Method: Windows Malware – ThreatKit
March 25th – Researchers at Proofpoint have discovered a new type of exploit kit, called ThreatKit, that allows attackers to craft malicious Office Documents and attempt to exploit CVE-2017-8570, CVE-2017-11882, and CVE-2018-0802. The Word Document comes with an embedded executable that is decoded as a result of successful exploitation of the system. In some instances […]
Proficio Observes New Bluetooth Vulnerabilities
Proficio has observed several open sources of intelligence that have detailed the release of multiple critical vulnerabilities for Bluetooth and an attack vector utilizing those vulnerabilities known as “BlueBorne.” Here are the details we have gathered so far. BlueBorne Summary Multiple news outlets have reported the discovery of several important vulnerabilities in both the design […]
How to Combat the Rise of “Hacktivism”
In today’s politically charged climate in the United States and around the world, political activists increasingly are putting down their protest signs and going online to carry out cyber attacks in the name of their causes. The combination of hacking and activism is nothing new; the first such attacks date back to the 1980s and […]
Latest Ransomware Attack Cripples Networks Worldwide
For the second time in as many months, hackers have unleashed a massive ransomware attack targeting thousands of computer networks across the world. The latest attack, nicknamed the GoldenEye strain of Petya ransomware, began on Monday June 27 and continued to unfold into Tuesday June 28, officials said. Investigators suspect it originated in the Ukraine […]
Recommended Action for Linux Kernel Vulnerability
Recently, a critical zero day vulnerability in a Linux kernel module was publicized. If successfully exploited on a Linux device, this vulnerability would allow an attacker to potentially execute arbitrary code with escalated privileges. Devices running Linux kernel 3.8 or higher are potentially vulnerable to this bug, meaning millions of Linux devices and around two […]
Targeted Wire Transfer Scams on the Rise
While not new, targeted wire transfer scams are alive and well and we recommend that you check your processes to guard against them. These scams start by targeting corporate executives and attempt to convince their targets to wire funds to accounts controlled by the fraudsters. In one variant of the attack, the scammer will register […]
Sandworm – Microsoft Windows Zero-day Vulnerability
What is a Zero-day Vulnerability? A zero-day vulnerability is like a hidden door in a computer program that hackers find before anyone else knows about it and is often times in the program when it ships to customers, unknown to the publishers. Since nobody knows about it, there are zero days to fix it before […]
Shellshock Bash Vulnerability
Shellshock/Bash is a major new vulnerability that affects Unix, Linux and Mac users. This remote code execution vulnerability exists in almost every version of the GNU Bourne Again Shell (Bash). See CVE-2014-6271 in National Vulnerability Database: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271 Description of CVE-2014-6271: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment […]
