EUVD-2019-0869

Malware in sbrugna...

North Korean Hackers Target macOS Using Flutter-Embedded Malware

Threat actors with ties to the Democratic People's Republic of Korea DPRK aka North Korea have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery...

New PIXHELL Attack Exploits LCD Screen Noise to Exfiltrate Data from Air-Gapped Computers

A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the "audio gap" and exfiltrating sensitive information by taking advantage of the noise generated by pixels on an LCD screen. "Malware in the air-gap and audio-gap computers generates crafted pixe...

ALPHV is singling out healthcare sector, say FBI and CISA

In an updated StopRansomware security advisory, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as...

What the continued escalation of tensions in the Middle East means for security

Cisco Talos works with many organizations around the world, monitoring and protecting against sophisticated threats every day. As such, we are watching the current state of events in the Middle East very closely for our customers and partners who may be impacted by the ongoing situation. We are...

Rubella Crimeware Kit: Cheap, Easy and Gaining Traction

A crimeware kit dubbed the Rubella Macro Builder is betting on a “dirty deeds done dirt cheap” approach to gain popularity in the criminal underground. The kit does two things: with a point-and-click builder functionality, it generates an initial malware payload for social-engineering spam...

Combating a spate of Java malware with machine learning in real-time

In recent weeks, we have seen a surge in emails carrying fresh malicious Java .jar malware that use new techniques to evade antivirus protection. But with our research team’s automated expert systems and machine learning models, Windows 10 PCs get real-time protection against these latest threats...

Holiday Season 2015 Email Campaign

The holiday season is a time when many people go on vacation or at least get much-needed downtime from work, but that is not always the case with attackers. To better understand the threats we face during “the most wonderful time of the year,” FireEye Labs has been collecting data on the most...

US Intelligence Chief Hacked by the Teen Who Hacked CIA Director

Nation's Top Spy Chief Got Hacked! The same teenage hacker who broke into the AOL email inbox of CIA Director John Brennan last October has now claimed to have broken into personal email and phone accounts of the US Director of National Intelligence James Clapper. Clapper was targeted by the...

'Kyle and Stan' Malvertising Network Targets Windows and Mac Users

A malvertising network that has been operating since at least May has been able to place malicious ads on a number of high-profile sites, including Amazon and YouTube and serves a unique piece of malware to each victim. The network, dubbed Kyle and Stan by the Cisco researchers who analyzed its...

Stealing PIN Codes With a Wink and a Nod

Security researchers have developed a number of different methods to steal or bypass the passcodes on most of the common mobile phone platforms, some of which rely on software bugs and others that are simple social engineering techniques. Now, a pair of researchers from the University of Cambridg...

Microsoft Internet Explorer 678 - winhlp32.exe MsgBox() Remote Code Execution

Microsoft Internet Explorer 678 - winhlp32.exe MsgBox Remote Code Execution Microsoft Internet Explorer is prone to a remote code execution vulnerability. Source iSEC Security Research: http://isec.pl/vulnerabilities10.html Attackers can exploit this issue to execute arbitrary code in the context...

IceWarp Merak Mail Server 9.4.1 - 'Forgot Password' Input Validation

source: https://www.securityfocus.com/bid/34827/info IceWarp Merak Mail Server is prone to an input-validation vulnerability because it uses client-supplied data when performing a 'Forgot Password' function. Attackers can exploit this issue via social-engineering techniques to obtain valid users'...