Monday 1/14
FireEye gears up email security for emerging threats
Business email compromise (BEC), which is often cited as the most common way for cyber criminals to infiltrate corporate networks, is a type of scam that targets email accounts of high-level employees related to finance or working with wire transfer payments, either spoofing or compromising them through keyloggers or phishing attacks.
http://bit.ly/2M9Dm5V
Cryptocurrency mining malware is the number one malware menace – again
Cryptocurrency stealing software continues to be the most commonly distributed form of malware, according to a top ten list of the most prominent malware threats detected by security company Check Point.
https://zd.net/2D9evfF
Four Phishing Attack Trends To Look Out For In 2019
With half a billion dollars lost to phishing in the United States every year, it is worthwhile to keep up with new methods that hackers use to trick employees into giving out their credentials and other sensitive information.
http://bit.ly/2M7h4Si
Tuesday 1/15
Details published about vulnerabilities in popular building access system
If PremiSys servers are exposed online, an attacker can use this username and password to access a building's ID card management system and introduce rogue cards or disable access control features altogether.
https://zd.net/2sBWfWt
PoC for Windows VCF zero-day published online
A threat actor can craft a malicious VCF that displays a benign link, which when clicked by the user, can trigger the execution of malicious code instead of viewing the URL. The good news is that this vulnerability can lead to remote code execution, but is not remotely exploitable, as it requires user interaction first.
https://zd.net/2AJjKkE
Beware, Windows 7 hold-outs: Microsoft starts one-year clock to end support for popular operating system
Microsoft will cease providing security updates or support for PCs running Windows 7 on Jan. 14, 2020. Microsoft has a website dedicated to the change that includes a push to upgrade to Windows 10.
http://bit.ly/2CpwFrQ
Wednesday 1/16
Proof-of-concept Malware Reveals Smart Building Vulnerabilities Your Business Needs to Deal With
Researchers at enterprise security vendor ForeScout have warned that malware specifically targeting smart buildings is an inevitable next step given the rapidly expanding attack surface that building automation systems expose. The operational technology researchers at ForeScout should know: they created proof-of-concept malware that revealed smart building vulnerabilities every business should be concerned about.
http://bit.ly/2SXvrvj
.Net RAT Malware Being Spread by MS Word Documents
Fortinet’s FortiGuard Labs captured a malicious MS Word document from the wild that contains auto-executable malicious VBA code that can spread and install NanoCore RAT software on a victim’s Windows system. NanoCore RAT was developed in the .Net framework, and the latest version is “1.2.2.0”.
http://bit.ly/2VXxUHV
Data breaches – It’s not just digital, physical data breaches matter too
Most businesses still neglect physical security and do not realize that criminals can use social engineering to gain physical access to sensitive or personal data or expensive assets, so physical data breaches are very much a threat.
http://bit.ly/2TTaCkt
Thursday 1/17
More than 772 million email addresses affected in ‘Collection #1’ data breach
Security researcher Troy Hunt has loaded the email addresses and passwords into his site, haveibeenpwned, which allows people to be notified when their email has been tangled in a breach, or check if a password has been exposed and is thus unsuitable for use.
http://bit.ly/2Df56DB
Shopper privacy critical when using new Cisco DNA Spaces
Retailers considering the use of Cisco's new DNA Spaces or other in-store people-tracking software should be hypersensitive to the privacy implications and disclose to customers in plain English how the gathered data is being used.
http://bit.ly/2AQmaxT
Massive Oklahoma Government Data Leak Exposes 7 Years of FBI Investigations
Last December, a whopping 3 terabytes of unprotected data from the Oklahoma Securities Commission was uncovered by Greg Pollock, a researcher with cybersecurity firm UpGuard. It amounted to millions of files, many on sensitive FBI investigations, all of which were left wide open on a server with no password, accessible to anyone with an internet connection.
http://bit.ly/2Fx6nIu
Friday 1/18
LoJax Malware Continues to Operate 8 Months After Discovery
First detected in 2018, LoJax is a modified version of the commercial LoJack anti-theft software developed by Absolute Software. Specifically, Lojax uses a release from 2008 when the software was known as Computrace. This is a legitimate piece of software that integrates with the UEFI firmware of a computer to help the owner recover it in the event it’s stolen. Even if a thief swaps in a new hard drive, the software reasserts itself from the motherboard firmware. That’s great if you want your laptop back, but it’s also perfect for a sophisticated hacking operation.
http://bit.ly/2FxP3D2
Fortnite’s Vulnerability: Only the Secure Survive
These sites promote players to enter their login credentials, as well as personal information like name, address and credit card details (usually of the player’s parents) and are spread via social media campaigns that claim players can “earn easy cash” and “make quick money”.
http://bit.ly/2HiS7Vr
Decrypted Telegram bot chatter revealed as new Windows malware
The researchers described their newly discovered malware, dubbed GoodSender, as a “fairly simple” Windows-based malware that’s about a year old, which uses Telegram as the method to listen and wait for commands. Once the malware infects its target, it creates a new administrator account and enables a remote desktop — and waits.
https://tcrn.ch/2CxVfa3