Cloud Services: Holes in Corporate Network Security
The most popular uses of cloud services include: storing image scans of passports and other personal documents; synchronization of password, contact list, and email/message databases; creating sites; storing versions of source codes, etc. When cloud-based data storage service Dropbox announced a patched vulnerability in its link generator, it once again sparked online discussions about how […] more…Mobile health device market to grow 8X to $42B
Driven by adoption of vital-signs monitoring and in-vitro diagnostic (IVD) devices, the mobile health (mHealth) market will grow eight-fold from $5.1 billion in 2013 to $41.8 billion in 2023, according to a new report. The report, from Lux Research, notes that after a slow start due to regulatory constraints and integration with physician workflows, clinical […] more…Isolated Heap for Internet Explorer Helps Mitigate UAF Exploits
In the recent Microsoft security bulletin for Internet Explorer, we found an interesting improvement for mitigating UAF (User After Free) vulnerability exploits. The improvement, which we will name as “isolated heap”, is designed to prepare an isolated heap for many objects which often suffers from UAF vulnerabilities. Let’s use Internet Explorer 11 as an example. Before it […] more…New Banking Malware Uses Network Sniffing for Data Theft
With online banking becoming routine for most users, it comes as no surprise that we are seeing more banking malware enter the threat landscape. In fact, 2013 saw almost a million new banking malware variants—double the volume of the previous year. The rise of banking malware continued into this year, with new malware and even […] more…PlugX RAT With “Time Bomb” Abuses Dropbox for Command-and-Control Settings
Monitoring network traffic is one of the means for IT administrators to determine if there is an ongoing targeted attack in the network. Remote access tools or RATs, commonly seen in targeted attack campaigns, are employed to establish command-and-control (C&C) communications. Although the network traffic of these RATs, such as Gh0st, PoisonIvy, Hupigon, and PlugX, among […] more…Play Store Update Changes Permissions, And Not For The Better
One of the reasons that mobile OSes such as iOS and Android are more secure than their desktop counterparts is that they include very robust controls over app permissions. Each app requests from the user and operating system permissions that, in theory, are limited to what they need. As applied, they have not always worked. […] more…The Smartification of the Home, Part 1
Over the past few years, there has been proliferation of intelligent connected devices introduced into homes across the globe. These devices can range from the familiar – such as tablets, smart phones, and smart TVs – to the less familiar, such as utility meters, locks, smoke and carbon monoxide detectors, motion detectors and scales. Other devices, like wearable […] more…Windows Security Feature Abused, Blocks Security Software
We recently discussed the latest attacks affecting users in Japan that were the works of the BKDR_VAWTRAK malware. This malware family combines backdoor and infostealer behaviors and had just added the banking credentials theft to its repertoire. It was also mentioned that this malware tries to downgrade the privileges of security software, including Trend Micro […] more…Ransomware Now Uses Windows PowerShell
We highlighted in our quarterly threat roundup how various ransomware variants and other similar threats like CryptoLocker that now perform additional routines such as using different languages in their warning and stealing funds from cryptocurrency wallets. The addition of mobile ransomware highlights how these threats are continuously improved over time. We recently encountered another variant that used the […] more…Black Magic: Windows PowerShell Used Again in New Attack
The Windows PowerShell® command line is a valuable Windows administration tool designed especially for system administration. It combines the speed of the command line with the flexibility of a scripting language, making it helpful for IT professionals to automate administration of the Windows OS and its applications. Unfortunately, threat actors have recently taken advantage of […] more…Scammer of a Lonely Heart
It’s time for a risqué subject: looking for love on the internet. With a myriad services promising chemistry-driven matches, dating game contestants have flocked to web services and apps. Despite this proliferation of new avenues, those in a particular rush to find company (in the form of ‘No Strings Attached’ encounters) have turned to a […] more…Ransomware Moves to Mobile
Ransomware continues to make waves, especially with the rise of file-encrypting ransomware like CryptoLocker. However, we are seeing yet another alarming development for this malware: it is now targeting mobile devices. Reveton Makes a Comeback In early May, it was reported that this mobile ransomware was the product of the Reveton gang. Reveton was one of […] more…Phishers Cast Wider Net, Now Asking for Multiple Emails
From a security perspective, phishing attempts are pretty much old hat. In most cases, phishing attempts or attacks focus on getting one particular credential, such as those for credit cards or user accounts. We are now seeing cybercriminals attempt to get more credentials by using phishing pages that allow for multiple email logins. Multiple Logins […] more…Android App Components Prone to Abuse
We’ve recently found a vulnerability in certain Android apps that may leave user data at risk of being captured or being used to launch attacks. The two affected apps we investigated are both highly popular: The productivity app has at least 10M installs and hundred thousands of customer reviews based on their download page The […] more…Targeted Attack Against Taiwanese Agencies Used Recent Microsoft Word Zero-Day
Vulnerabilities, particularly zero-days, are often used by threat actors as the starting point for targeted attacks. This was certainly the case for a (then) zero-day vulnerability (CVE-2014-1761) affecting Microsoft Word. In its security advisory released last March, Microsoft itself acknowledged that the vulnerability was being used in “limited, targeted attacks.” Microsoft has since patched this […] more…Microsoft still losing money with Surface tablets
Microsoft’s Surface 2 and Surface Pro 2 tablets may be selling better than their first generation counterparts, but revenues from the Windows RT and 8.1 devices are still not making up for the amount of money the company is spending on its PC hardware products. Tags: Microsoft Hardware more…More information
- Senate bill proposes cyber security standard for cars
- Using Expert Rules in ENS 10.5.3 to Prevent Malicious Exploits
- What every CSO should be doing now about the Starbucks potential hack
- Security expert cancels talk on back of legal threat
- EFF Reviews Privacy Practices of Online Service Providers
- UK Warns Lawyers Not to Advise Ransomware Payments
- An Early History of the Crypto Wars
- Attackers Use Obscurity, Enterprises Should Too
- S3 Ep99: TikTok “attack” – was there a data breach, or not? [Audio + Text]
- Cloud Server Abuse Leads to Huge Spike in Botnet Scanning