Cryptojacking campaign exploiting Apache Struts 2 flaw kills off the competition

Proof-of-concept (PoC) exploits have been quickly adopted to compromise Linux systems.

FIN6 returns to attack retailer point of sale systems in US, Europe

The secretive cyberattackers are known for stealing credit card data to sell on the Dark Web.

Thousands of MikroTik routers are snooping on user traffic

The routers susceptible to hijacking at being exploited through a known vulnerability.

New Silence hacking group suspected of having ties to cyber-security industry

New Russian-speaking "Silence" group linked to the theft of at least $800,000 from Russian and Eastern European banks and financial institutions.

Google investigating issue with blurry fonts on new Chrome 69

Font rendering appears to have broken down when Google promoted Chrome 69 from the Beta to the Stable channel. Windows users affected.

Recent Windows ALPC zero-day has been exploited in the wild for almost a week

ESET says it detected PowerPool group using recently disclosed Windows ALPC zero-day to improve the efficiency of its malware.

Google fixes Chrome issue that allowed theft of WiFi logins

New Wi-Jacking attack can recover WPA2 pre-shared keys by abusing a Google Chrome design issue. Issue was correct in Chrome 69.

Vodafone: You used 1234 as your password and were hacked? You cover the cost

Updated: Hackers are behind bars for stealing $30,000 from accounts, but Vodafone wants their victims to pay the tab.

Cisco warns customers of critical security flaws, advisory includes Apache Struts

The massive security update includes a patch for the recently-disclosed Apache bug -- but not all products will be fixed yet.

Schneider Electric Modicon vulnerability impacts ICS operation in industrial settings

The security flaw, if left unpatched, has the potential to cause unnecessary reboots.

The ultimate guide to finding and killing spyware and stalkerware on your smartphone

Surveillance isn't just the purview of nation-states and government agencies -- sometimes, it is closer to home.

Tor Browser gets a redesign, switches to new Firefox Quantum engine

Tor Browser finally updated to use new-and-improved Firefox Quantum codebase. This includes new Photon UI.

Vulnerabilities found in the remote management interface of Supermicro servers

Eclypsium researchers disclose second vulnerability affecting Supermicro servers in the past three months

DOJ to charge North Korean officer for Sony hack and WannaCry ransomware

After charging Chinese, Iranian, and Russian cyberspies, US prepares indictment against North Korean officer.

Tesla modifies product policy to accommodate "good-faith" security research

Tesla promises to reset car firmware and software damaged during security research. Also promises not to go after "good-faith" researchers in court.

How US authorities tracked down the North Korean hacker behind WannaCry

US authorities put together four years worth of malware samples, domain names, email and social media accounts to track down one of the Lazarus Group hackers.

Alex Stamos: Pretty clear GRU's goal was to weaken a future Clinton presidency

Former Facebook CSO breaks down differences between fake news, GRU operations, and IRA troll farms

Hacker uses ProtonMail VPN. Hacker DDoSes ProtonMail. Hacker gets arrested.

Braggadocio teen part of up-and-coming Apophis Squad hacking squad fails to protect his identity. Gets promptly arrested by UK police. Pleads guilty.

Schneider Electric may have shipped USB drives infested with malware

The flash drives were "contaminated" during the manufacturing process.

Top Mac anti-adware software in App Store steals your browsing history

A Mac app ranked in the top App Store tiers secretly sends the browsing history of users to a server in China.

US government releases post-mortem report on Equifax hack

GAO report takes us inside Equifax from March 2017 onward, showing how a few slip-ups led to one of the biggest breaches in US history.

Tor Project releases first alpha of Android mobile browser

After yesterday the Tor Project released Tor Browser v8, today, the organization had another surprise in store for its loyal fanbase —an Android mobile browser.

That's What Hackers Do - Enterprise Security Weekly #105

This week, Paul and John talk BitSight, SentinelOne, Swimlane, Fortinet, and more! After the Enterprise News, we air some pre-recorded interviews from Black Hat and DEF CON with Mimecast CTO Marc French, Director of Solutions of Synopsys Ofer Maor, CEO of ThreatX Bret Settle, and Willy Leichter of Virsec!

 

Full Show Notes: https://wiki.securityweekly.com/ES_Episode105

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

 

Visit https://www.activecountermeasures/esw to sign up for a demo or buy our AI Hunter!

 

→Visit our website: https://www.securityweekly.com

→Follow us on Twitter: https://www.twitter.com/securityweekly

→Like us on Facebook: https://www.facebook.com/secweekly

Tens of iOS apps caught collecting and selling location data

Apps collect data such as GPS coordinates, WiFi network IDs and more, and pass all of it to advertising and monetization firms.

