Hyperbole Swirls Around AMD Processor Security Threat

Maybe it was the exaggerated threats against AMD’s business or the semi-unprofessional way the threats were brought to light but no matter — security start-up CTS-Labs claims of security holes in the chipmaker’s Ryzen and Epic processor lines are now being lambasted across the security community...

Iran-Linked Group ‘TEMP.Zagros’ Updates Tactics, Techniques In Latest Campaign

Researchers say a massive phishing campaign targeting Asia and Middle East regions is linked to an Iranian-based threat actor TEMP.Zagros, also known as MuddyWater. This latest attack illustrates an evolution by the threat actor, which has now adopted new tactics, techniques and procedures. “We...

New Web-Based Malware Distribution Channel ‘BlackTDS’ Surfaces

A new traffic distribution system for malware is being offered as a service on the Dark Web and is promoting itself as an affordable way to deploy exploit kits and malware. The traffic distribution system TDS is being called BlackTDS by the Proofpoint researchers that found it. Traffic distributi...

New POS Malware PinkKite Takes Flight

A new family of point-of-sale malware, dubbed PinkKite, has been identified by researchers who say the malware is tiny in size, but can delivered a hefty blow to POS endpoints. Researchers at Kroll Cyber Security first identified PinkKite in 2017 during a nine-month investigation into a large POS...

Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update

Microsoft patched 15 critical vulnerabilities this month as part of its March Patch Tuesday roundup of fixes. In all, the company issued 75 fixes, with 61 rated important. Products receiving the most urgent patches included Microsoft browsers and browser-related technologies such as the company’s...

AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips

Researchers on Tuesday said they found several critical security vulnerabilities in various AMD chips, allegedly opening them up to attackers who want to steal sensitive data and install malware on AMD servers, workstations and laptops. Israel-based CTS-Labs said that it has discovered 13 critica...

Samba Patches Two Critical Vulnerabilities in Server Software

Two critical patches for the free networking software Samba were released Tuesday, addressing vulnerabilities that could allow an unprivileged remote attacker to launch a denial of service attack against servers running the software or allow an adversary to change user passwords, including the...

China-Linked APT15 Used Myriad of New Tools To Hack UK Government Contractor

CANCUN, Mexico – Researchers at NCC Group have discovered multiple backdoors on a UK government contractor’s computer systems designed to steal sensitive government and military data. The hack is tied to China-linked cyber espionage group APT15, which researchers said is utilizing many new tools ...

FireEye’s Marina Krotofil On Triton and ICS Threats

At the Security Analyst Summit this year in Cancun, FireEye’s Marina Krotofil talks about the Triton malware, first disclosed in December 2017, that targets industrial control systems. Krotofil discusses with Threatpost’s Lindsey O’Donnell about the implications of this malware for the...

CCleaner Attackers Intended To Deploy Keylogger In Third Stage

CANCUN, Mexico – As investigations continue into a backdoor that was planted in the CCleaner utility in 2017, Avast said it has found that the threat actors behind the attack were planning to install a third round of ShadowPad malware on compromised computers. Avast, which acquired the maker of...

Cyber Espionage Campaign ‘Slingshot’ Targets Victims Via Routers

CANCUN, Mexico – Researchers have uncovered a new cyber-espionage threat, dubbed Slingshot, that targets routers and uses them as a springboard to attack computers within a network. Kaspersky Lab, which released details of its discovery during its Security Analyst Summit on Friday, said that the...

Sofacy APT Adopts New Tactics and Far East Targets

CANCUN, Mexico – A new analysis of the Russian-speaking Sofacy APT gang shows a continual march toward Far East targets and overlapping of activities with other groups such as Lamberts, Turla and Danti. Researchers at Kaspersky Lab this morning at its Security Analyst Summit, released their updat...

