Month: July 2019

0 Comments
Evidence suggests that new versions of malware families are linked to the elusive Ke3chang group, along with a previously unreported backdoor, according to researchers at ESET. The researchers have long been tracking the advanced persistent threat (APT) group and suspect that it operates out of China, according to today’s press release. Named Okrum by ESET,
0 Comments
In the wake of GandCrab shutting down and master decryption keys being released, a new ransomware threat is emerging. The GandCrab ransomware had been one of the more dangerous threats since its first appearance in early 2018, but the group behind the ransomware as a service (RaaS) announced its retirement last month. On Monday, the
0 Comments
Now in its 22nd year, Black Hat is an information security event showcasing the latest research, newest technology, scariest threats, and biggest trends. Around 19,000 security professionals will be taking over Las Vegas’s Mandalay Bay during the six-day event. Before the security world convenes the first week in August, I spoke with McAfee leadership and
0 Comments
Tracking the malicious activities of the elusive Ke3chang APT group, ESET researchers have discovered new versions of malware families linked to the group, and a previously unreported backdoor In this blogpost, we will sum up the findings published in full in our white paper “Okrum and Ketrican: An overview of recent Ke3chang group activity”. The
0 Comments
EBay said today it is buying a 5.5% stake in e-commerce marketplace Paytm Mall as the global firm makes another push to gain footprint in India’s fast-growing e-commerce market. The two firms did not disclose financial terms of the deal, but a source familiar with the matter told TechCrunch that EBay has invested between $150
0 Comments
The 2019 Security Awareness Report published by SANS Security Awareness, a division of SANS Institute, found that across many organizations, there is an increased emphasis on the need for awareness and training programs. According to the report, more than 75% of those who are currently responsible for security awareness and training are spending less than half
0 Comments
Getting started can be the most tedious part of any task, especially when the task is as daunting and perplexing as network security. But the task is manageable, as long as one understands the topic’s basics. To ensure a network security strategy operates optimally and efficiently, IT pros should start with the basics, such as
0 Comments
by Mark Stockley For the last two months the infosec world has been waiting to see if and when criminals will successfully exploit CVE-2019-0708, the remote, wormable vulnerability in Microsoft’s RDP (Remote Desktop Protocol), better known as BlueKeep. The expectation is that sooner or later a BlueKeep exploit will be used to power some self-replicating
0 Comments
Keeping up with BlueKeep; or how many internet-facing systems, and in which countries and industries, remain ripe for exploitation? As of early July, more than 805,000 internet-facing systems remained susceptible to the BlueKeep security vulnerability, the news of which spooked the internet two months ago and prompted a flurry of alerts urging users and organizations
0 Comments
A researcher found that it was possible to subvert the platform’s password recovery mechanism and take control of user accounts An independent researcher has found a security loophole in Instagram’s mobile password recovery flow that could have allowed attackers to break into user accounts. The flaw, discovered and reported by India-based researcher Laxman Muthiyah, has since
0 Comments
Oracle will release its Critical Patch Update on July 16, 2019, which will include seven new fixes for the Oracle database server, according to a pre-release announcement.    “While this Pre-Release Announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory,”
0 Comments
Zoom faced privacy concerns after the disclosure of a vulnerability that could allow threat actors to use the video conferencing software to spy on users. The Zoom vulnerability, originally reported to only affect the Mac version of the software, has been found to partially affect Windows and Linux as well. Jonathan Leitschuh, software engineer at
0 Comments
The past few weeks have proven to be wins for family safety with several top social networks announcing changes to their policies and procedures to reduce the amount of hateful conduct and online bullying. Twitter: ‘Dehumanizing Language Increases Risk’ In response to rising violence against religious minorities, Twitter said this week that it would update