Categories
Uncategorized

Operation Poisoned News: Hong Kong Users Targeted With Mobile Malware via Local News Links

By Elliot Cao, Joseph C. Chen, William Gamazo Sanchez, Lilang Wu, and Ecular Xu A recently discovered watering hole attack has been targeting iOS users in Hong Kong. The campaign uses links posted on multiple forums that supposedly lead to various news stories. While these links lead users to the actual news sites, they also […]

Categories
Uncategorized

OpenSMTPD Vulnerability (CVE-2020-8794) Can Lead to Root Privilege Escalation and Remote Code Execution

By Alexander Elkholy (Threats Analyst) A root privilege escalation and remote execution vulnerability (designated as CVE-2020-8794) has been discovered in the free and open-source Unix Daemon, OpenSMTPD. The flaw originates from an out-of-bounds read, which attackers can take advantage of to execute arbitrary code on vulnerable systems. What is the vulnerability about? Discovered by Qualys […]

Categories
Uncategorized

Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan

By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our […]

Categories
Uncategorized

Smart Check Validated for New Bottlerocket OS

Containers provide a list of benefits to organizations that use them. They’re light, flexible, add consistency across the environment and operate in isolation. However, security concerns prevent some organizations from employing containers. This is despite containers having an extra layer of security built in – they don’t run directly on the host OS. To make […]

Categories
Uncategorized

March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes

Following the unexpectedly long list of fixes included in last month’s Patch Tuesday, March brings an even longer one, albeit less eventful. A total of 115 vulnerabilities were fixed, 26 of which were identified as Critical as they could lead to remote code execution (RCE). 88 were classified as Important and included patches for various […]

Categories
Uncategorized

This Week in Security News: 10,000 Users Affected by Leak from Misconfigured AWS Cloud Storage and Massive U.S. Property and Demographic Database Exposes 200 Million Records

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how the data of train commuters in the U.K. who were using the free Wi-Fi in Network Rail-managed stations was unintentionally leaked due to an […]

Categories
Uncategorized

Dissecting Geost: Exposing the Anatomy of the Android Trojan Targeting Russian Banks

The Android banking trojan Geost was first revealed in a research by Sebastian García, Maria Jose Erquiaga and Anna Shirokova from the Stratosphere Laboratory. They detected the trojan by monitoring HtBot malicious proxy network. The botnet targets Russian banks, with the victim count at over 800,000 users at the time the study was published in […]

Categories
Uncategorized

Security Risks in Online Coding Platforms

By David Fiser (Senior Cyber Threat Researcher) Threat Modeling for Online Coding Platforms Before cloud integrated development environments (IDEs) became an option, you, i.e., the developer, typically need to download and/or install everything you need onto your own workstations. However, as DevOps gained traction and cloud computing usage grew, you can now also code online. […]