Telcos around the world hit by long-term intelligence gathering cyberattack

A long-term, large scale attack targeting telecom companies around the world has been discovered. The attack, dubbed Operation Soft Cell by security firm Cybereason, saw hundreds of gigabytes of information exfiltrated. The company claims the attackers had total control of compromised networks and could have easily brought down entire cellular networks if they so wished. […] more…

The $1.5 Million Email

Ransomware has been around since the late 1980s, but in recent years, it has emerged as one of the largest financial threats facing the public and private sector alike. According to the U.S. Department of Homeland Security, ransomware is the fastest-growing malware threat—and according to a report by Recorded Future in May, more than 170 […] more…

AWS Announces General Availability of Security Hub

Amazon Web Services (AWS) on Tuesday announced the general availability of Security Hub, a service that aggregates and prioritizes alerts from AWS and many third-party security tools. read more more…

Hackers Favoring Shimmers Over Skimmers for ATM Attacks

Cybercriminals are increasingly using shimmers instead of skimmers in attacks targeting automated teller machines, Flashpoint reports.  read more more…

Serious Security: Rambleed attacks blunted – the OpenSSH way

Here’s a way to keep secrets safe in memory, even in a world of hardware-level leakage due to tricks like Rambleed, Spectre and more. more…

Tales From the SOC: Healthcare Edition

Over the past ten years, I have led and supported incident response engagements across nearly every industry vertical and trained security teams of all sizes to develop and improve their detection and response capabilities. One of the first areas addressed in these trainings is understanding whether an attack is targeted or opportunistic. read more more…

Endpoint’s Role in Enterprise Data Protection

Data is a big deal. As the foundation of a modern-day business, data drives organizations’ everyday operations. It provides insights, indicates trends, and informs business decisions. This means securing an organization’s data is of the utmost importance, especially when it comes to defending against attacks emerging out of today’s threat landscape. And though there are […] more…

Telcos Pwned: Multi-Wave Attacks Stealing ‘Obscene Amount of Data’ From Providers

China-Linked Hackers Have Breached Deep Inside Teleco Providers and Have Complete Control of Data and Networks read more more…

Review: CrowdStrike Falcon breaks the EDR mold

The biggest differentiator with Falcon is that the brains of the platform exist completely in the cloud, which gives it unlimited scalability as well as a massive footprint of users and enterprises.(Insider Story) more…

ABB Patches Many Vulnerabilities in HMI Products

Swiss industrial tech company ABB has patched a dozen vulnerabilities, including serious issues, in some of its human-machine interface (HMI) products. read more more…

LokiBot and NanoCore Malware Distributed in ISO Image Files

LokiBot info-stealing malware is again being distributed in a malspam campaign using attached ISO image file attachments. Similar was reported in August 2018, but it remains an unusual method of distribution. This new campaign is also separately distributing NanoCore. read more more…

Mission Possible: ICS Attacks On Buildings Are a Reality

In the 1996 thriller, Mission Impossible I, Ethan Hunt hacks the HVAC system of a building to breach its security controls and carry out his mission. Well, the future has arrived.  read more more…

Using Whitelisting to Remediate an RCE Vulnerability (CVE-2019-2729) in Oracle WebLogic

By: Sivathmican Sivakumaran (Vulnerability Researcher) Oracle WebLogic has recently disclosed and patched remote-code-execution (RCE) vulnerabilities in its software, many of which were due to insecure deserialization. Oracle addressed the most recent vulnerability, CVE-2019-2729, in an out-of-band security patch on June 18, 2019. CVE-2019-2729 was assigned a CVSS score of 9.8, making it a critical vulnerability. […] more…

WeTransfer sends user file links to wrong people

Popular file transfer service WeTransfer faces embarrassment this week after admitting that it had mailed file links to the wrong users. more…

Presidential text alerts are open to spoofing attacks, warn researchers

Researchers have shown that it’s technically possible for hackers to target the US Presidential text Alerts system to send fake messages. more…

Government agencies still send sensitive files via hackable .zips

Senator Ron Wyden has written to NIST asking for guidance and training for government staff in how to share files securely. more…

2017 Antivirus News | Powered by WordPress | Fluxipress Theme | Show My IP Address, check blacklists | Free Favicon, Android and Apple Icon Generator | Bitcoin and Crypto Currency News