News – May 2018

  • Phishing Spy Campaign Targets Top Mideast Officials

    May 15, 2018

    Researchers have discovered a phishing campaign that infected Android devices with custom surveillance-ware bent on extracting data from top officials, primarily in the Middle East. Researchers at Lookout Security told Threatpost that the tool, dubbed Stealth Mango, has been used to collect over 30 gigabytes of compromised data on attacker infrastructure, including call records, audio recordings, device ...

  • Kaspersky Lab To Open Swiss Data Centre, Amid Dutch Ban

    May 15, 2018

    Dutch government announces it will stop using Kaspersky Lab products, over national security concerns Moscow-based Kaspersky Lab has confirmed plans to build a data centre in Switzerland in an effort to allay Western national security concerns about its anti-virus software. The idea had first been mooted in March this year, and the Swiss facility The facility is to ...

  • This new type of DDoS attack takes advantage of an old vulnerability

    May 15, 2018

    A newly-uncovered form of DDoS attack takes advantage of a well-known, yet still exploitable, security vulnerability in the Universal Plug and Play (UPnP) networking protocol to allow attackers to bypass common methods for detecting their actions. Attacks are launched from irregular source ports, making it difficult to determine their origin and blacklist the ports in order ...

  • Facebook data on 3 million users reportedly exposed through personality quiz

    May 15, 2018

    Facebook data on more than 3 million people who took a personality quiz was published onto a poorly protected website where it could have been accessed by unauthorized parties, according to New Scientist. In a report exposing the potential leak, New Scientistsays that the data contained Facebook users’ answers to a personality trait test. While it didn’t include users’ ...

  • Ex-CIA man named as suspect in Vault 7 leak

    May 15, 2018

    A former CIA employee has been named as the prime suspect in last year’s dump of thousands of documents on the agency’s hacking practices. A report from The Washington Post cites court documents that name Joshua Adam Schulte as the person authorities think to be behind the massive Vault7 data dump. Read more… Source: The Register  

  • Shadowy Hackers Accidentally Reveal Two Zero-Days to Security Researchers

    May 15, 2018

    An unidentified hacker group appears to have accidentally exposed two fully-working zero-days when they’ve uploaded a weaponized PDF file to a public malware scanning engine. The zero-days where spotted by security researchers from Slovak antivirus vendor ESET, who reported the issues to Adobe and Microsoft, which in turn, had them patched within two months. Anton Cherepanov, ...

  • Pentagon Wants Cloud Secure Enough to Hold Nuke Secrets

    May 15, 2018

    The Pentagon’s JEDI cloud will be designed to store the military’s most sensitive classified information. The Defense Department’s Joint Enterprise Defense Infrastructure cloud will be designed to host the government’s most sensitive classified data, including critical nuclear weapon design information and other nuclear secrets. Read more… Source: DefenseOne  

  • Telco intercepts should be expanded to OTT providers: AGD

    May 14, 2018

    The Attorney-General’s Department (AGD) has argued in favour of extending Australia’s telecommunications interception laws from telcos to over-the-top providers. Speaking before the Joint Committee on Law Enforcement on Friday, AGD Assistant Secretary Andrew Warnes said this expansion would help combat the “challenge of encryption”. Read more… Source:  

  • Hackers Steal Millions From Mexican Banks Via Fake Transfers

    May 14, 2018

    The incident may have been orchestrated by organised criminals, says Mexico’s central bank Cyber-thieves have made off with hundreds of millions of pesos from Mexican banks using the country’s domestic electronic transfer system. The attack is similar to earlier ones that have used the international SWIFT network, prompting the Belgium-based organisation to bring in new security measures. Read more… Source: ...

  • Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext

    May 13, 2018

    An important warning for people using widely used email encryption tools—PGP and S/MIME—for sensitive communication. A team of European security researchers has released a warning about a set of critical vulnerabilities discovered in PGP and S/Mime encryption tools that could reveal your encrypted emails in plaintext. What’s worse? The vulnerabilities also impact encrypted emails you sent in ...

  • Hacking train Wi-Fi may expose passenger data and control systems

    May 11, 2018

    Vulnerabilities on the Wi-Fi networks of a number of rail operators could expose customers’ credit card information, according to research from Pen Test Partners. The research was conducted over several years, said Pen Test’s Ken Munro. “In most cases they are pretty secure, although whether the Wi-Fi works or not is another matter,” he added. Read more… Source: ...

  • Operating Systems Hit By Major Security Flaw

    May 10, 2018

    Windows, macOS, Linux, VMware, Xen, KVM and others are affected by issues caused by their misinterpretation of chip documentation Most major operating systems are vulnerable to a “serious” security bug caused by developers’ misinterpretation of documentation on debugging features in Intel and AMD chips. The problem is unusual in its scale, affecting Windows, Apple’s macOS, most major ...

  • GandCrab Ransomware Found Hiding on Legitimate Websites

    May 10, 2018

    The GandCrab ransomware continues to virulently spread and adapt to shifting cyber-conditions, most recently crawling back into relevance on the back of several large-scale spam campaigns. What’s interesting is that GandCrab payload was found hiding on legitimate but compromised websites. These, when analyzed, were found to be riddled with vulnerabilities stemming from outdated software, highlighting one ...

  • 5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws

    May 10, 2018

    Well, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices. Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have spotted 5 botnet families, including Mettle, Muhstik, Mirai, Hajime, and Satori, ...

  • IBM bans all removable storage, for all staff, everywhere

    May 10, 2018

    IBM has banned its staff from using removable storage devices. In an advisory to employees, IBM global chief Information security officer Shamla Naidoo said the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” The advisory stated some pockets of IBM have had this policy ...

  • FBI: Cyber-Fraud Losses Rise to Reach $1.4B

    May 8, 2018

    About 301,580 consumers reported cyber-fraud and malware attacks to the FBI’s Internet Crime Complaint Center (IC3) last year – with reported losses exceeding a whopping $1.4 billion. The year’s haul of reports brings the overall total of complaints since the IC3 began recording such things to 4 million. Read more… Source: ThreatPost  

  • Sierra Wireless Patches Critical Vulns in Range of Wireless Routers

    May 8, 2018

    Sierra Wireless has patched two critical vulnerabilities for its range of wireless gateways that would leave the enterprise devices helpless to an array of remote threats, including the charms of the Reaper IoT botnet. The more critical of the two (with a 9.4 CVSSv3 Temp Score) is a privilege-escalation bug (CVE-2018-10251), which could allow a remote attacker ...

  • UK Manufacturers Top Attack Target For Cyber Crooks

    May 8, 2018

    Manufacturing was the sector most attacked by cyber-criminals in the UK last year, a report from NTT Security has found, mirroring warnings from other agencies including the UK’s National Cyber Security Centre (NCSC) . The firm’s Global Threat Intelligence Report 2018 found that finance was the most targeted sector worldwide, accounting for 26 percent of attacks, including ...

  • First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection

    May 7, 2018

    Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS, including Windows 10. Read more… Source: The ...

  • Report: Intel Facing New Spectre-Like Security Flaws

    May 4, 2018

    Intel may be facing as many as eight new Spectre-level vulnerabilities in its chips, a new report alleges.  The report comes months after the Spectre and Meltdown flaws first rocked the silicon industry in early 2018. German magazine c’t reported on Thursday that the new security flaws in Intel CPUs have been reported to the manufacturer by many ...