Monday 11/12
Security Breach at Nordstorm exposed sensitive employee data
Seattle-based retailer Nordstrom is notifying employees of an information-security breach that exposed their names, Social Security numbers, dates of birth, checking account and routing numbers, salaries and more.
http://bit.ly/2qEYMOs
U.S. Cyber Command Shares Malware Samples To Help Thwart Bad Actors
In a brief media release, USCYBERCOM stated that it plans to “share unclassified malware samples it has discovered that it believes will have the greatest impact on improving global cybersecurity.”
http://bit.ly/2DijqeY
This banking malware just added password and browser history stealing to its playbook
The execution goes through a number of processes, culminating in PowerShell being executed to download a final payload from a fake Microsoft Office Excel address. This payload - pointer.exe - is TrickBot itself, which is listed as ""pointes.exe" once installed.
https://zd.net/2DiuLf1
Tuesday 11/13
Hackers hide cryptocurrency mining malware in Windows installation files
“The malware arrives on the victim’s machine as a Windows Installer MSI file, which is notable because Windows Installer is a legitimate application used to install software,” the report reads. “Using a real Windows component makes it look less suspicious and potentially allows it to bypass certain security filters.”
http://bit.ly/2DyfrvJ
Cisco updates SD-WAN portfolio with new security features
Among the key updates, Cisco said it's integrating application-aware enterprise firewall, intrusion prevention, and URL filtering into Cisco SD-WAN devices, whether Meraki or Viptela. Cisco is also integrating SD-WAN with Cisco Umbrella in an effort to make it easier for customers to block malicious destinations before a connection is established.
https://zd.net/2PVsxc2
Why WannaCry ransomware is still a threat
Over 18 months after it first caused chaos by encrypting hundreds of thousands of PCs around the world, WannaCry ransomware is very much still alive, with the percentage of infection attempts actually higher than it was this time last year
https://zd.net/2z6aPJm
Wednesday 11/14
FASTCash: How the Lazarus Group is Emptying Millions from ATMs
The operation, known as “FASTCash”, has enabled Lazarus to fraudulently empty ATMs of cash. To make the fraudulent withdrawals, Lazarus first breaches targeted banks’ networks and compromises the switch application servers handling ATM transactions.
https://symc.ly/2qM7RoT
Microsoft Resumes Windows 10 October 2018 Rollout
On Tuesday, Microsoft executive John Cable announced that the October 2018 Update rollout is now starting back up—which includes the re-release of the commercial version of the update. Cable said the company investigated "isolated reports of users missing files after updating" and has resolved the related issues with the update
http://bit.ly/2qKG2NF
This remote access Trojan just popped up on malware’s most wanted list
But for the first time ever, October saw the FlawedAmmyy RAT scrape into the top ten most detected malware threats in tenth place -- making it the first remote access trojan to make the list.
https://zd.net/2PsFbA0
Thursday 11/15
Symantec Honored for its Collaboration with Leading Industry Group to Protect Against Business Email Compromise Scams
Symantec Corp. has been recognized for its work with the Business Email Compromise (BEC) List as a recipient of the annual 2018 JD Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG). The JD Falk Award honors an outstanding innovative project that protects internet security and embodies the spirit of volunteerism and community building.
http://bit.ly/2TaULOK
Ivanti simplifies Endpoint software Distribution with Ivanti Package Studio
Ivanti Package Studio provides a 'Setup Store' which contains ready-to-use setups for most typical Windows desktop applications. These can be downloaded and configured automatically and deployed using Ivanti Unified Endpoint Manager.
https://prn.to/2PVZBkl
With 100+ New Features – R80.20 Cyber Security Management is Here
With new, innovative AI engines – dubbed Cadet, Campaign Hunting, and Huntress – R80.20 boasts triple the threat prevention accuracy, with a higher catch rate and lower false positives.
http://bit.ly/2OJl3El
Friday 11/16
Citrix pays $200M to acquire Sapho, which connects legacy software with ‘micro apps’
Citrix today is announcing that it has acquired Sapho, a startup that develops “micro apps” for legacy software so that workers could use them as they would more modern applications: in the cloud, on mobile and more.
https://tcrn.ch/2S0yp1b
Massive Data Leaks Keep Happening Because Big Companies Can Afford to Lose Your Data
The 2018 Cost of a Data Breach Study from the Ponemon Institute and IBM pegs average costs per data breach globally at $3.86 million, including IT expenses, insurance, notification, and lost customers and business. In the US, the average is $7.91 million.
http://bit.ly/2K9xKrA