Monday 1/7
Ursnif, Emotet, Dridex and BitPaymer Malware Families Team Up to Wreak Havoc
Given the impact of the Ursnif and Dridex banking Trojans, the ubiquity of Emotet loaders, and the ability of BitPaymer to infiltrate systems via remote desktop and email vectors, this malware interoperability provides evidence that malicious actors are developing their own versions of professional organizations to empower threat evolution.
https://ibm.co/2FddCVU
Security researchers find over a dozen iPhone apps linked to Golduck malware
“The [Golduck] domain was on a watchlist we established due to its use in distributing a specific strain of Android malware in the past,” said Michael Covington, Wandera’s vice-president of product. “When we started seeing communication between iOS devices and the known malware domain, we investigated further.”
https://tcrn.ch/2segmcP
Marriott breach included 5 million unencrypted passport numbers
In a statement released Friday, the hotel chain said the "upper limit" for the number of potentially compromised guests is around 383 million, though it's likely that some of those records are duplicates. Regardless, the breach affected a lot of people who have stayed at Marriot hotels and exposed personal and financial information. As for passports, Marriot said approximately 5.25 million unencrypted passport numbers and 20.3 million encrypted passport numbers were accessed in the breach.
https://engt.co/2SBV6JH
Tuesday 1/8
Double trouble: Two-pronged cyber attack infects victims with data-stealing Trojan malware and ransomware
Using Internet Explorer and Flash Player exploits delivered in the fallout exploit kit, the campaign is distributed by what researchers at Malwarebytes describe as a 'prolific' malvertising campaign targeting high-traffic torrent and streaming sites and redirecting users towards two malicious payloads.
https://zd.net/2FjiiJ2
Pre-Installed Malware Targets Critical System Apps on Mobile Devices
Security professionals can protect mobile devices from pre-installed malware and other threats by using a unified endpoint management (UEM) solution to monitor how these devices report to the corporate IT environment. They should also use behavioral analysis to help defend mobile devices against zero-day threats.
https://ibm.co/2LWGceA
Best practices in preventing a third-party data breach
Since 2016, the number of companies to have suffered a third-party data breach increased from 49 percent to 61 percent in 2018. Moreover, third-party data breaches over a 12-month period increased from 34 percent to 45 percent in 2018.
http://bit.ly/2H10JzU
Wednesday 1/9
New tool automates phishing attacks that bypass 2FA
Modlishka is what IT professionals call a reverse proxy, but modified for handling traffic meant for login pages and phishing operations. It sits between a user and a target website --like Gmail, Yahoo, or ProtonMail. Phishing victims connect to the Modlishka server (hosting a phishing domain), and the reverse proxy component behind it makes requests to the site it wants to impersonate.
https://zd.net/2QzscrC
More details emerge on Citrix’s plans for Microsoft’s Windows Virtual Desktop
Microsoft is authorizing Citrix, which is a Microsoft Cloud Service Provider partner, to sell Windows Virtual Desktop (WVD) and to integrate WVD with Citrix Workspace, Citrix Virtual Apps and its Desktops service offerings (the products formerly known as XenDesktop and XenApp).
https://zd.net/2Rj2qNT
Cisco adds Webex Teams integrations for OneDrive, SharePoint
The Webex Teams integrations with Microsoft's document storage apps let users upload files from those platforms to the Cisco app. Users can preview, share or edit the files without leaving the Cisco interface.
http://bit.ly/2Fj2nLw
Thursday 1/10
ICEPick-3PM malware compromises third-party tools to steal Android IPs
A new malware dubbed ICEPick-3PM is stealing device IP addresses en masse since at least spring 2018. The malware executes after its authors hijack a website’s third-party tools which are often pre-loaded onto client platforms by self-service agencies and are designed to incorporate interactive web content, such as animation via HTML5.
http://bit.ly/2QCzU4j
Cisco warns: Patch now or risk your security appliance choking on single rouge email
Cisco has disclosed fixes for a terrible bug affecting AsyncOS for Cisco email security appliances, which are prone to a "permanent" denial of service (DoS) because the software doesn't properly validate S/MIME-signed emails.
https://zd.net/2VH75Ye
Friday 1/11
OXO International discloses data breach, customer data over two years impacted
While OXO says that "the attempt to compromise your payment information may have been ineffective," the business added that names, billing and shipping addresses, as well as credit card information was involved in the data breach.
https://zd.net/2RnpjPZ
Harness your hybrid multi-cloud app delivery with Citrix ADC and ADM
The combination of Citrix ADC and Citrix ADM provides the solution to deliver all your application delivery needs and more. Let’s take a look and see why Citrix ADC, working with Citrix Application and Delivery Management (ADM) in the hybrid multi-cloud world, is not just another virtual workload.
http://bit.ly/2TI1lLY