malicious

Vulnerabilities

Issued by: Help Net Security

Billions of Bluetooth-enabled devices vulnerable to new airborne attacks

Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices. The vulnerabilities, collectively dubbed BlueBorne by the researchers who discovered them, can be exploited without users having to click on a…

Malware & Threats

Issued by: CSO

How ransomware is creating a data backup explosion

While the WannaCry ransomware and Petya – a wiper disguised as ransomware – are two of the most recent headline-grabbers in the security world,  the truth is that we’ve been seeing this type of attack become more common over the past few years. Because data is the new oil in the digital economy, ransomware attacks…

Malware & Threats

Issued by: Security Week

Researchers Uncover Infrastructure Behind Chthonic, Nymaim Trojans

While analyzing malware that uses PowerShell for infection, Palo Alto Networks managed to uncover the infrastructure behind recent attacks that leveraged the Chthonic and Nymaim Trojans, along with other threats. The analysis kicked off from one malicious sample, but resulted in security researchers from Palo Alto Networks being able to identify 707 IPs and 2,611 domains supposedly…

Malware & Threats

Issued by: Security Week

Backdoors Found in Tools Used by Hundreds of Organizations

Many organizations around the world using connectivity tools from NetSarang are at risk after researchers at Kaspersky Lab discovered that malicious actors had planted a backdoor in several of the company’s products. NetSarang, which has offices in the United States and South Korea, specializes in secure connectivity solutions. Some of its most popular products are…

Cloud Security

Issued by: Dark Reading

Catastrophic Cloud Attack Costs Would Rival that of Hurricane Damages

Lloyd’s of London estimates multi-billion-dollar loss figures in worst-case scenarios of a major zero-day exploit or massive cloud outage. WannaCry spread like wildfire in a matter of days reaching 150 countries and creating an anticipated $4 billion in losses, but if attackers were to launch a global, system-wide attack that hit a multitude of cloud-based companies,…

Malware & Threats

Issued by: Dark Reading

WannaCry? You’re Not Alone: The 5 Stages of Security Grief

When it comes to securing the enterprise, the attackers have the advantage. Defenders are required to protect against every conceivable threat while the attacker needs only a single attack vector to penetrate a network. The universe of potential intrusion vectors is vast: faulty authentication mechanisms, gaps in the perimeter network, legacy applications, and, of course,…

Network Security

Issued by: CSO

APT3 hackers linked to Chinese intelligence

The APT3 hacker group, which has been attacking government and defense industry targets since 2010, has been linked to the Chinese Ministry of State Security, according to a report by Recorded Future. Other attackers have been linked to the Chinese military, but this is the first time a group has been connected to Chinese intelligence,…

Vulnerabilities

Issued by: Help Net Security

Apple issues security updates for macOS, iDevices

It’s time to patch your Mac, iDevices and software again: Apple has released security updates for MacOS (all the way back to Yosemite), iOS, watchOS, tvOS, iTunes, iCloud for Windows, and Safari. The iTunes and iCloud for Windows updates fix one vulnerability in WebKit each. But both of these are critical, as they can be…