Bill that would have the White House create a database of APT groups passes House vote

US hopes that a name-and-shame strategy would deter foreign nation-state hacking groups to attack US infrastructure as often as now.

Angry Floppy Birds - Paul's Security Weekly #574

This week, Paul and the crew sit down with Wim Remes, Founder and Principal Consultant at Wire Security! In our Technical Segment, we welcome back Chris Brenton, Chief Operating Officer for Active Countermeasures, in which he explains why Beacon Analysis in an integral part of threat hunting! In the Security News this week, Vulnerabilities found in remote management interface of Supermicro servers, Google fixes Chrome issue that allowed theft of WiFi logins, U.S. to charge North Korean spy over WannaCry and Sony Pictures hack, how to manipulate Apple’s podcast charts, and a Spanish driver that tests positive for every drug on the test. All that and more, on this episode of Paul’s Security Weekly!

Full Show Notes: https://wiki.securityweekly.com/Episode574

 

** Link to slides for the Technical Segment can be found in the show notes!

Visit https://www.securityweekly.com/psw for all the latest episodes!

 

→Visit https://www.activecountermeasures/psw to sign up for a demo or buy our AI Hunter!!

→Follow us on Twitter: https://www.twitter.com/securityweekly

→Like us on Facebook: https://www.facebook.com/secweekly

Peeled onions and a Minus Touch: Verizon data breach digest lifts the lid on theft tactics

The 2018 report gives us a glimpse of tactics hackers are using today in the name of data exfiltration.

Worries arise about security of new WebAuthn protocol

Cryptography experts point out that new WebAuthn protocol recommends or requires the implementation of old and weak algorithms known to be vulnerable to attacks for years

Standard to protect against BGP hijack attacks gets first official draft

NIST and DHS project publishes first draft of new BGP Route Origin Validation (ROV) standard that will help ISPs and cloud providers protect against BGP hijack attacks.

Popular VPNs contained code execution security flaws, despite patches

Updated: Patches applied to a vulnerability in ProtonVPN and NordVPN builds led to the discovery of separate bugs which had to be resolved quickly in recent updates.

Mirai, Gafgyt IoT botnets stab systems with Apache Struts, SonicWall exploits

Updated: The IoT botnets are back with a new arsenal containing a vast array of vulnerabilities.

These are the warning signs of a fraudulent ICO

Initial Coin Offerings (ICOs) are part of the cryptocurrency Wild West, but how do you know what is fake and what is legitimate?

Researcher finds new malware persistence method leveraging Microsoft UWP apps

New malware persistence method works only on Windows 10 and abuses built-in UWP apps like the Cortana and People apps.

LuckyMouse uses malicious NDISProxy Windows driver to target gov't entities

The hacking group is covertly infecting Windows machines with Trojans by way of stolen certificates belonging to a Chinese security company.

Exploit vendor drops Tor Browser zero-day on Twitter

A company that sells exploits to government agencies drops Tor Browser zero-day on Twitter after recent Tor Browser update renders exploit less valuable.

Microsoft details for the first time how it classifies Windows security bugs

The Microsoft Security Response Center publishes two documents detailing internal procedures used by its staff to prioritize and classify security bugs.

Tech support scammers find a home on Microsoft TechNet pages

Security researcher finds over 3,000 TechNet pages flooded with tech support scams pushing shady phone numbers for cryptocurrency exchanges and social media platforms.

British Airways breach caused by the same group that hit Ticketmaster

Security researchers find clues connecting the Magecart group to the breach at British Airways.

The Internal Network - Business Security Weekly #98

This week, we share a Pre-Recorded interview with Gabriel Gumbs, VP of Product Strategy at STEALTHbits! We talk about moving from detection to prevention, and protecting your data! In Tracking Security Innovation, Imperva acquires app security firm Prevoty, Allstate accelerates expansion into Identity Protection, 100+ startups globally accepted into StackPaths Propel startup program, Kaseya acquires RapidFire Tools, Very Good security makes data unhackable with Andreessen, and some excellent funding rounds from various companies!

Full Show Notes: https://wiki.securityweekly.com/BSWEpisode98

 

Visit https://www.securityweekly.com/bsw for all the latest episodes!

 

Visit https://www.activecountermeasures/bsw to sign up for a demo or buy our AI Hunter!!

