This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On January 11, 2019

Monday 1/7

Ursnif, Emotet, Dridex and BitPaymer Malware Families Team Up to Wreak Havoc

Given the impact of the Ursnif and Dridex banking Trojans, the ubiquity of Emotet loaders, and the ability of BitPaymer to infiltrate systems via remote desktop and email vectors, this malware interoperability provides evidence that malicious actors are developing their own versions of professional organizations to empower threat evolution.

Security researchers find over a dozen iPhone apps linked to Golduck malware

“The [Golduck] domain was on a watchlist we established due to its use in distributing a specific strain of Android malware in the past,” said Michael Covington, Wandera’s vice-president of product. “When we started seeing communication between iOS devices and the known malware domain, we investigated further.”

Marriott breach included 5 million unencrypted passport numbers

In a statement released Friday, the hotel chain said the "upper limit" for the number of potentially compromised guests is around 383 million, though it's likely that some of those records are duplicates. Regardless, the breach affected a lot of people who have stayed at Marriot hotels and exposed personal and financial information. As for passports, Marriot said approximately 5.25 million unencrypted passport numbers and 20.3 million encrypted passport numbers were accessed in the breach.

Tuesday 1/8

Double trouble: Two-pronged cyber attack infects victims with data-stealing Trojan malware and ransomware

Using Internet Explorer and Flash Player exploits delivered in the fallout exploit kit, the campaign is distributed by what researchers at Malwarebytes describe as a 'prolific' malvertising campaign targeting high-traffic torrent and streaming sites and redirecting users towards two malicious payloads.

Pre-Installed Malware Targets Critical System Apps on Mobile Devices

Security professionals can protect mobile devices from pre-installed malware and other threats by using a unified endpoint management (UEM) solution to monitor how these devices report to the corporate IT environment. They should also use behavioral analysis to help defend mobile devices against zero-day threats.

Best practices in preventing a third-party data breach

Since 2016, the number of companies to have suffered a third-party data breach increased from 49 percent to 61 percent in 2018. Moreover, third-party data breaches over a 12-month period increased from 34 percent to 45 percent in 2018.

Wednesday 1/9

New tool automates phishing attacks that bypass 2FA

Modlishka is what IT professionals call a reverse proxy, but modified for handling traffic meant for login pages and phishing operations. It sits between a user and a target website --like Gmail, Yahoo, or ProtonMail. Phishing victims connect to the Modlishka server (hosting a phishing domain), and the reverse proxy component behind it makes requests to the site it wants to impersonate.

More details emerge on Citrix’s plans for Microsoft’s Windows Virtual Desktop

Microsoft is authorizing Citrix, which is a Microsoft Cloud Service Provider partner, to sell Windows Virtual Desktop (WVD) and to integrate WVD with Citrix Workspace, Citrix Virtual Apps and its Desktops service offerings (the products formerly known as XenDesktop and XenApp).

Cisco adds Webex Teams integrations for OneDrive, SharePoint

The Webex Teams integrations with Microsoft's document storage apps let users upload files from those platforms to the Cisco app. Users can preview, share or edit the files without leaving the Cisco interface.

Thursday 1/10

ICEPick-3PM malware compromises third-party tools to steal Android IPs

A new malware dubbed ICEPick-3PM is stealing device IP addresses en masse since at least spring 2018. The malware executes after its authors hijack a website’s third-party tools which are often pre-loaded onto client platforms by self-service agencies and are designed to incorporate interactive web content, such as animation via HTML5.

Cisco warns: Patch now or risk your security appliance choking on single rouge email

Cisco has disclosed fixes for a terrible bug affecting AsyncOS for Cisco email security appliances, which are prone to a "permanent" denial of service (DoS) because the software doesn't properly validate S/MIME-signed emails.

Friday 1/11

OXO International discloses data breach, customer data over two years impacted

While OXO says that "the attempt to compromise your payment information may have been ineffective," the business added that names, billing and shipping addresses, as well as credit card information was involved in the data breach.

Harness your hybrid multi-cloud app delivery with Citrix ADC and ADM

The combination of Citrix ADC and Citrix ADM provides the solution to deliver all your application delivery needs and more. Let’s take a look and see why Citrix ADC, working with Citrix Application and Delivery Management (ADM) in the hybrid multi-cloud world, is not just another virtual workload.