Security Camera Found Riddled With Bugs

CANCUN, Mexico – Tech firm Hanwha Techwin is racing to fix 13 critical security holes found in its popular line of SmartCam security cameras. The patch rollout is part of public disclosure of the vulnerabilities set for today by researchers who discovered the bugs. Flaws range from the use of an...

Vulnerability in Robots Can Lead To Costly Ransomware Attacks

CANCUN, Mexico – A vulnerability in Softbank Robotics’ NAO and Pepper robots can lead to costly ransomware attacks that could cause robots deployed in businesses to stop working, curse at customers, or even perform violent movements. The vulnerability was disclosed at Kaspersky Lab’s Security...

Olympic Destroyer: A False Flag Confusion Bomb

CANCUN, Mexico – A postmortem of the Olympic Destroyer malware used in the PyeongChang Olympics attack reveals a deliberate attempt by adversaries to plant a false flags when it comes to attribution, according to researchers. Days after the crippling attack on the backend networks tied to the...

Lookout: Dark Caracal Points To APT Actors Moving To Mobile Targets

CANCUN, Mexico – On the heels of global cyber espionage campaign Dark Caracal, security firm Lookout is sounding the alarm on how it is indicative of advanced persistent threats moving from desktop platforms to mobile platforms. Dark Caracal, which was first discovered by researchers in January, ...

POS Malware Found at 160 Applebee’s Restaurant Locations

Malware was discovered on point of sales systems at more than 160 Applebee’s restaurants, exposing credit card information from unknowing diners. RMH Franchise Holdings, which owns and operates more than 160 Applebee’s stores across the U.S., said that it recently discovered malware infecting its...

Google Patches 11 Critical Bugs in March Android Security Bulletin

Google patched 11 critical vulnerabilities in its Android operating system this week, seven of which are remote code execution bugs. In total, 37 flaws were patched, with 26 rated as high severity. The most severe of the bugs is a critical security vulnerability found in the Media Framework...

IoT Security Disconnect: As Attacks Spike, Device Patching Still Lags

As more businesses bring IoT devices onboard they are coming face to face with the security downsides of the IoT boom, researchers say. According to a report by Trustwave released last week, 61 percent of companies surveyed who have deployed some level of connected technology have also had to dea...

Cryptomining Gold Rush: One Gang Rakes In $7M Over 6 Months

The bloom is on the criminal cryptomining of computer resources and the reason is obvious – it’s lucrative. One cryptomining gang tracked by researchers over the past six months minted $7 million with the help of 10,000 computers infected with mining malware. The rise of malicious cryptomining...

Equifax Says 2.4 Million More People Impacted By Massive 2017 Breach

Equifax said that an additional 2.4 million Americans have had their personal data stolen as part of the company’s massive 2017 data breach, including their names and some of their driver’s license information. The additional identified victims bring the total of those implicated in what has beco...

In Wake of ‘Biggest-Ever’ DDoS Attack, Experts Say Brace For More

The largest distributed denial of service attack was recorded Wednesday and targeted GitHub. The DDoS attack measured 1.3 Tbps of sustained traffic for eight minutes. That shattered a previous DDoS publicly record attack associated with the Mirai botnet in Sept., 2016 that maxed-out at half the...

Bug in HP Remote Management Tool Leaves Servers Open to Attack

Hewlett Packard Enterprise has patched a vulnerability in its remote management hardware called Integrated Lights-Out 3 that is used in its popular line of HP ProLiant servers. The bug allows an attacker to launch an unauthenticated remote denial of service attack that could contribute to a...

Sophisticated RedDrop Malware Targets Android Phones

A sophisticated strain of mobile malware targeting Android devices can extract sensitive data and audio recordings, run up premium SMS charges and then tries to extort money from victims. According to security firm Wandera the malware, dubbed RedDrop, is being distributed inside 53 Android...

Ad Network Circumvents Ad-Blocking Tools To Run In-Browser Cryptojacker Scripts

Cryptojackers are getting resourceful and have figured out how to bypass ad-blocking software and deliver the Coinhive JavaScript miner via browser-based ads. Researchers at Qihoo’s Netlab 360 said it recently spotted an advertising network that was using what is called a domain generation...