 

→Visit our website: https://www.securityweekly.com

→Follow us on Twitter: https://www.twitter.com/securityweekly

→Like us on Facebook: https://www.facebook.com/secweekly

How to steal a Tesla Model S in seconds

An attack technique has been revealed which allows threat actors to unlock a Tesla vehicle in no time at all.

Alexa's land-and-expand strategy is racking up the numbers

While Google is outselling Amazon in global units of smart speakers, other numbers show Amazon is doing just fine in expanding Alexa's reach and usage

'Father of Zeus' Kronos malware exploits Office bug to hijack your bank account

The $7000 malware shows there is serious money to be made in the banking Trojan market.

Online security 101: Tips for protecting your privacy from hackers and spies

This simple advice will help to protect you against hackers and government surveillance.

First IoT security bill reaches governor's desk in California

California IoT security bill criticized by security researcher. Expert says bill "is based upon an obviously superficial understanding of the problem."

HITB Armory – Call for Tools is OPEN! (Dubai, UAE)

We’re pleased to announce the first ever HackInTheBox Armory! The HITB Armory is where you can showcase your security tools to the world. You will get 30 minutes to present your tools onstage,...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Microsoft patches recent ALPC zero-day in September 2018 Patch Tuesday updates

Microsoft engineers patch 62 vulnerabilities, including 17 rated 'Critical'

Hack Naked News #188 - September 11, 2018

This week, stealing your Tesla, British Airways hack, Equifax long list of mistakes, Windows 7 support, oops I forgot to encrypt your chats, I can see your browser history, Tor browsers, VPNs and Coldfusion? Jason Wood from Paladin Security joins us for expert commentary, so stay tuned for this episode of Hack Naked News!

 

Full Show Notes: https://wiki.securityweekly.com/HNNEpisode188

 

Visit https://www.securityweekly.com/hnn for all the latest episodes!

Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!!

 

→Visit our website: https://www.securityweekly.com

→Follow us on Twitter: https://www.twitter.com/securityweekly

→Like us on Facebook: https://www.facebook.com/secweekly

Judge rules cryptocurrency ICO scam case falls under securities law

Judge rules that initial coin offerings are "securities" and SEC can go after ICO scammers for securities fraud under US securities laws.

Publication of PoC in popular WordPress plugin leads to scans for vulnerable sites

WordPress security firm Defiant reports "very noticeable uptick" in scans for vulnerable plugin installations.

Adobe patch update tackles six critical vulnerabilities in ColdFusion

The worst vulnerabilities lead to arbitrary code execution.

Around the World - Application Security Weekly #31

This week, Keith and Paul interview Zane Lackey, Chief Security Officer and Founder of Signal Sciences! In the news, U.S. government releases Post-mortem on Equifax, Microsoft Windows Zero-Day found in Task Scheduler, British Airways breached via XSS, Windows subsystem Linux for Linux Distros, Bug Bounties and mental health, and more on this episode of Application Security Weekly!

 

Full Show Notes: https://wiki.securityweekly.com/ASW_Episode31

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

 

Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!

 

→Visit our website: https://www.securityweekly.com

→Follow us on Twitter: https://www.twitter.com/securityweekly

→Like us on Facebook: https://www.facebook.com/secweekly

Data management firm Veeam mismanages own data, leaks millions of records

Updated: The server was reportedly available for anyone to access and lacked any form of protection against intrusion.

OpenSSL 1.1.1 out with TLS 1.3 support and "complete rewrite" of RNG component

TLS 1.3 brings speed improvements and better cryptography to OpenSSL, the most popular open source cryptography library on the market

Feedify becomes latest victim of the Magecart malware campaign

Magecart crew strikes again! This time they infect the infrastructure of a website push notification service.

A question of security: What is obfuscation and how does it work?

With off-the-shelf malware becoming increasingly popular, hackers need to use a variety of techniques to disguise their activities.

Uproar after Adobe winds down Magento rewards-based bug bounty program

Adobe announces plans to integrate Magento bug bounty program into existing vulnerabilities disclosure platform that offers no monetary rewards to bug hunters.

State Department shamed for poor adoption of multi-factor authentication

Senators demand answers after government report finds that only 11 percent of the Department of State's devices use multi-factor authentication.

Brave browser files GDPR breach complaints against Google in the EU

Google and fellow ad tech firms accused of violating GDPR during the "bid request" process used in behavioral ads.

Scareware scheme operator thrown behind bars for targeting US media

Visitors of the Minneapolis Star Tribune found their computers infected with malware and were exposed to fake Windows support messages.

New cold boot attack affects 'nearly all modern computers'

Security researchers find a new way to disable current cold boot attack firmware security measures to steal sensitive data from high-value computers.