malicious

Malware & Threats

Issued by: Security Week

Locky Variant Osiris Distributed via Excel Documents

The infamous Locky ransomware has once again switched to a new extension to append to encrypted files, but reverted to malicious Office documents for distribution, security researchers have discovered. The latest Locky variant is appending the .osiris extension to encrypted files, marking a switch from the Norse mythology to Egyptian mythology. The change comes only…

Malware & Threats

Issued by: Security Week

Office 365 Flaw Made Fake Microsoft Emails Look Legitimate

A flaw in Office 365 could have been exploited by attackers to send out malicious emails and make them look as if they were coming from a legitimate microsoft.com address. The issue was discovered by Utku Sen, a Turkey-based security enthusiast known for releasing an open source ransomware called Hidden Tear for educational purposes.

Malware & Threats

Issued by: Dark Reading

Google Adwords Malvertising Campaign Targets Apple Macs

Apple Mac owners using the Google search engine may have been infected via malicious ads at the tip-top of their search results last week after attackers launched a malvertising campaign against Google Adwords. In an act of gumption or plain cheek, the attackers’ malicious lure of choice was a phony ad for one of Google’s…

Application Security, Vulnerabilities

Issued by: Security Week

Cisco Patches 9 Flaws in Email Security Appliance

The most serious, rated “high severity,” are three DoS flaws in the AsyncOS software for Cisco ESA. The security holes, tracked as CVE-2016-6356, CVE-2016-1486 and CVE-2016-1481, allow a remote, unauthenticated attacker to cause a DoS condition on affected devices using specially crafted emails and malicious attachments. CVE-2016-1481 and CVE-2016-6356 affect AsyncOS versions 8.0 and prior,…

Vulnerabilities

Issued by: CIO Security

Ex-NSA contractor hoarded two decades’ worth of secrets

The former National Security Agency contractor suspected of stealing U.S. hacking tools allegedly was found hoarding two decades’ worth of classified materials. In a Thursday court filing, federal investigators provided new details on their case against 51-year-old Harold Martin, who was arrested in late August. Investigators have seized 50 terabytes of information from Martin, in…