Misconfigured Memcached Servers Abused to Amplify DDoS Attacks

Cybercriminals behind distributed denial of service attacks have added a new and highly effective technique to their arsenal to amplify attacks by as much as 51,200x by using misconfigured memcached servers accessible via the public internet. The technique was reported by Akamai, Arbor Networks a...

Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips

Intel has issued updated microcode to help safeguard its Broadwell and Haswell chips from the Spectre Variant 2 security exploits. According to Intel documents, an array of its older processors, including the Broadwell Xeon E3, Broadwell U/Y, Haswell H,S and Haswell Xeon E3 platforms, have now be...

Massive Spam Campaign Targets Unpatched Systems

Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers. According to cybersecurity firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word documen...

WordPress Users Warned of Malware Masquerading as ionCube Files

Security researchers are warning WordPress and Joomla admins of a sneaky new malware strain masquerading as legitimate ionCube files. The malware, dubbed ionCube Malware, is used by cybercriminals to create backdoors on vulnerable websites allowing them to steal data or plant more malware. In the...

Remote Code Execution Bug Patched in Adobe Acrobat Reader DC

Researchers at Cisco Talos are detailing a remote code execution vulnerability found in Adobe Acrobat Reader DC that can be triggered when a malicious file is opened or a victim accesses a rigged webpage. According to Talos, the vulnerability CVE-2018-4901 was disclosed on Dec. 7 and Adobe issued...

Apple Tackles Cellebrite Unlock Claims, Sort Of

In the wake of claims that Israeli company Cellebrite has developed an unlocking tool for any iPhone, Apple is urging customers to upgrade to the latest version of iOS 11. Apple’s response falls well short of a full-throated debunk of the iPhone hack, but suggest some merit to the claim – hence a...

Revamp of ‘Pwned Passwords’ Boosts Privacy and Size of Database

Researcher Troy Hunt announced a major revamp of his Pwned Passwords tool that includes more passwords, added features and tightened privacy for organizations who want to check if their in-use passwords can easily be cracked. In V2 of Pwned Passwords, launched last week, Hunt updated his password...

Drupal Patches Critical Bug That Leaves Platform Open to XSS Attack

Drupal developers patched two critical vulnerabilities this week in versions 7 and 8 of its content management system platform. Overall, Drupal patched seven vulnerabilities including four rated moderately critical and two flaws rated less critical. The first of the critical flaws is a comment...

FBI Warns Of Spike In W-2 Phishing Campaigns

The Federal Bureau of Investigation is warning businesses about a spike in phishing campaigns requesting W-2 information from payroll personnel. In a recent security advisory the FBI warned it has seen an increase since January in reports of compromised or spoofed emails involving W-2 forms. Thes...

Supporters of Net Neutrality Vow to Fight Rule Changes

The repeal of network neutrality rules inched closer to reality on Thursday when the Federal Communications Commission submitted into the Federal Registry its controversial replacement called the Restoring Internet Freedom order. Opponents say the new order will create powerful internet gatekeepe...

Cryptojacking Attack Found on Los Angeles Times Website

Researchers said they found cryptojacking code hidden on the Los Angeles Times’ interactive Homicide Report webpage that was quietly harnessing visitors’ CPUs to mine Monero cryptocurrency. The cryptojacking incident was found by Troy Mursch, a security researcher at Bad Packets Report, on...

uTorrent Users Warned of Remote Code Execution Vulnerability

Google Project Zero researchers are warning of two critical remote code execution vulnerabilities in popular versions of BitTorrent’s web-based uTorrent Web client and its uTorrent Classic desktop client. According to researchers, the flaws allow a hacker to either plant malware on a user’s...

