Monday 12/10
ESET discovers 21 new Linux malware families
In a report published yesterday by cyber-security firm ESET, the company details 21 "new" Linux malware families. All operate in the same manner, as trojanized versions of the OpenSSH client.
https://zd.net/2C0PsLp
Fileless malware surge, warns Malwarebytes report
These attacks and compromises are growing in sophistication and frequency, and are proving to be particularly successful against businesses because the majority of past security solutions were designed to detect file-based malware that resided on the disk, not in memory, the report warned.
http://bit.ly/2G8aDz9
Malicious sites abuse 11-year-old Firefox bug that Mozilla failed to fix
Whenever users try to leave, the owners of these shady sites trigger the authentification modal in a loop. Every time the user dismisses it, another request is made, and a new modal appears, effectively keeping the user captive on the malicious sites until they close the browser altogether, and are forced to start a new browsing session.
https://zd.net/2RNWF71
McAfee Recognized as a Leader in the Gartner Magic Quadrant for Security Information and Event Management for Eighth Consecutive Year
“We are proud to be recognized for the eighth consecutive year by Gartner and believe it marks our exceptional performance in enabling effective cybersecurity operations,” said Raja Patel, vice president and general manager of corporate products at McAfee.
http://bit.ly/2G9wNkq
Tuesday 12/11
Mac Malware Appears on the WatchGuard ‘Top Ten Malware List’ for First Time
It's a good reminder that the vast majority of attacks aren't ultra-advanced zero days and can be prevented by using a layered security approach with advanced malware detection capabilities and investing in secure Wi-Fi and MFA solutions
https://prn.to/2LawWD3
Google+ continues to sink with a second massive data breach
Google notes that the most recent breach has affected over 52.5 million users worldwide — that’s a significant chunk of individuals whose information now might be floating around on the web.
http://bit.ly/2UxYu9O
Wednesday 12/12
A bug in Microsoft’s login system made it easy to hijack anyone’s Office account
Once the victim clicks on a specially crafted link sent in an email, for example, the user will log in through Microsoft’s login system using their username and password — and two-factor code, if set up — which creates an account access token to keep the user logged in without having to enter their password again and again.
https://tcrn.ch/2SI2v9X
Android malware steals money form PayPal accounts while users watch helpless
A new Android trojan hidden inside a battery optimization app can steal money from users' PayPal accounts, ESET has revealed today, even from those protected by two-factor authentication.
https://zd.net/2Eu7t72
Thursday 12/13
Hackers hit global government and defense firms with cyberspying campaign, McAfee says
The cybercriminals targeted individuals at 87 companies using social media, sending them messages disguised as recruitment campaigns to get them to open a malicious document.
https://cnb.cx/2LdmpHv
Infamous Shamoon malware re-emerges
Shamoon, the rarely seen but destructive malware that was used to wipe Saudi Aramco's servers in 2012, may be back in play, according to Chronicle, Alphabet's cybersecurity arm.
http://bit.ly/2UH5j9e
Friday 12/14
Fancy Bear exploits Brexit to target government groups with Zebrocy Trojan
Recipients of these messages, sent from email addresses which looked similar to legitimate government entities, would be asked to download malicious Microsoft Word files. These documents would then retrieve a malicious macro and request permission from the user to enable macros in order to infect the victim's system.
https://zd.net/2SOtn8u
Save the Children Foundation duped by hackers into paying out $1 million
The hackers behind the scam created a number of false invoices and related documents which described a need to purchase solar panels for health centers located in Pakistan.
https://zd.net/2Bijg4E
Citrix Recognized for its Leadership in Digital Workspace Solutions
When it comes to solutions that enable people to work anywhere, anytime using any device, Citrix Systems, Inc. is recognized as a leader in providing them. In 2018, the company was recognized as a leader in all of the technologies required to create intelligent, digital workspaces that enable employees to work in a flexible, intelligent and secure way that unlocks innovation, engages customers, and moves their business forward.
http://bit.ly/2S1nVPi