Endpoint Security Archives - Page 2 of 10

Google Improves Chrome Protections Against Use-After-Free Bug Exploitation

Issued by: Security Week

A type of memory corruption bugs, use-after-free issues occur when a program does not clear the pointer after freeing memory allocation. These flaws could lead to arbitrary code execution, data corruption, or denial of service. Use-after-free vulnerabilities may also be combined with other security flaws, leading to complete system compromise. The exploitation of use-after-free issues…

Application Security, Network Security

Microsoft: Multiple Iranian Groups Conducted Cyberattack on Albanian Government

Issued by: Security Week

On July 15, 2022, threat actors working on behalf of the government of Iran launched a destructive attack targeting the Albanian government’s websites and public services, taking them offline. The attack had less than 10% total impact on the customer environment. The campaign consisted of four different stages, with different actors responsible for every one…

Application Security

1.4 Million Users Install Chrome Extensions That Inject Code Into eCommerce Sites

Issued by: Security Week

With a total install base of over 1.4 million, the extensions can modify cookies on ecommerce websites so that their creator receives affiliate payments for the purchased items, without the victim’s knowledge. The five malicious extensions help users watch Netflix shows together (Netflix Party and Netflix Party 2, with a combined install base of 1.1…

Network Security

The Future of Endpoint Management

Issued by: Security Week

Media coverage of data breaches (e.g., Cisco, Flagstar Bank, South Denver Cardiology Associates) often puts a spotlight on the tail end of the cyberattack life cycle, focusing on the exfiltration points rather than how the threat actor got there. Post-mortem analysis has repeatedly found that the most common source of a hack is compromised credentials…

Malware & Threats

Malicious Macro-Enabled Docs Delivered via Container Files to Bypass Microsoft Protections

Issued by: Security Week

Initially announced in February, the macro-blocking feature is meant to prevent phishing attacks by making it more difficult for users to enable macros in documents received from the internet. Small snippets of code embedded in Office documents, macros have long been abused by threat actors in phishing attacks and for malware delivery. In 2016, Microsoft…

Vulnerabilities

Microsoft Connects USB Worm Attacks to ‘EvilCorp’ Ransomware Gang

Issued by: Security Week

According to fresh data from Redmond’s threat intelligence team, a ransomware-as-a-service gang it tracks as DEV-0206 has been caught rigging online ads to trick targets into installing a loader for additional malware previously attributed to EvilCorp. Even more ominously, Microsoft said its research teams discovered EvilCorp malware distribution tactics and observed behavior all over the…

Mobile Security

Microsoft Finds Major Security Flaws in Pre-Installed Android Apps

Issued by: Security Week

According to an advisory released Friday by the Microsoft 365 Defender Research Team, a total of four documented vulnerabilities were found – and fixed – in a mobile framework owned by mce Systems, an Israeli company that provides software to mobile carriers. “Coupled with the extensive system privileges that pre-installed apps have, these vulnerabilities could…

Vulnerabilities

Researchers Devise New Type of Bluetooth LE Relay Attacks

Issued by: Security Week

Meant to provide significantly reduced power consumption and costs at communication ranges similar to those provided by Bluetooth, BLE is used for a broad range of applications in sectors such as automotive, healthcare, security, home entertainment, and more. BLE proximity authentication is typically to unlock or keep unlocked products such as cars, smart locks, access…

Malware & Threats

Ransomware, Malware-as-a-Service Dominate Threat Landscape

Issued by: Security Week

Red Canary’s 2022 Threat Detection Report (PDF) analyzed more than 30,000 confirmed threats across the firm’s customer base. The report notes that ransomware criminals have responded to improving target company backups by introducing sensitive data exfiltration and the threat of exposure (double extortion). “Backups will allow an organization to get back up and running more…

Application Security, Software Security

Insurance and Fintech Firm Acrisure Launches Cyber Services Division

Issued by: Security Week

The new division provides clients with an integrated offering that combines cyber insurance with vulnerability scanning, email and endpoint security, and backup and recovery services. Headed by Bill Meara, who joins the company from private equity giant Abry Partners, Acrisure Cyber Services expands on the company’s existing products, including insurance, reinsurance, asset management, and real…