Intel Issues Updated Spectre Firmware Fixes For Newer Processors

Intel has issued updated microcode to help protect its newer processors from Spectre security exploits. The Santa Clara, Calif.-based company’s new microcode updates – which impact its newer chip platforms, such as Kaby Lake, Coffee Lake, and Skylake – have been released to OEM customers and...

New BEC Spam Campaign Targets Fortune 500 Businesses

Researchers have identified a wave of new business email compromise campaigns targeting Fortune 500 companies that are designed to trick victims into fraudulent wire transfers. Researchers said the campaigns originate from Nigeria and are targeting companies in the retail, healthcare and financia...

Flight Sim Labs’ ‘Heavy Handed’ Anti-Piracy Tactics Raise Hackles

Software developer Flight Sim Labs is in hot water after acknowledging that it installed a password harvester for the Google Chrome browser in its flight simulator product. The company explained it was only targeting pirate users of its software, but critics are calling the tactics “dirty”. The...

Year-Old Coldroot RAT Targets MacOS, Still Evades Detection

Researchers are warning users about the Coldroot remote access Trojan that is going undetected by AV engines and targets MacOS computers. The RAT is cross-platform and capable of planting a keylogger on MacOS systems prior to the OS High Sierra and is designed to steal banking credentials. Coldro...

Apple Promises Fix for Latest ‘Text Bomb’ Bug As Abuse Spreads

UPDATE Apple said it is working on a fix for the latest text bomb bug that crashes a number of iOS and Mac apps that display specific Telugu language characters. On Monday, it made good on the promise and announced the availability of a patch CVE-2018-4124 for iOS 11.2.6, watchOS 4.2.3, tvOS...

Intel Expands Bug Bounty Program Post-Spectre and Meltdown

In the wake of the Spectre and Meltdown bugs, Intel has rolled out a significant expansion of its bug bounty program. Intel first launched the program in March 2017. The big changes include a shift from an invitation-only format to one that is open to all security researchers. One key addition is...

Reported Critical Vulnerabilities In Microsoft Software On the Rise

The number of reported vulnerabilities in Microsoft software has mounted from 325 in 2013 to 685 last year, a rise of 111 percent, according to new research. Moreover, there has also been a 54 percent increase in critical Microsoft vulnerabilities since 2016, researchers at Avecto said in their...

Word-based Malware Attack Doesn’t Use Macros

Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free. The attacks do not...

Dell EMC Patches Critical Flaws in VMAX Enterprise Storage Systems

Dell EMC fixed two critical flaws in its management interfaces for its VMAX enterprise storage systems. One of the vulnerabilities could allow a remote attacker to use a hard-coded password to a default account to gain unauthorized access to systems. The company issued updates that address the tw...

Researchers Find New Twists In ‘Olympic Destroyer’ Malware

Researchers have uncovered new wrinkles in the “Olympic Destroyer” malware attack that targeted the Winter Olympics in Pyeongchang, South Korea. Cisco Talos researchers now believe the malware also wipes files on shared network drives. Originally researchers believed the malware only targeted...

Two Nasty Outlook Bugs Fixed in Microsoft’s Feb. Patch Tuesday Update

Microsoft issued 50 security fixes as part of its February Patch Tuesday release, covering vulnerabilities in Windows, Office, Internet Explorer, Edge and its JavaScript engine ChakraCore. Fourteen of the vulnerabilities are labeled as critical, 34 as important and two as moderate. Two notable...

Unicode Technique Used to Deliver Cryptomining Malware Through Telegram

Attackers are using the time-tested right-to-left override technique to deliver cryptomining malware through the popular Telegram messaging application, say researchers. The right-to-left RLO technique uses Unicode to hide malicious file names and trick users into executing what appear to be beni...

‘Olympic Destroyer’ Malware Behind Winter Olympics Cyberattack, Researchers Say

Winter Olympics officials have confirmed that a cyberattack occurred during the games’ opening ceremony on Feb. 9, but are remaining mum on the source of the attack. Researchers say the attack employed malware, dubbed Olympic Destroyer, that was written with the sole intention of destroying...