This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On July 19, 2019

Monday 7/15

Shopping On Amazon Prime Day? Keep An Eye Out For Phishing Scams

Cybersecurity firm McAfee reported that a popular phishing kit, called 16Shop, has recently turned its attention to Amazon. While the kit has been designed to scam Apple customers, a modified version is now targeting Amazon shoppers just in time for one of the biggest shopping days of the year.

Citrix SD-WAN takes the fast path to the cloud

Citrix SD-WAN 11.0 is coming soon with new features for Microsoft, Palo Alto Networks, and Google Cloud deployments. SD-WAN 11.0 will combine application experience, security, and cloud choice with automation.

Stealthy TrickBot Malware Has Compromised 250 Million Email Accounts And Is Still Going Strong

At its core, TrickBot is a banking Trojan. The malware is typically distributed via spearphishing emails -- like bogus resumes sent to human resources or invoices sent to accounts staff. Those are typically attached in the form of weaponized Microsoft Word or Excel files.

Tuesday 7/16

FireEye Wins ‘Best Security Company of the Year’ Award

FireEye, Inc., the intelligence-led security company, announced that it has won the award for Best Security Company of the Year (more than 150 staff) at the 2019 Cyber Security Awards.

Attackers can exploit media files on WhatsApp and Telegram accounts: Symantec

Symantec stated the security flaw, dubbed Media File Jacking, affect WhatsApp for Android by default, and Telegram for Android if certain features are enabled. The flaw, if exploited, allows the attackers misuse and manipulate sensitive information like personal photos and videos, corporate documents, invoices, and voice memos.

Wednesday 7/17

How to Secure SharePoint

As SharePoint continues to grow, one of the largest areas of concern is around the security of the platform. A well designed, maintained, and governed SharePoint farm is usually a very safe environment, but often the data governance and data access plans are not executed in full, leaving gaps in the overall SharePoint security model.

Bluetooth exploit can track and identify iOS, Microsoft mobile device users

The vulnerability can be used to spy on users despite native OS protections that are in place and impacts Bluetooth devices on Windows 10, iOS, and macOS machines. This includes iPhones, iPads, Apple Watch models, MacBooks, and Microsoft tablets & laptops.

Symantec intros CloudSOC Mirror Gateway for enterprise cloud access security

New integrations in CloudSOC CASB Gateway allow for granular policy controls throughout a cloud session using adaptive multi-factor authentication via Symantec VIP or solutions from Symantec TIPP partner Okta.

Thursday 7/18

Malware framework creates one billion fake Google Adsense ad impressions in only a few months

The malicious extension will draw upon a number of different resources depending on which browser is in use. Adverts will be injected into browser sessions or scripts will generate traffic in the background without the knowledge of the victim.

Another 2.2 million patients affecyted by AMCA data breach

Clinical Pathology Laboratories (CPL) says 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information stolen in the previously reported breach.

Friday 7/19

Cryptojacking: The growing malware menace

Cryptojackers typically use the same methods and toolkits as other viruses, malware and other attacks in order to gain access to a corporate network: phishing and other spam email, web malware, malicious URLs, digital advertising networks, and the like.

Sprint Breach Via Samsung Website Exposes Customer Data

Information such as customers’ account Personal Identification Numbers (PINs) may have been compromised, however credit card and social security numbers are encrypted and were not compromised.

AI, quantum computing and 5G could make criminals more dangerous than ever, warn police

Artificial intelligence, quantum computing, 5G and the rise of the Internet of Things are just some of the emerging technologies that could aid cybercriminals in ways that could make them more dangerous than ever.

Microsoft to explore using Rust

Memory-safe languages, such as Rust, are designed from the ground up with protections against memory corruption vulnerabilities, such as buffer overflows, race conditions, memory leaks, use-after free and memory pointer-related bugs.