Blog

By Nancy Rand, Posted in Security

January 6, SecurityWeek – (International) New “Ghost Host” technique boosts botnet resiliency. Cyren security researchers reported that malware developers have started leveraging a new technique, dubbed ghost host, which fools Web security and Uniform Resource Locator (URL) filtering systems by inserting non-malicious host names that are both registered and unregistered into the Hypertext Transfer Protocol (HTTP) host fields of a botnet’s communications, in order to guarantee communi... read more.

• January 10, 2017

By Nancy Rand, Posted in Security

January 5, SecurityWeek – (International) KillDisk malware targets Linux machines. ESET security researchers reported that the KillDisk malware recently observed adding encryption capabilities and behaving like ransomware is now targeting Linux systems, including workstations and servers. The Linux variant of the malware overwrites the bootloader entries and displays the ransom text within the GRUB bootloader. Source January 5, SecurityWeek – (International) “MM Core” APT malware no... read more.

• January 09, 2017

By Nancy Rand, Posted in Security

January 5, SecurityWeek – (International) FireCrypt ransomware packs DDoS code. The MalwareHunterTeam discovered that the FireCrypt ransomware is able to encrypt victims’ files, as well as launch a distributed denial-of-service (DDoS) attack against a Uniform Resource Locator (URL) hardcoded in the source code. The researchers found the URL FireCrypt targets cannot be modified using the ransomware’s builder, and reported that in order for the malware’s DDoS attack to cause significan... read more.

• January 06, 2017

By Nancy Rand, Posted in Security

January 4, SecurityWeek – (International) Pseudo-Darkleech remains prominent distributor of ransomware. Palo Alto Networks security researchers reported that the pseudo-Darkleech campaign is expected to remain a prominent ransomware distributor in 2017 after finding the campaign’s operators were able to quickly adapt to major exploit kit (EK) and ransomware landscape changes during 2016 to maintain the high level of attacks and to ensure the campaign remained relevant. The researchers found, how... read more.

• January 06, 2017

By Ken Phelan, Posted in Infrastructure, Security, Virtualization

2016 was a tough year for celebrities and not an altogether great year for IT. I’m going to break from my normal annual predictions format and cover two things as we start 2017. I’m going to talk about lessons we need to learn from 2016 and things we should look forward to in 2017. 2016’s Tough Love Weak IT = Weak Cyber. For a number of years, IT budgets have been shrinking on the whole while cyber budgets increase. This is not working. Cyber is too dependent on solid IT operations to be... read more.

• January 05, 2017

By Nancy Rand, Posted in Security

January 3, SecurityWeek – (International) Libpng patches flaw introduced in 1995. The developers of the Slackware Linux distribution released updates for the libpng official Portable Network Graphics (PNG) reference library resolving a null pointer dereference vulnerability impacting PNG image editors that could be exploited to cause a denial-of-service (DoS) condition. Source Above Reprinted from the USDHS Daily Open Source Infrastructure Report... read more.

• January 04, 2017

By Nancy Rand, Posted in Security

December 30, SecurityWeek – (International) Sundown exploit kit starts using steganography. Trend Micro security researchers reported that a new version of the Sundown exploit kit (EK) leverages steganography to hide its malicious traffic in legitimate-seeming Portable Network Graphics (PNG) image files to disguise various exploits, including those targeting Microsoft’s Internet Explorer and Adobe’s Flash Player. Source December 29, SecurityWeek – (International) Topps customer data... read more.

• January 03, 2017

By Nancy Rand, Posted in Security

December 19, SecurityWeek – (International) Spear phishing attacks target industrial firms. Kaspersky Lab researchers warned that a spear phishing campaign has targeted roughly 500 organizations in the smelting, power generation and transmission, construction, and engineering industries across 50 countries since August 2016 in order to spy on users and steal sensitive data. The phishing emails contain a subject line with text used in a company’s correspondence in order to trick the victim into o... read more.

• December 21, 2016

By Nancy Rand, Posted in Security

December 16, SecurityWeek – (International) Joomla patches dangerous security flaws. Joomla released version 3.6.5 to resolve three security issues, including a high severity flaw plaguing all Joomla iterations from 1.6.0 – 3.6.4 which could be exploited to allow an attacker to modify existing user accounts including altering usernames, user group assignments, and passwords. In addition to the patches, the update included additional security hardening mechanisms. Source December 15, Securi... read more.

• December 19, 2016

By Nancy Rand, Posted in Security

December 13, SecurityWeek – (International) Flaw in PwC security tool exposes SAP systems to attacks. Security researchers at ESNC discovered PricewaterhouseCoopers’ Automated Controls Evaluator (ACE) tool was plagued with a remote code execution flaw that could be exploited to remotely inject and execute malicious Advanced Business Application Programming (ABAP) code on a targeted Systems, Applications and Products (SAP) system. The flaw could allow a malicious actor to manipulate accounting do... read more.

• December 15, 2016