Android Trojan Leverages Telegram for Data Exfiltration
A newly discovered Android Trojan is abusing Telegram’s Bot API to communicate with the command and control (C&C) server and to exfiltrate data, Palo Alto Networks security researchers warn. Dubbed TeleRAT, the malware appears to be originating from and/or to be targeting individuals in Iran. The threat is similar to the previously observed IRRAT Trojan, […] more…18.5 Million Websites Infected With Malware at Any Time
There are more than 1.86 billion websites on the internet. Around 1% of these — something like 18,500,000 — are infected with malware at a given time each week; while the average website is attacked 44 times every day. Sitelock has published its Q4 2017 Website Security Insider analysis of malware and websites based on […] more…AV Test Android Results 2018
2017 marked not only an explosion in mobile malware but also showed dramatic changes in the mobile landscape, setting up this year to be one of the riskiest years yet. In 2018, there will be an estimated five billion mobile subscribers worldwide which could be enticing bait for malware authors, who have ramped up the […] more…Apple Addresses HSTS User Tracking in WebKit
Apple has added new protections to the WebKit framework to prevent possible abuse of the HTTP Strict Transport Security (HSTS) security standard to track users. HSTS offers a mechanism through which web sites declare themselves accessible only via secure connections and direct browsers to where that secure version resides. Basically, when a user attempts to […] more…Oil and Gas Sector in Middle East Hit by Serious Security Incidents
Many oil and gas companies in the Middle East reported suffering at least one serious security incident in the past year, according to a study conducted by Ponemon Institute on behalf of German industrial giant Siemens. Nearly 200 individuals responsible for overseeing cybersecurity risk in oil and gas companies in the Middle East have taken […] more…Frost Bank Says Data Breach Exposed Check Images
Frost Bank, a subsidiary of Cullen/Frost Bankers, Inc., announced on Friday that it discovered the unauthorized access to images of checks stored electronically. According to the company, it discovered last week that a third-party lockbox software program had been compromised, resulting in unauthorized users being able to view and copy images of checks stored electronically […] more…US Accuses Russian Government of Hacking Infrastructure
The Russian government is behind a sustained hacking effort to take over the control systems of critical US infrastructure like nuclear power plants and water distribution, according to US cyber security investigators. A technical report released by the Department of Homeland Security on Thursday singled out Moscow as directing the ongoing effort that could give […] more…Cisco Meraki Offers Up to $10,000 in Bug Bounty Program
Cisco Meraki, a provider of cloud-managed IT solutions, announced last week the launch of a public bug bounty program with rewards of up to $10,000 per vulnerability. Cisco Meraki, which resulted from Cisco’s acquisition of Meraki in late 2012, started with a private bug bounty program on the Bugcrowd platform. The private program led to […] more…CTS Labs Provides Clarifications on AMD Chip Flaws
As a result of massive backlash from the industry, Israel-based security firm CTS Labs has provided some clarifications about the recently disclosed AMD processor vulnerabilities and its disclosure method. CTS Labs this week published a report providing a brief description of 13 critical vulnerabilities and backdoors found in EPYC and Ryzen processors from AMD. The […] more…The Tortoise and the Hare of GDPR, Part I: Don’t Panic
In preparation for May 25, data-driven companies (and really, that’s most of us) have started doing business differently, bracing for the enforcement date of the General Data Protection Regulation (GDPR). And all companies with customers and employees who are residents of the European Union should be handling personal data carefully after that: Violations can result […] more…The Latest Strains of Attacks on the Pharmaceutical and Healthcare Sector
Cyber Attacks Continue to Plague the Pharmaceutical and Healthcare Industries That Remain Lucrative Targets Schools were shut down due to high levels of absences and for sanitation purposes. Medical facilities were overflowing with patients. Visitor restrictions at hospitals and nursing facilities were in full force. Thankfully the flu season is starting to wind down, but this […] more…Hackers Can Abuse Text Editors for Privilege Escalation
Several popular text editors can be leveraged for privilege escalation and their developers do not plan on taking any action to prevent abuse, according to SafeBreach, a company that specializes in simulating attacks and breaches. Some text editors allow users to run third-party code and extend the application’s functionality through extensions. While this provides some […] more…Microsoft Publishes Bi-annual Security Intelligence Report (SIR)
Microsoft’s 23rd bi-annual Security Intelligence Report (SIR) focuses on three topics: the disruption of the Gamarue (aka Andromeda) botnet, evolving hacker methodologies, and ransomware. It draws on the data analysis of Microsoft’s global estate since February 2017, including 400 billion email messages scanned, 450 billion authentications, and 18+ billion Bing webpage scans every month; together […] more…New “HenBox” Android Malware Discovered
A newly discovered Android malware family masquerades as various popular applications and can steal a broad range of information from infected devices, Palo Alto Networks warns. Dubbed HenBox, the malware was observed installing the legitimate versions of apps it poses as to hide its presence on compromised devices. The threat is distributed via third-party app […] more…Palo Alto Networks to Acquire CIA-Backed Cloud Security Firm Evident.io for $300 Million
Network security firm Palo Alto Networks (NYSE: PANW) on Wednesday said that it has agreed to acquire cloud security and compliance firm Evident.io for $300 million in cash. Palo Alto Networks currently has several security offerings that cater to cloud environments, including its VM-Series virtualized next-generation firewalls, API-based security for public cloud services infrastructure, and […] more…A Brief History of Cloud Computing and Security
According to recent research1, 50% of organizations use more than one public cloud infrastructure vendor, choosing between Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform and a series of others. 85% of those using more than one cloud infrastructure provider are managing up to four1, seeking the best fit for their applications and hedging […] more…More information
- Italy Investigates Russia’s Kaspersky Antivirus Software
- Picture Perfect: CryLocker Ransomware Uploads User Information as PNG Files
- FTP Logs Used to Determine Attack Vector
- Researchers Point to an AMD Backdoor—And Face Their Own Backlash
- How to use Emergency SOS via satellite on iPhone 14
- Canadian-US National Sentenced to Prison for Cybercrime Schemes
- Vulnerability in Popular JsonWebToken Open Source Project Leads to Code Execution
- R980 Ransomware Found Abusing Disposable Email Address Service
- ‘Operation Oceansalt’ Reuses Code from Chinese Group APT1
- It’s time to upgrade to TLS 1.3 already, says CDN engineer