Blog

By Nancy Rand, Posted in Security

September 30, SecurityWeek – (International) Tofsee malware distribution switched from exploit kit to spam. Security researchers from Cisco Talos reported that attackers stopped distributing the Tofsee ransomware via the RIG exploit kit (EK), and began leveraging spam email campaigns to deliver the malware downloaders, which instruct victims to download and open the ZIP archive attached to the message that contains an obfuscated JavaScript file with a WScript downloader, which runs an executable from... read more.

• October 03, 2016

By Nancy Rand, Posted in Security

September 29, SecurityWeek – (International) Syrian Electronic Army member pleads guilty to hacking, extortion. A member of the Syrian Electronic Army (SEA) hacker group pleaded guilty to Federal charges for his role in an extortion scheme where he and another SEA member breached the systems of various organizations in the U.S. and other countries and threatened to damage their computers and data unless a ransom was paid. The FBI is searching for two other suspects involved in the extortion scheme. So... read more.

• September 30, 2016

By Nancy Rand, Posted in Security

September 28, SecurityWeek – (International) High severity DoS flaw patched in BIND. The Internet Systems Consortium released updates for the Domain Name System (DNS) software BIND addressing two vulnerabilities, including a high severity denial-of-service (DoS) flaw affecting all servers that can receive request packets from any source, which can be exploited using maliciously crafted DNS request packets. The updates also resolved a medium severity DoS flaw that can cause a targeted server to termina... read more.

• September 29, 2016

By Nancy Rand, Posted in Security

September 27, SecurityWeek – (International) Russian cyberspies use “Komplex” trojan to target OS X systems. Palo Alto Networks discovered an Apple Mac operating system (OS) X trojan, dubbed Komplex establishes contact with its command and control (C&C) server after infecting a device in order to collect system information, and allows an attacker to execute arbitrary commands and download files to the affected machine. The researchers stated Komplex has reportedly been used by a Russia... read more.

• September 28, 2016

By Nancy Rand, Posted in Security

September 23, SecurityWeek – (International) Locky ransomware fuels surge in .RAR JavaScript attachments. Trend Micro security researchers reported the Locky ransomware was responsible for an increase in certain methods of malware delivery after finding that during the first half of 2016, 58 percent of ransomware threats were delivered via email attachments including JavaScript, VBScript, and Microsoft Office files with macros. The researchers also reported that the malicious emails used to deliver th... read more.

• September 28, 2016

By Nancy Rand, Posted in Security

September 22, SecurityWeek – (International) Yahoo confirms massive data breach of 500 million accounts. Yahoo Inc. confirmed September 22 that a hacker, dubbed “Peace” and “peace_of_mind” accessed the data from at least 500 million user accounts, including names, email address, hashed passwords, and birth dates, among other information, during a 2014 cyberattack. Yahoo stated unencrypted security questions and answers were invalidated and advised potentially affected users to... read more.

• September 26, 2016

By Nancy Rand, Posted in Security

September 22, SecurityWeek – (International) Flaws in Cisco Cloud Services Platform allow command execution. Cisco notified its customers that its Cloud Services Platform (CSP) 2100 version 2.0 was plagued with two vulnerabilities, one of which is a critical vulnerability caused by insufficient sanitization of user input that could allow an unauthenticated attacker to remotely execute arbitrary commands on the operating system with root privileges. Cisco reported the second vulnerability could allow a... read more.

• September 23, 2016

By Nancy Rand, Posted in Security

September 21, SecurityWeek – (International) MacOS 10.12 patches over 60 vulnerabilities. Apple Inc., released the final version of its Mac operating system (OS) Sierra 10.12 resolving at least 65 vulnerabilities, including 16 flaws in the “apache_mod_php” module that could lead to arbitrary code execution or unexpected application termination, as well as denial-of-service issues and arbitrary code execution flaws in Apple’s implementation of Apache, Audio, and Bluetooth, among other... read more.

• September 22, 2016

By Nancy Rand, Posted in Security

September 19, SecurityWeek – (International) Rockwell patches code execution flaw in RSLogix product. Rockwell Automation released patches for several of its RSLogix products used in the food and agriculture, critical manufacturing, water, and chemical sectors to resolve a buffer overflow vulnerability after a researcher discovered the flaw can be exploited by convincing a local user to open a specially crafted rich site summary (RSS) file with a malicious version of RSLogix in order to execute arbitr... read more.

• September 21, 2016

By Nancy Rand, Posted in Security

September 19, SecurityWeek – (International) Cisco finds new zero-day linked to “Shadow Brokers” exploit. Cisco researchers discovered another zero-day vulnerability leaked by Shadow Brokers in August, which affects the Internet Key Exchange (IKE) v1 packet processing code in Cisco IOS XR versions 4.3.x, 5.0.x, 5.1.x, and 5.2.x and could allow a remote, unauthenticated attacker to retrieve memory contents potentially containing sensitive information by sending a specially crafted IKEv1 pac... read more.

• September 20, 2016