Monday 5/13
Update Your Drivers Right Now If You Have An NVIDIA GeForce, Quadro or Tesla Graphics Card
Nvidia has uncovered and patched three vulnerabilities in the Windows display drivers for the company’s GeForce, Quadro and Tesla graphics cards. If exploited, the vulnerabilities could lead to denial of service, escalation of privileges or information disclosure on the host machines.
http://bit.ly/2JhRtYk
HyTrust Launches Full-Scale Security Platform for VMware, AWS, Containers
HyTrust CloudControl 6.0 expands to include VMware vSphere and NSX, the AWS cloud and Kubernetes. The expanded platform addresses problems organizations currently face in trying to secure and ensure compliance of their hybrid, multi-cloud environments efficiently.
http://bit.ly/2Vzi35O
Cybersecurity: This is how Microsoft Defender ATP tackles password-stealing credential dumping attempts
As Microsoft explains, lsass.exe manages large amounts of user credential secrets, making its memory space a key target for "credential dumping" — or stealing credentials from the operating system, which an attacker can use to then move laterally around a targeted network.
https://zd.net/2WHzoWO
Tuesday 5/14
Update WhatsApp now to avoid spyware installation from a single missed call
A vulnerability discovered in Facebook’s WhatsApp messaging app is being exploited to inject commercial spyware onto Android and iOS phones by simply calling the target, reports The Financial Times. The spyware can be installed without trace and without the target answering the call, according to security researchers and confirmed by WhatsApp.
http://bit.ly/2vVDoY1
Two years after WannaCry, a million computers remain at risk
As many as 1.7 million internet-connected endpoints are still vulnerable to the exploits, according to the latest data. But that only accounts for devices directly connected to the internet and not the potentially millions more devices connected to those infected servers. The number of vulnerable devices is likely significantly higher.
https://tcrn.ch/2WJSJXo
Cybercriminals favor targeting top executives, small businesses, money: Verizon data breach report
According to this year’s report, 43% of all breaches occurred at small businesses, with the number one driver behind these breaches being financial gain. Ransomware accounted for 24% of the malware incidents analyzed and is the number two most-used malware type behind Command and Control (C2) malware.
http://bit.ly/2HhvFbK
Wednesday 5/15
April 2019’s Most Wanted Malware: Cyber Criminals Up to Old ‘Trickbots’ Again
Trickbot campaigns increased sharply with several American Tax Day-themed spam campaigns timed to coincide with the April 15th deadline for individual income tax returns in the U.S. The spam campaigns spread Excel file attachments that downloaded Trickbot to victims’ computers to spread across networks, collect banking details, and possibly steal tax documents for fraudulent use.
http://bit.ly/2w1iGWF
Intel CPUs impacted by new Zombieload side-channel attack
The leading attack in this new vulnerability class is a security flaw named Zombieload, which is another side-channel attack in the same category as Meltdown, Spectre, and Foreshadow. Just like the first three, Zombieload is exploited by taking advantage of the speculative execution process, which is an optimization technique that Intel added to its CPUs to improve data processing speeds and performance.
https://zd.net/2W8vsBa
Hackers access data from more than 460,000 accounts at Uniqlo’s online store
The breach gave hackers access to customers’ data including their names, addresses and contact details. The company acknowledged that partial credit card information “may have been browsed,” though “there is no possibility of leakage” in credit card security codes.
https://cnb.cx/2JHpZef
Thursday 5/16
Source Code Discovery Sheds Light on the Business of Malware
The recent uncovering of the Carbanak source code on VirusTotal by FireEye has been an eye-opener into the sophisticated factory-line product development techniques used to create and, more importantly, build a commercial-scale and particularly dangerous form of malware.
http://bit.ly/2Q3TbNH
Cisco releases a critical security patch for a virtualized automation tool
The vulnerability in this case lies in the REST API of ESC and could let an unauthenticated remote attacker bypass authentication on the REST API and execute arbitrary actions with administrative privileges on an affected system. The severity of this weakness was rated a 10 out of 10.
http://bit.ly/2W54sTf
Monday 5/20
Illicit streaming devices are more popular than ever, and hackers are taking note
Online hackers are using illicit streaming devices — known as “Kodi boxes” or “jailbroken Fire TV sticks” — to skirt home network security measures, infect consumers with malware, and steal vital personal information like passwords and financial records.
http://bit.ly/2VMQyWu
Security researchers discover Linux version of Winnti malware
The malware discovered was made up of two parts. A rootkit component to hide the malware on infected hosts, and the actual backdoor trojan. Further analysis revealed code similarities between the Linux version and the Winnti 2.0 Windows version.
https://zd.net/2WTl4dZ
How to Fight Back Against Macro Malware
By hiding malcode inside macros, cybercriminals can conceal their intentions until a potential victim unwittingly unleashes the payload.
https://ibm.co/2YzmlHe