News – February 2019


  • Terrorists and politicians exposed by Dow Jones data leak

    February 28, 2019

    A Dow Jones watchlist of more than 2.4 million entities that its clients should consider ‘high-risk’ has been inadvertently leaked to the public, thanks to an incorrectly configured and unsecured Elasticsearch database. The database, which was hosted on AWS, was discovered by Bob Diachenko, a security researcher who has previously identified similar data breaches involving Veeam and contact aggregator Adapt.io. ...

  • Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks

    February 27, 2019

    The notorious Chinese-linked threat group, dubbed Bronze Union, has been spotted in a widespread 2018 campaign updating its arsenal of cyberweapons by breathing new life into old tools. The threat group was spotted in 2018 using updated source code to target data owned by political, technology, manufacturing and humanitarian organizations, researchers with the Dell Secureworks Counter ...

  • Hackers target Elasticsearch clusters in fresh malware campaign

    February 27, 2019

    Security researchers have observed a spike in attacks from multiple threat actors targeting Elasticsearch clusters, in what is believed to be an attempt to spread malware on victims’ machines. Attackers appear targeting clusters using versions 1.4.2 and lower, and are leveraging old vulnerabilities to pass scripts to search queries and drop the attacker’s payloads, according to ...

  • Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers

    February 27, 2019

    Cisco is urging customers to update their wireless VPN and firewall routers, after patching a critical vulnerability that could allow unauthenticated, remote attackers to execute arbitrary code. The vulnerability, CVE-2019-1663, has a CVSS score of 9.8 and impacts the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. ...

  • How to Attack and Defend a Prosthetic Arm

    February 26, 2019

    The IoT world has long since grown beyond the now-ubiquitous smartwatches, smartphones, smart coffee machines, cars capable of sending tweets and Facebook posts and other stuff like fridges that send spam. Today’s IoT world now boasts state-of-the-art solutions that quite literally help people. Take, for example, the biomechanical prosthetic arm made by Motorica Inc. This ...

  • Hackers abuse LinkedIn DMs to plant malware

    February 25, 2019

    Hackers are impersonating recruitment agencies on LinkedIn in a bid to target companies with backdoor malware. Researchers at Proofpoint found that the malware campaigns primarily targeted US companies in various industries including retail, entertainment, pharmacy, and others that commonly employ online payments, such as online shopping portals. In a blog post, the firm said hackers establish a relationship ...

  • ICANN: There is an ongoing and significant risk to DNS infrastructure

    February 23, 2019

    The Internet Corporation for Assigned Names and Numbers (ICANN), the organization in charge of the internet’s Domain Name System (DNS) infrastructure, has issued a foreboding warning on Friday about the dangers facing the DNS system. ICANN said it “believes that there is an ongoing and significant risk to key parts of the Domain Name System (DNS) infrastructure,” and ...

  • Russian national, author of NeverQuest banking trojan, pleads guilty

    February 23, 2019

    A Russian national pleaded guilty today in a New York court of creating, running, and infecting users with the NeverQuest banking trojan –also known as Snifula and Vawtrack. The man’s name is Stanislav Vitaliyevich Lisov, a Russian national who went online under the names of “Black” and “Blackf,” and who, according to a Department of Justice press ...

  • Looming retirement of legacy system custodians put global IT systems at risk

    February 22, 2019

    Government IT systems and critical infrastructure systems around the world are at risk due to legacy technology and the pending retirement of those who have historically maintained these older systems. Of the U.S. General Services Administration’s mission-critical IT staff, 20-50 percent will be eligible to retire by 2024 and 66 percent of U.K. companies have too few cybersecurity ...

  • 19-Year Old WinRAR RCE Vulnerability Gets Micropatch Which Keeps ACE Support

    February 22, 2019

    A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app’s devs removed it when they patched the security issue. Nadav Grossman from Check Point Software Technologies was the one who originally found the ACE Path Traversal logical bug in the UNACEV2.DLL library written by ...

  • Malspam campaign fakes Google reCAPTCHA images to fool victims

    February 22, 2019

    A recently discovered malspam campaign targeting customers of a Polish bank was found using forgeries of Google reCAPTCHA images to fake legitimacy. The banking malware was delivered via phishing emails that purported to seekin confirmation of a recent banking transaction that in reality never occurred, according to Feb. 21 blog post published week by Sucuri. Recipients who panicked at the ...

  • DDoS Attacks Ranked As Highest Threat by Enterprises

    February 22, 2019

    US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. Another 75% of all professionals who took part in NISC’s study said that they are deeply concerned about “bot ...

  • Ransomware encrypts Australian cardiac clinic’s patient files

    February 21, 2019

    Employees of Melbourne Heart Group in Malvern, Australia, have been unable to access patients’ medical records following a January ransomware attack that encrypted the health care provider’s files. The cardiology clinic disclosed the incident today on its website’s home page. “We have been assured that no patient’s privacy has been compromised in any way,” the statement reads. ...

  • Spectre vulnerabilities cannot be mitigated by software alone

    February 19, 2019

    A team of Google researchers has demonstrated the Spectre vulnerabilities present in many of today’s processors cannot be completely mitigated by applying software fixes, as has been assumed. Variants of the Spectre flaw discovered last year, which involves information leaking via ‘speculative execution’ or functions performed early to speed up computation, are not just software glitches ...

  • APT Adversaries Up the Ante on Speed, Target Telecom

    February 19, 2019

    Despite law-enforcement wins in the form of several high-profile arrests and indictments during 2018, nation-state adversaries have upped their games when it comes to speed. That’s according to CrowdStrike’s 2019 Global Threat Report, which found that when analyzing how long it takes to go from initial compromise to the attacker’s first lateral movement within the network, Russian-speaking APTs (such ...

  • North Korea Turns Against New Targets?!

    February 19, 2019

    Over the past few weeks, we have been monitoring suspicious activity directed against Russian-based companies that exposed a predator-prey relationship that we had not seen before. For the first time we were observing what seemed to be a coordinated North Korean attack against Russian entities. While attributing attacks to a certain threat group or another is ...

  • Hackers Use Compromised Banks as Starting Points for Phishing Attacks

    February 19, 2019

    Cybercriminals attacking banks and financial organizations use their foothold in a compromised infrastructure to gain access to similar targets in other regions or countries. In a report released today and shared with BleepingComputer, international security company Group-IB specialized in preventing cyber attacks describes a so called cross-border domino-effect that can lead to spreading an infection beyond the initial ...

  • Senior Defence figure raises concerns about future cyber attacks

    February 19, 2019

    One of Australia’s senior military figures says the threat of cyber attacks against the nation’s infrastructure and military networks is on the rise. Major General Marcus Thompson leads the Information Warfare Division, which was set up in mid-2017 with the aim of providing both defensive and offensive cyber capabilities. In his first media major interview, he told ...

  • Platinum Security Exhibition 2019: The response to important security needs of the private sector

    February 19, 2019

    Press Release  – Paris Placed under The High Patronage of H.S.H. Prince Albert II of Monaco, the first edition of the Platinum Security Exhibition, the international exhibition of security for the private sector, will be held from 10 to 12 April 2019 in Monaco. The trade fair will meet the growing needs of security for the ...

  • When Cyberattacks Pack a Physical Punch

    February 18, 2019

    Physical security goes hand in hand with cyberdefense. What happens when – as we see all too often – the physical side is overlooked? More than one in 10 data breaches now involve “physical actions,” according to a recent report. These include leveraging physical  devices to aid an attack, but also hacks that involve breaking into hardware ...