Monday 3/18
Spam Campaign Uses Recent Boeing 737 Max Crashes to Push Malware
The email goes on to discuss how the Berlinger persona found a document leaked on the dark web. This file purports to identify several companies that will suffer similar crashes involving Boeing 737 Max aircraft in the future. Under the guise of helping them protect their loved ones, Berlinger asks users to view the document by opening an attached JAR file named “MP4_142019.jar.”
http://bit.ly/2TexeuY
This New Facebook Phishing Campaign Could Trick Even Vigilant Users
The campaign targeting mobile users leads to a malicious page, prompting the user to authenticate using Facebook social login from a website that looks like Airbnb. The recent discovery comes after the researchers had already reported a phishing attack based on the concept of being able to reproduce a social login prompt in a very realistic format inside an HTML block.
http://bit.ly/2HrsEZ1
Round 4: Hacker returns and puts 26Mil user records for sale on the Dark Web
Today, the hacker published a new batch of files for sale from six new companies, namely game dev platform GameSalad, Brazilian book store Estante Virtual, online task manager and scheduling apps Coubic and LifeBear, Indonesia e-commerce giant Bukalapak, and Indonesian student career site YouthManual.
https://zd.net/2Y23Rjf
Tuesday 3/19
The Botnet Malware Behind Some of the Biggest DDoS Attacks Ever Just Got an Upgrade
IoT/Linux botnets continue to expand their attack surface, either by the incorporation of multiple exploits targeting a plethora of devices, or by adding to the list of default credentials they brute force, or both.
http://bit.ly/2ucLCtX
Pure Storage, Nvidia, Cisco launch AI hyperscale systems
Pure Storage said Monday that it has combined its AIRI artificial intelligence platform with Nvidia's DGX-1 and DGX-2 hyperscale systems and rolled out a new FlashStack for AI with Cisco and Nvidia. The effort highlights how storage players are lining up with Nvidia to create hyperscale systems designed for AI and machine learning.
https://zd.net/2Hyd3aa
Google, Microsoft work together for a year to figure out new type of Windows flaw
The basic rule is simple enough: when a request to open a file is being made from user mode, the system should check that the user running the application that's trying to open the file has permission to access the file. The system does this by examining the file's access control list (ACL) and comparing it to the user's user ID and group memberships. However, if the request is being made from kernel mode, the permissions checks should be skipped. That's because the kernel in general needs free and unfettered access to every file.
http://bit.ly/2TLWi1z
Wednesday 3/20
This updated trojan malware campaign targets fintech and cryptocurrency trading companies
Cardinal RAT remained under the radar for two years before being uncovered in 2017 – but having that cover blown hasn't stopped cyber criminals from deploying the malware in an effort to stealthily infiltrate the networks of high-value targets using Windows systems.
https://zd.net/2FoRkz7
AI in Cyber - Judging the Efficacy of Machine Learning in Cyber Applications
When people talk about AI in this context, what they generally mean is machine learning. Machine learning is a process where computers take large amounts of data, tie it to specific outcomes, and eventually “learn” to predict outcomes based on new data as it comes in. So for your AI to predict breaches, you need a lot of data leading up to breaches which you then correlate to the actual breaches. Theoretically, you learn to predict breaches from data.
http://bit.ly/2FeuwAS
Thursday 3/21
HP Unveils AI-Driven Software Sure Sense To Block Unknown Malware
The software builds on HP's efforts to secure its PC portfolio against a variety of cybersecurity threats, including BIOS attacks (with Sure Start), browser malware (with Sure Click) and visual hacking (with Sure View). This week at Reinvent 2019, the Palo Alto, Calif.-based company also unveiled a new security service for protecting against malicious files and links on Windows 10 PCs, including for PCs from vendors other than HP.
http://bit.ly/2Tjo7JK
Point of sale malware campaign targets hospitality and entertainment businesses
What sets DMSniff apart from other forms of POS malware is how it uses a domain generation algorithm (DGA) to create command-and-control domains on the fly, helping it to resist takedowns and bypass simple blocking mechanisms. This is beneficial for the attackers because if domains are taken down by law enforcement or hosting providers, the malware can still communicate with the compromised POS device — and continue to transfer stolen data.
https://zd.net/2YaEuvN
Microsoft is bringing its Defender antivirus software to the Mac
Microsoft is bringing its Windows Defender antivirus software to macOS today. The software giant is renaming Windows Defender Advanced Threat Protection (ATP) to Microsoft Defender Advanced Threat Protection (ATP) as a result. Microsoft has created a dedicated Defender ATP client for Mac, and it offers full virus and threat protection mixed with the usual ability to perform quick or full scans.
http://bit.ly/2FunmtP
Friday 3/22
Cisco directs high priority patches for IP phone security exposures
A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition or to execute arbitrary code with the privileges of the app user. Cisco wrote that the vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials.
http://bit.ly/2TPYDZG
Steam vulnerability exposed users to account hijacking and malware
“An attacker can execute arbitrary code on the computer of any Steam user who views the server info of our malicious server,” researchers wrote. “From there on, an attacker could do whatever he [or] she wants.” Among other things, the flaw allowed taking over accounts, stealing in-game items, exfiltrating documents, and even installing additional malware.
http://bit.ly/2TRHm28
Nvidia looking to surf data science wave into the data center
Nvidia believes that data science and the use of neural networks needs to make use of the massively parallel hardware it offers, and that the days of being able to get away with CPU-run neural networks are fading fast.
https://zd.net/2HAQ6mQ