Blog

By Nancy Rand, Posted in Security

March 16, SecurityWeek – (International) Radamant C&C server manipulated to spew decryption keys. Security researchers from InfoArmor reported that a flaw in Radamant ransomware’s command and control (C&C) server could potentially allow researchers to decrypt victims’ files without requiring user interaction by registering the infected machine within the malware control center via a Hypertext Transfer Protocol (HTTP) POST request. Researchers reported the request needs to contain public and private... read more.

• March 17, 2016

By Nancy Rand, Posted in Security

March 11, SecurityWeek – (International) DROWN vulnerability still unpatched by most cloud services. A team of researchers released a report stating that the severe vulnerability, Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) affecting many cloud services, was not patched after security researchers found the attack affects Hypertext Transfer Protocol Secure (HTTPS) and other services that rely on Secure Sockets Layer (SSL) and Transport Layer Security (TLS). The vulnerability allows attackers... read more.

• March 16, 2016

By Nancy Rand, Posted in Security

March 15, Softpedia – (International) Recent wave of malware uses macro-enabled Word documents and Windows PowerShell. Security researchers from Palo Alto Networks discovered that attackers were using a new tactic to distribute malicious malware by combining spam campaigns, malicious Word documents, and Window’s PowerShell code. Researchers reported that the macro code, embedded within each malicious Word document, starts a hidden instance of Windows PowerShell to download malicious scripts. Source March... read more.

• March 16, 2016

By Nancy Rand, Posted in Security

March 9, Softpedia – (International) KeRanger ransomware is actually Linux.Encoder ported for Macs. Security researchers from Bitdefender reported that the KeRanger ransomware that targets Mac OS X systems is a rewrite of the Linux.Encoder ransomware after finding that the encryption functions of each ransomware were identical to each other and that both ransomwares share the same names: encrypt_file, recursive_task, currentTimestamp, and creatDaemon. Source March 8, SecurityWeek – (International) Micros... read more.

• March 14, 2016

By Nancy Rand, Posted in Security

March 11, SecurityWeek – (International) Three high severity DoS flaws patched in BIND. The Internet Systems Consortium (ISC) released updates for several of its DNS software BIND product fixing three high severity denial-of-service (DoS) vulnerabilities that could allow remote attackers to crash the BIND name server (named) process by sending a specially crafted query. Source March 11, SecurityWeek – (International)”Libotr” library flaw exposes popular IM apps. A security researcher from X41 D-Sec firm... read more.

• March 14, 2016

By Ken Phelan, Posted in Security

I was at the RSA show a couple of weeks ago and my plane reading included The Black Swan by Nassim Nicholas Taleb. Black Swans are big things that happen unexpectedly, and having happened, change our world significantly. 9/11 was a Black Swan. So was Lehman. In the context of the RSA show, it was hard not to draw some parallels to the new breed of advanced cyber-attacks. Human beings are pattern seeking animals. We’re naturally predisposed to take the noise that everyday life is made of and turn it into... read more.

• March 11, 2016

By Nancy Rand, Posted in Security

March 8, Help Net Security – (International) Google plugs 19 holes in newest Android security update. Google released 19 security issues for its Android Open Source Project (AOSP) after its company’s security researchers found two remote code execution (RCE) vulnerabilities in Mediaserver that can be leveraged via a specially crafted file, as well as discovering a critical vulnerability in the Qualcomm performance component that can be leveraged to allow elevation of privileges flaw, enabling a local malici... read more.

• March 09, 2016

By Nancy Rand, Posted in Security

March 7, CNBC – (National) Scam artists hit Seagate Technology. Cupertino-based Seagate Technology reported that its current and former employees’ personal information including tax information, Social Security numbers, and salaries were compromised after a phishing email disguised as a legitimate internal company request prompted an employee to disclose employee data to an unauthorized third party. The company notified the U.S. Internal Revenue Service and is offering an identify-theft protection service t... read more.

• March 08, 2016

By Nancy Rand, Posted in Security

March 4, Softpedia – (International) XSS on Fortinet’s login page let attackers log passwords in cleartext. A security researcher at Synetis found that Fortinet’s Single-Sign-On (SSO) login system contained a reflected cross-site scripting (RXSS) vulnerability that could allow attackers to insert malicious parameters in cleartext inside the login page’s Uniform Resource Locator (URL). Fortinet released a patch for the vulnerability. Source March 4, SecurityWeek – (International) Adobe to patch flaws in R... read more.

• March 07, 2016

By Nancy Rand, Posted in Security

March 3, SecurityWeek – (International) Apple reissues security update after blocking Ethernet on Mac OS X. Apple Inc., reissued a security updates for its OS X El Capitan systems, which patched a blacklisting issue after an initial security update blocked Ethernet drivers and blocked Internet access to affected Mac systems when using an Ethernet connection. Apple reported that Wi-Fi connections were not affected. Source March 3, SecurityWeek – (International) Cisco patches critical, high severity flaws... read more.

• March 04, 2016