News – August 2019


  • Three major vulnerabilities found in Cisco SMB switches

    August 7, 2019

    Three of Cisco’s most popular switches for SMBs contain serious security flaws that could allow a hacker to remotely access the device and infiltrate an organisation’s network. The critical vulnerabilities, which affect Cisco’s Small Business 220 Series of smart switches, include a remote code execution (RCE) bug rated 9.8/10 by Cisco in terms of threat severity, an authentication bypass rated 9.1/10 ...

  • KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files

    August 7, 2019

    If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any “.desktop” or “.directory” file for a while. A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run ...

  • New ‘warshipping’ technique gives hackers access to enterprise offices

    August 7, 2019

    Researchers have described a new technique which could be used by cyberattackers to infiltrate corporate setups — with a little help from your friendly neighborhood delivery workers. On Wednesday, Charles Henderson, Global Managing Partner of IBM X- Force Red documented the theoretical method known as warshipping. The technique builds upon wardialing — in which numbers are called en masse ...

  • Microsoft Says Russia’s Strontium Behind IoT Hacks

    August 7, 2019

    Russian hackers have been identified by security experts at Microsoft as being behind a series of attacks on IoT devices. Microsoft’s Threat Intelligence Center said in a blog posting that the Russian state-linked hackers were Strontium. The Strontium hackers are also known as the Fancy Bear group, or alternatively ‘APT28′ and are closely linked to the Russian military intelligence ...

  • New Windows hack warning: Patch Intel systems now to block SWAPGSAttack exploits

    August 6, 2019

    A newly uncovered vulnerability affecting every Windows computer using an Intel processor built since 2012 could allow attackers to bypass safeguards and access information held in a system’s protected kernel memory. This new side-channel attack is built on previous research into other CPU vulnerabilities – such as Spectre and Meltdown – but this new vulnerability can bypass the ...

  • LokiBot Gains New Persistence Mechanism, Uses Steganography to Hide Its Tracks

    August 6, 2019

    First advertised as an information stealer and keylogger when it first appeared in underground forums, LokiBot has added various capabilities over the years. Recent activity has seen the malware family abusing Windows Installer for its installation and introducing a new delivery method that involves spam mails containing malicious ISO file attachments. Our analysis of a new LokiBot variant shows that ...

  • Millions of Android Smartphones Vulnerable to Trio of Qualcomm Bugs

    August 6, 2019

    Security researchers from Tencent’s Blade Team are warning Android smartphone and tablet users of flaws in Qualcomm chipsets, called QualPwn. The bugs collectively allow hackers to compromise Android devices remotely simply by sending malicious packets over-the-air – no user interaction required. Three bugs make up QualPwn (CVE-2019-10539, CVE-2019-10540 and CVE-2019-10538). The prerequisite for the attack is ...

  • Cyberattacks against industrial targets have doubled over the last 6 months

    August 5, 2019

    Cyberattacks designed to cause damage have doubled in the past six months and 50 percent of organizations affected are in the manufacturing sector, researchers say. On Monday, IBM’s X-Force IRIS incident response team published new research based on recent cyberattacks they have been called in to assist with, and the main trend the group is witnessing is the ...

  • A cyber-espionage group has been stealing files from the Venezuelan military

    August 5, 2019

    A cyber-espionage group known as “Machete” has been observed stealing sensitive files from the Venezuelan military, according to an ESET report published today. The group, known to have been active since 2010, has historically gone after a wide range of targets from all over the world. However, ESET said that starting with this year, Machete has ...

  • The Middle East Military Technology Conference (MEMTEC) Examines the Importance of Tech Solutions for Defence

    August 5, 2019

    PRESS RELEASE The Middle East Military Technology Conference (MEMTEC) will be held alongside the upcoming Bahrain International Defence Exhibition & Conference (BIDEC), it was announced last month, during the period from 28-30 October 2019. Held under the patronage of His Majesty King Hamad bin Isa Al Khalifa, the Conference will contextualise the exhibition within the regional ...

  • Microsoft Lab Offers $300K For Working Azure Exploits

    August 5, 2019

    In an attempt to sniff out bugs in its Azure cloud platform, Microsoft announced at Black Hat USA 2019 on Monday that it will offer rewards of up to $300,000 for researchers who launch successful test exploits for the platform. Microsoft has launched a dedicated Azure cloud host testing environment, dubbed Azure Security Lab. The exclusive program will ...

  • Latest Trickbot Campaign Delivered via Highly Obfuscated JS File

    August 5, 2019

    We have been tracking Trickbot banking trojan activity and recently discovered a variant of the malware (detected by Trend Micro as TrojanSpy.Win32.TRICKBOT.TIGOCDC) from distributed spam emails that contain a Microsoft Word document with enabled macro. Once the document is clicked, it drops a heavily obfuscated JS file (JavaScript) that downloads Trickbot as its payload. This malware ...

  • New Dragonblood vulnerabilities found in WiFi WPA3 standard

    August 3, 2019

    Earlier this year in April, two security researchers disclosed details about five vulnerabilities (collectively known as Dragonblood) in the WiFi Alliance’s recently launched WPA3 WiFi security and authentication standard. Yesterday, the same security researchers disclosed two new additional bugs impacting the same standard. The two researchers — Mathy Vanhoef and Eyal Ronen — found these two new bugs in ...

  • UK gov launches second audit of cyber security labour market

    August 2, 2019

    The UK government has launched a second audit of the country’s cyber security labour market in an effort to assess how companies across the country are handling the employment and training of IT professionals. Organisations across the public and private sector have been chosen at random to contribute to the study, with responses helping to shape ...

  • GermanWiper ransomware hits Germany hard, destroys files, asks for ransom

    August 2, 2019

    For the past week, a new ransomware strain has been wreaking havoc across Germany. Named GermanWiper, this ransomware doesn’t encrypt files but instead it rewrites their content with zeroes, permanently destroying users’ data. As a result, any users who get infected by this ransomware should be aware that paying the ransom demand will not help them ...

  • British Army to train cyber spies to combat hackers and digital propaganda

    August 1, 2019

    The British Army will adapt to better tackle the threat of cyber warfare, including hackers, digital propaganda and misinformation, the Ministry of Defence (MoD) has said. A unit called the Sixth Division will be reintroduced as part of plans to “rebalance the Field Army… defeat adversaries both above and below the threshold of conventional conflict”, ...