Not Your Father’s Printer Security
As printers become more sophisticated with more resources, the discovery of new security vulnerabilities is likely to increase, which makes printer security a new focus. Hackers know that IT teams do not always prioritize securing networked printers and consider them an attractive attack vector. There are many well documented security exploits against networked printers and […]
Lessons learned from the Target Data Breach
Now that the dust has cleared from the cyber attack and data breach on Target stores last year, it is time to reflect on what happened and ensure your organization is not susceptible to a similar breakdown in security. How did Target’s data get compromised? All the facts surrounding this attack have not been disclosed […]
Recent Court Case Further Defines Organizations’ Responsibility for Cyber Breaches
It may seem unjust to be held liable by the government when a breach was actually due to actions of a criminal. However, this is not the view of the 3rd Circuit. The August 24th, 2015 opinion by the 3rd Circuit Court of appeals in FTC v. Wyndham Worldwide Corp, et al (0:14-cv-03514) reinforces the […]
CIO Guide: Why Switch to a Hybrid SOC
In today’s heightened threat environment, IT leaders must find creative ways to leverage their resources and better defend against advanced cyber attacks. Balancing the cost of IT security operations vs. the risk of a security breach is one of the toughest challenges facing IT leadership. CIOs and CISOs are seldom thanked when nothing bad happens […]
VULNERABILITY – OFFICE 365 ZWSP DETECTION
Earlier this month, security researchers at Avanan discovered a new zero-width space (ZWSP) vulnerability that was confirmed to have affected Office 365 environments between November 10th, 2018 until January 9th, 2019. ZWSP strings are non-printing Unicode characters normally used to do benign things, such as for enabling line wrapping in long words. However, with this […]
VULNERABILITY – IE ZERO DAY FLAW (CVE-2018-8653)
In the second half of December 2018, a new IE Zero Day named “CVE-2018-8653” was discovered. According to Microsoft, the vulnerability errors when the “scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current […]
METHOD – New OpenSSH backdoors exploiting Linux servers discovered
ESET recently released a report listing 21 in-the-wild OpenSSH malware families reportedly targeting the portable OpenSSH used in Linux OS, out of which 12 appears to have not been documented before. This report comes as a follow up of the ESET 2014 research “Operation Windigo”, originally focusing on Linux server-side credential stealing malware campaign with […]
BREACH – United States Postal Service
A serious vulnerability on the United States Postal Service (USPS) website (www.usps.com) was discovered in early November by an anonymous security researcher. The vulnerability reportedly allowed access to account details for over 60 million users, which included personal information such as email address; username; user ID; account number; street address; and phone number among others. […]
TARGET – AUSTRALIAN PRIME MINISTER’S DOMAIN HIJACKED
An individual at DigitalEagle’s Digital Marketing Agency based out of Australia was able to purchase the rights to domain “scottmorrison.com.au,” the domain that hosted the official website of Scott Morrison, the current Prime Minister of Australia. The individual purchased the rights to the domain at an auction for expiring domains for fifty US dollars. After […]
ATTACKER – NEW NORTH KOREAN THREAT GROUP TARGETING FINANCIAL INSTITUTIONS
FireEye researchers have just released details on a new threat group dubbed APT38, held accountable for the attempted heist of approximately $1.1 billion dollars from financial institutions in different geographies. Also believed to have close ties to the North Korean Regime and their illicit financially-motivated activities, the threat actor appears to differ from the activity […]
VULNERABILITY – NEW APPLE iOS 12 SCREEN BYPASS DISCOVERED
It didn’t take long until a new lock screen flow was found for the new Apple’s iOS 12, released on 17 September 2018. Spanish researcher Jose Rodriguez published a YouTube video in Spanish language detailing the steps of the quite complex passcode bypass. An English-speaking version of the same video was subsequently published on YouTube. […]
REMOTE ACCESS METHOD – REMCOS RAT
A new remote access tool, known as Remcos, has been seen rising in popularity over the last month and has been linked to several recent attacks. Remcos, which sells for €58-389 from the vendor Breaking Security, is a security tool advertised for “ethical hacking” and otherwise legal purposes. Remcos boasts the ability to monitor keystrokes, […]