by CIRT Team
Despite cybersecurity concerns, many don’t protect themselves[helpnetsecurity]
Despite awareness of the need for cybersecurity, many consumers are not taking proactive steps to keep their personal information protected from identity theft. With the increased volume of attacks and breaches, 61% of consumers surveyed claimed that they are more worried about cybersecurity today than they were five years ago. Recent McAfee research reveals that 33% of consumers rank protecting their identity as their number one...
Read More
by CIRT Team
Security flaw in Intel processors expected to slow down PCs[source: helpnetsecurity]
Windows users whose PCs run on Intel processors can apparently expect their computers to slow down after next Tuesday. In fact, all computers using modern Intel chips – whether they run Windows, Linux or macOS – are expected to suffer a performance hit in the coming days. The reason for this unwelcome change is a fundamental design flaw discovered in Intel’s processor chips, more specifically...
Read More
by CIRT Team
Cyber Security Statistics 2017: Data Breaches and Cyber Attacks[source: teramind]
In the cyber security world, record setting has an entirely different connotation It’s one thing to talk in generalities about how massive the data breach problem is, but it’s another thing to understand the actual statistics. The numbers tell a powerful story about how pervasive cyber attacks have become These 2017 statistics, along with predictions for the coming years, provide eye-opening insight into how cyber...
Read More
by CIRT Team
“Trackmageddon” Vulnerabilities in Location Tracking Services[source: bleepingcomputer]
Two security researchers —Vangelis Stykas and Michael Gruhn— have published a report on a series of vulnerabilities that they named “Trackmageddon” that affect several GPS and location tracking services. These GPS tracking services are basic databases that collect geolocation data from smart GPS-enabled devices, such as pets trackers, car trackers, kids trackers, and other “[insert_name] tracker” products. Data is collected on a per-device basis and...
Read More
by CIRT Team
InfoStealer Malware – A New Operation in The Wild [source: securityaffairs]
The Italia cyber security expert Marco Ramilli, founder of Yoroi, published an interesting analysis of a quite new InfoStealer Malware delivered by eMail to many International Companies. Attack attribution is always a very hard work. False Flags, Code Reuse and Spaghetti Code makes impossible to assert “This attack belongs to X”. Indeed nowadays makes more sense talking about Attribution Probability rather then Attribution by itself. “This attack belongs to X...
Read More
by CIRT Team
Code Used in Zero Day Huawei Router Attack Made Public[source: threatpost]
Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or IOTrooper. Ankit Anubhav, researcher at NewSky Security first identified the code on Monday that was posted...
Read More
by CIRT Team
Three More WordPress Plugins Found Hiding a Backdoor[source: bleepingcomputer]
The massive size of the WordPress plugins ecosystem is starting to show signs of rot, as yet another incident has been reported involving the sale of old abandoned plugins to new authors who immediately proceed to add a backdoor to the original code. The WordPress security team has intervened and removed all plugins from the official WordPress Plugins Directory. WordPress security firm Wordfence discovered the...
Read More
by CIRT Team
VMWare Code Execution vulnerabilities in several products[source: securityaffairs]
VMware has released security updates to address four vulnerabilities in its ESXi, vCenter Server Appliance (vCSA), Workstation and Fusion products. The flaws were addressed with the release of six patches for ESXi, version 12.5.8 of Workstation, version 8.5.9 of Fusion, and version 6.5 U1d of vCSA. Some of the flaws could be exploited by an attacker for arbitrary code execution. Security experts from Cisco Talos group discovered...
Read More
by CIRT Team
Digmine Cryptocurrency Miner Spreading via FB Messenger[source: trendmicro]
We found a new cryptocurrency-mining bot spreading through Facebook Messenger, which we first observed in South Korea. We named this Digmine based on the moniker (비트코인 채굴기 bot) it was referred to in a report of recent related incidents in South Korea. We’ve also seen Digmine spreading in other regions such as Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand, and Venezuela. It’s not far-off for Digmine to reach other countries...
Read More
by CIRT Team
5 mental shifts we must make to achieve security beyond perimeters[source: helpnetsecurity]
Data centers aren’t exactly going extinct, but given the massive shift to public clouds, you need to make some significant adjustments if your mindset doesn’t already include or understand the cloud. The problem is that not every organization knows how to prepare for and embrace the cloud-driven future. It can take some major mental adjustments to shift mindset from on-prem environments based on the data center,...
Read More
