New Cisco Talos web reputation verdicts

Cisco Talos has updated and expanded the Talos Threat Levels used to describe our web reputation verdicts. As you will see in the chart below, we are increasing the amount of reputation verdicts from three to five. We are retaining the Unknown category, just as before. Cisco Security products wil...

Cybercriminals Adding Sophistication to BEC Threats

Cybercriminals are boosting their game and employing new tactics to move up the chain of command with more sophisticated business email compromise BEC threats that pose a greater threat to organizations, according to a new report. Advanced BEC attacks–including impersonation attacks and CEO...

X (Formerly Twitter): Periscope-all Firebase database takeover

Hello, I found one public Firebase database of periscope.tv and I can able to insert data to this database and i only used it once for the testing purposes, so other database queries also possible. Please follow the below link to check the inserted test data. Periscope-all Firebase URL :-...

Paragon Initiative Enterprises: Github wikis are editable by anyone https://github.com/paragonie/password_lock/wiki

submitted a misconfiguration in some of our GitHub repositories to us. Wikis are inherently editable for all users, but for some repositories an organization may want to restrict this access. In some cases it was possible for GitHub users . Github wikis on the following project...

Privacy Experts: Facebook's $5B Fine Unlikely to Do Much

The $5 billion fine that the Federal Trade Commission has slapped on Facebook for privacy violations may be the largest ever levied by the agency, but it’s being derided as “chump change” and ineffective by lawmakers and privacy analysts. The settlement, reported Friday evening, stems from...

PhoneInfoga - Advanced Information Gathering & OSINT Tool For Phone Numbers

PhoneInfoga is one of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with very good accuracy. Then search for footprints on search engines to...

CVE-2019-3586

Protection Mechanism Failure in the Firewall in McAfee Endpoint Security ENS 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI...

Say hello to Baldr, a new stealer on the market

By William Tsing, Vasilios Hioureas, and Jérôme Segura Over the past few months, we have noticed increased activity and development of new stealers. Unlike many banking Trojans that wait for the victim to log into their bank's website, stealers typically operate in grab-and-go mode. This means th...

Tax time again: IT security for accounting firms

As the end of another busy tax season approaches, it is important for accounting firms to remember their obligations related to data security. Accounting firms maintain a significant amount of data on behalf of their own employees and clients. These firms house financial records, tax information,...

Cisco Talos adds new Content Category

Our goal at Cisco Talos is to provide detailed and actionable information in order to let customers decide how best to protect their networks and users based on their needs. To this end, Cisco Talos is adding a new content category to Talos Intelligence. Starting on April 3, supported Cisco...

A week in security (March 11 – 17)

Last week on Malwarebytes Labs, we looked at the Lazarus group in our series about APT groups, we discussed the introduction of Payment Service Directive 2 PSD2 in the EU, we tackled Google’s Nest fiasco, and the launch of Mozilla's Firefox Send. In addition, we gave you an overview of the...

Reputation management in the age of cyberattacks against businesses

Avid readers of the Malwarebytes Labs blog would know that we strive to prepare businesses of all sizes for the inevitability of cyberattacks. From effectively training employees about basic cybersecurity hygiene to guiding organizations in formulating an incident response IR program, a...

Merging Facebook Messenger, WhatsApp, and Instagram: a technical, reputational hurdle

Secure messaging is supposed to be just that—secure. That means no backdoors, strong encryption, private messages staying private, and, for some users, the ability to securely communicate without giving up tons of personal data. So, when news broke that scandal-ridden, online privacy pariah...

Brave Software: DMARC RECORD MISSING

VULNERABILITY TYPE- DMARC RECORD MISSING. HOW TO REPRODUCEPOC-ATTACHED IMAGE:- 1.GO TO- https://mxtoolbox.com 2.ENTER THE WEBSITEbrave.org.CLICK GO. 3.YOU WILL SEE THE FAULTNo DMARC Record found 4.In the new page that loads change MXLookup to DMARCLookup I HAVE ALREADY INFORMEDD THEM.THEY TOLD TO...

RATELIMITED: Missing Protection Mechanism in Mail Servers allows malicious user to use staff.ratelimited.me email could lead to identity theft.

Hello ratelimited, I'm not really sure how your mail servers being configured but i guess there is a mis-configuration or missing protection mechanism that fails to verify if the email that is going to be sent are only made by authorized ratelimited staff only. From this point of view a malicious...

Cisco Talos' new reputation dispute system

We know users have been waiting for this feature for a while, and we are here to say: It’s ready. Cisco Talos’ new reputation system rolled out Jan. 14 on TalosIntelligence.com. We have been working on this change since the rollout was initially announced this past summer. Starting today, all use...

ThreatList: $1.7M is the Average Cost of a Cyber-Attack

The average cost estimate for cleaning up a cyberattack comes in at around $1.1 million, according to a recent survey. But this is actually a rosy view: For those organizations that actually calculate versus estimate the real cost of an attack, that number increases significantly to $1.67 million...

At CES, Focus is On ‘Cool Factor’ Not IoT Security

With the Consumer Electronics Show CES afoot this week, headlines are crammed with the offbeat connected products from the show – including everything from a smart belt all the way down to a connected toilet. But one important topic seems to be missing from the troves of CES news and even from th...

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks...

Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability

Summary An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightClo...