirates
Hiding a miner in a bootable image is somewhat stealthy, but the researchers say that given the hefty footprint of the malware and the choice to emulate rather than run as native code, Bird Miner "shoots itself in the foot, stealth-wise."
https://zd.net/2Xo0ANT
Firefox 0-day used to deliver netwire Mac malware
The vulnerability is a type confusion bug that occurs when Firefox handles some JavaScript objects. Mozilla patched the flaw on June 18 in Firefox 67.0.3, but by then it was already being used in targeted attacks. One of those attacks hit some employees of Coinbase, a cryptocurrency exchange, and the security team there was able to detect the attacks and figure out what was going on.
https://duo.sc/2FpgyNz