by CIRT Team
GITHUB SURVIVED THE BIGGEST DDOS ATTACK EVER RECORDED [source: wired]
ON WEDNESDAY, AT about 12:15 pm ET, 1.35 terabits per second of traffic hit the developer platform GitHub all at once. It was the most powerful distributed denial of service attack recorded to date—and it used an increasingly popular DDoS method, no botnet required. GitHub briefly struggled with intermittent outages as a digital system assessed the situation. Within 10 minutes it had automatically called for help from its...
Read More
by CIRT Team
Business Email Compromise: The Secret Billion Dollar Threat [source: tripwire]
BEC, or Business Email Compromise, is a contemporary twist on a staple scam. Often in the shadow of the more extravagant, media-friendly super-hacks or ransomware compromises, BEC is leading the line on both the number of attack victims and the direct losses encountered by businesses. Although not as en vogue as other ‘nouveau’ cybersecurity threats, if you are simply looking at direct business costs, BEC leaves almost...
Read More
by CIRT Team
MASSIVE MALSPAM CAMPAIGN TARGETS UNPATCHED SYSTEMS [source: threatpost]
Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers. According to cybersecurity firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) patched by Adobe earlier this month. Victims who fall...
Read More
by CIRT Team
Talos experts shared details of a RCE flaw in Adobe Acrobat Reader DC [source: securityaffairs]
Security experts at Cisco Talos disclosed details of a remote code execution flaw that affects Adobe Acrobat Reader DC versions 2018.009.20050 and 2017.011.30070 and earlier. Security experts at Cisco Talos shared details of a remote code execution vulnerability tracked as CVE-2018-4901, that affects Adobe Acrobat Reader DC. A remote attacker can exploit the vulnerability tricking the victim into opening a malicious file or visiting a specially crafted webpage....
Read More
by CIRT Team
Free Decrypter Available for GandCrab Ransomware Victims [source: bleepingcomputer]
Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom. The decrypter is available for download via the NoMoreRansom project, of which Bitdefender is a member of. Romanian Police and Romania’s DIICOT (Directorate for Investigating Organized Crime and Terrorism) announced the decrypter’s launch in statements published on their sites, minutes ago. Europol is also expected to make a formal announcement later today....
Read More
by CIRT Team
SAML Vulnerability Lets Attackers Log in as Other Users [source: bleepingcomputer]
Security researchers from Duo Labs and the US Computer Emergency Response Team Coordination Center (CERT/CC) will release security advisories today detailing a new SAML vulnerability that allows malicious attackers to authenticate as legitimate users without knowledge of the victim’s password. The flaw affects SAML (Security Assertion Markup Language), an XML-based markup language often used for exchanging authentication and authorization data between parties. SAML’s most important use if...
Read More
by CIRT Team
MS Word Maybe Used for Cryptojacking Attacks [source: hackread]
Cryptojacking JavaScript can be launched in Word documents – New Word features that appeared in its latest version made it possible – MS Word now allows adding video into the document by inserting an iFrame code. The file size does not increase as the video is played through a headless web browser opened in a popup window. Amit Dori, a security researcher from Israel, who works with...
Read More
by CIRT Team
Oracle Server Vulnerability Exploited to Deliver Double Monero Miner Payloads[trendmicro]
The sudden rise of cryptocurrency triggered a shift in the target landscape. Cybercriminals started adapting and using their resources to try acquiring cryptocurrencies, whether through pursuing repositories like Bitcoin wallets or by compromising networks and devices to mine the currency. This isn’t completely new — ransomware authors have been using bitcoin as their preferred currency for years. But more recently, we saw examples of cryptocurrency miners in late October of...
Read More
by CIRT Team
Mobile banking Trojans spread confusion worldwide [source: helpnetsecurity]
Consumers around the world that use mobile banking apps are at a greater risk of being tricked by cybercriminals and falling victim to mobile banking theft. This is according to new global research from Avast, which asked almost 40,000 consumers in Spain and eleven other countries around the world to compare the authenticity of official and counterfeit banking applicationinterfaces. Fraudulent software sometimes difficult to identify Globally, 58% of...
Read More
by CIRT Team
How Google implements the Right To Be Forgotten [source: helpnetsecurity]
Who is asking Google to delist certain URLs appearing in search results related to their name, and what kind of requests does the search giant honor? The company has been keeping track of them since the “Right to be Forgotten” privacy ruling has been put into practice by the European Union, and since January 2016 the company’s reviewers have been manually annotating each requested URL...
Read More
