This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On December 14, 2018

Monday 12/10

ESET discovers 21 new Linux malware families

In a report published yesterday by cyber-security firm ESET, the company details 21 "new" Linux malware families. All operate in the same manner, as trojanized versions of the OpenSSH client.

Fileless malware surge, warns Malwarebytes report

These attacks and compromises are growing in sophistication and frequency, and are proving to be particularly successful against businesses because the majority of past security solutions were designed to detect file-based malware that resided on the disk, not in memory, the report warned.

Malicious sites abuse 11-year-old Firefox bug that Mozilla failed to fix

Whenever users try to leave, the owners of these shady sites trigger the authentification modal in a loop. Every time the user dismisses it, another request is made, and a new modal appears, effectively keeping the user captive on the malicious sites until they close the browser altogether, and are forced to start a new browsing session.

McAfee Recognized as a Leader in the Gartner Magic Quadrant for Security Information and Event Management for Eighth Consecutive Year

“We are proud to be recognized for the eighth consecutive year by Gartner and believe it marks our exceptional performance in enabling effective cybersecurity operations,” said Raja Patel, vice president and general manager of corporate products at McAfee.

Tuesday 12/11

Mac Malware Appears on the WatchGuard ‘Top Ten Malware List’ for First Time

It's a good reminder that the vast majority of attacks aren't ultra-advanced zero days and can be prevented by using a layered security approach with advanced malware detection capabilities and investing in secure Wi-Fi and MFA solutions

Google+ continues to sink with a second massive data breach

Google notes that the most recent breach has affected over 52.5 million users worldwide — that’s a significant chunk of individuals whose information now might be floating around on the web.

Wednesday 12/12

A bug in Microsoft’s login system made it easy to hijack anyone’s Office account

Once the victim clicks on a specially crafted link sent in an email, for example, the user will log in through Microsoft’s login system using their username and password — and two-factor code, if set up — which creates an account access token to keep the user logged in without having to enter their password again and again.

Android malware steals money form PayPal accounts while users watch helpless

A new Android trojan hidden inside a battery optimization app can steal money from users' PayPal accounts, ESET has revealed today, even from those protected by two-factor authentication.

Thursday 12/13

Hackers hit global government and defense firms with cyberspying campaign, McAfee says

The cybercriminals targeted individuals at 87 companies using social media, sending them messages disguised as recruitment campaigns to get them to open a malicious document.

Infamous Shamoon malware re-emerges

Shamoon, the rarely seen but destructive malware that was used to wipe Saudi Aramco's servers in 2012, may be back in play, according to Chronicle, Alphabet's cybersecurity arm.

Friday 12/14

Fancy Bear exploits Brexit to target government groups with Zebrocy Trojan

Recipients of these messages, sent from email addresses which looked similar to legitimate government entities, would be asked to download malicious Microsoft Word files. These documents would then retrieve a malicious macro and request permission from the user to enable macros in order to infect the victim's system.

Save the Children Foundation duped by hackers into paying out $1 million

The hackers behind the scam created a number of false invoices and related documents which described a need to purchase solar panels for health centers located in Pakistan.

Citrix Recognized for its Leadership in Digital Workspace Solutions

When it comes to solutions that enable people to work anywhere, anytime using any device, Citrix Systems, Inc. is recognized as a leader in providing them. In 2018, the company was recognized as a leader in all of the technologies required to create intelligent, digital workspaces that enable employees to work in a flexible, intelligent and secure way that unlocks innovation, engages customers, and moves their business forward.