Blog

By Nancy Rand, Posted in Security

August 23, Softpedia – (International) Intruders use virtual machines on infected PCs to hide their actions. SecureWorks discovered malicious actors were attempting to install and launch a new virtual machine (VM) on an infected host in order to connect to the compromised device’s VM and withdraw sensitive data or execute other malicious actions without being detected by security software after finding that the attacker was using the Microsoft Management Console (MMC) to launch the Hyper-V Manag... read more.

• August 24, 2016

By Nancy Rand, Posted in Security

August 18, SecurityWeek – (International) Cisco patches critical flaws in Firepower Management Center. Cisco released patches for its Firepower Management Center to address several flaws in the appliance’s Web-based graphical user interface (GUI) including a medium-severity cross-site scripting (XSS) flaw, a critical vulnerability that could allow an authenticated attacker to remotely execute arbitrary commands on a device with root-level privileges, and a flaw that could allow an authenticated... read more.

• August 22, 2016

By Nancy Rand, Posted in Security

August 18, SecurityWeek – (International) Flaws in smart sockets expose networks to remote attacks. Bitdefender researchers reported a popular brand of smart electrical sockets is plagued with serious vulnerabilities that could be exploited by a remote attacker who knows the media access control (MAC) and default password to take control of the device, make configuration changes, and obtain user information after finding that the socket’s hotspot is protected by default credentials and users are... read more.

• August 22, 2016

By Nancy Rand, Posted in Security

August 17, SecurityWeek – (International) Backdoor abuses TeamViewer to spy on victims. Dr. Web security researchers discovered a backdoor trojan, dubbed BackDoor.TeamViewrENT.1 and distributed under the name “Spy-Agent” was installing legitimate TeamViewer components on a compromised device to spy on victims in the U.S., Europe, and Russia, steal victims’ personal information, and to install other malicious programs on a device. Researchers found that the trojan disables error messa... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 8, Help Net Security – (International) Remote Butler attack; APT groups’ dream come true. Microsoft security researchers developed an extension of the “Evil Maid” attack dubbed “Remote Butler” which allows attackers to bypass local Windows authentication to defeat full disk encryption without physical access to the targeted device. A patch released by Microsoft for the “Evil Maid” attack also prevents attackers from carrying out a “Remote Butler&r... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 9, SecurityWeek – (International) Vulnerabilites found in several Fortinet products. Vulnerability Lab released the details of several flaws affecting the Web interface of the Fortinet FortiManager and FortiAnalyzer security management and reporting appliances including a vulnerability that can be exploited by a remote attacker with access to a low-privileged user account to inject arbitrary code into the application if a victim clicks on a link or visits a Webpage containing the malicious code... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 10, Softpedia – (International) Data of nearly 2 million users exposed in Dota2 forum hack. Researchers from LeakedSource reported that the Dota2 official developers forum was breached after hackers stole the usernames, email addresses, user identifiers, passwords, and IP addresses of nearly 2 million of the forum’s users July 10 by hashing and salting the password with the MD5 algorithm. Forum administrators patched the vulnerability and reset all user account passwords. Source August 1... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 11, SecurityWeek – (International) Linux flaw allows attackers to hijack web connections. Researchers from the University of California at Riverside and the U.S. Army Research Laboratory discovered a vulnerability affecting the Transmission Control Protocol (TCP) specification implemented in Linux kernel could be leveraged to intercept TCP-based connections between two hosts on the Internet, to track users’ activity, terminate connections, and inject arbitrary data into a connection after... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 12, Softpedia – (International) Locky ransomware uses vulnerable PHP forms for spam distribution. Researchers from Cisco’s OpenDNS team discovered that the group behind the Locky ransomware is leveraging security flaws in a PHP: Hypertext Preprocessor (PHP)-based Web-to-email service that allows the cybercriminals to brute-force the Web from and make it send a message with the Locky payload attached to any email address due to a vulnerability in a PHP contact form script. Researchers advi... read more.

• August 18, 2016

By Nancy Rand, Posted in Security

August 16, Softpedia – (International) FalseCONNECT vulnerability affects software from Apple, Microsoft, Oracle, more. A security researcher discovered a flaw in how applications from several vendors respond to Hypertext Transfer Protocol (HTTP) CONNECT requests via HTTP/1.0 407 Proxy Authentication Required responses which could allow an attacker with a foothold in a compromised network and the ability to listen to proxy traffic to detect HTTP CONNECT requests sent to the local proxy and issue a 407... read more.

• August 17, 2016