—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 ******************************************************************** Title: Microsoft Security Update Minor Revisions Issued: September 20, 2017 ******************************************************************** Summary ======= The following CVE has been revised in the June 2017 Security Updates. * CVE-2017-8529 Revision Information: ===================== CVE-2017-8529 – Title: CVE-2017-8529 | Microsoft Browser Information Disclosure … Continue reading Microsoft Security Update Minor Revisions Issued: September 20, 2017
The Shark CryptoMix Ransomware Variant Smells Blood in the Water
September 20, 2017 By Lawrence Abrams Today, I discovered a new variant of the CryptoMix ransomware that is appending the .SHARK extension to encrypted file names. This family of ransomware usually releases a new version almost every week, if not sooner, so it is a bit surprising to see them take almost three weeks to release this… Continue reading The Shark CryptoMix Ransomware Variant Smells Blood in the Water
Attackers Can Use HVAC Systems to Control Malware on Air-Gapped Networks
September 20, 2017 By Catalin Cimpanu Heating, ventilation, and air conditioning (HVAC) systems can be used as a means to bridge air-gapped networks with the outside world, allowing remote attackers to send commands to malware placed inside a target’s isolated network. This type of attack scenario — codenamed HVACKer by its creators… Continue reading Attackers Can Use HVAC Systems to Control Malware on Air-Gapped Networks
Deep-Learning PassGAN Tool Improves Password Guessing
September 20, 2017 By Michael Mimoso Artificial intelligence and deep learning are creeping into information security, and one of the early applications of those approaches has emerged and is focused on passwords. Researchers from the Stevens Institute of Technology and the New York Institute of Technology have recently published some early results… Continue reading Deep-Learning PassGAN Tool Improves Password Guessing
Symantec CEO: Get Commercial Software Off National Security Systems
He makes an extremely good point. September 20, 2017 By Joseph Marks The biggest security vulnerability in U.S. national security computer systems may be the commercial software they’re built on, Symantec’s CEO Greg Clark said Wednesday. The inner workings of Tomahawk missiles aren’t publicly available and the computer systems that store sensitive… Continue reading Symantec CEO: Get Commercial Software Off National Security Systems
Malware Uses Security Cameras With Infrared Capabilities to Steal Data
By Catalin Cimpanu Proof-of-concept malware created by a team of Israeli researchers uses the infrared capabilities of modern security cameras as a channel for data exfiltration, but also to receive new commands from its operators. Named aIR-Jumper, the malware is meant to be installed on computers that interact with security surveillance cameras/software, or on… Continue reading Malware Uses Security Cameras With Infrared Capabilities to Steal Data
Russian Authorities Announce Takedown of RAMP Dark Web Marketplace
September 19, 2017 By Catalin Cimpanu Russian police acknowledged today that they were responsible for taking down RAMP [Russian Anonymous Marketplace] — a Tor-based market that primarily sold drugs — a Russian Interior Ministry official told Russian news agency TASS today. The takedown took place in July, but Russian authorities never made their… Continue reading Russian Authorities Announce Takedown of RAMP Dark Web Marketplace
How to go ‘Incognito’ on your web browser, and what it means
Just don’t confuse incognito mode with “true” privacy! September 19, 2017 By David Bisson Internet Explorer, Firefox, Chrome, Safari, Opera… these are just some of the web browsers available to today’s internet users. While each browser might differ somewhat from their competitors, the major players in the web browsing game all come… Continue reading How to go ‘Incognito’ on your web browser, and what it means
Cybercriminals Start Focusing on CPU Mining Tools – Continue to Hijack Machines for Cryptocurrency M
See Also – First Chrome extension with JavaScript Crypto Miner detected September 19, 2017 By Rafia Shaikh “Network Attacks Containing Cryptocurrency CPU Mining Tools Grow Sixfold” With an increasing success and profitability of cryptocurrency, criminals have also started to focus their efforts on abusing the largely untraceable currency. If the last two… Continue reading Cybercriminals Start Focusing on CPU Mining Tools – Continue to Hijack Machines for Cryptocurrency M
Webroot Exec: Partners Should Get Back To Security Basics And Double Down on Backup, Patch Managemen
September 19, 2017 By Michael Novinson A Webroot vice president urged solution providers to avoid the hype around far-fetched threats and instead focus on defending against vulnerabilities that can be monetized and automated. The Broomfield, Colo.-based company said channel partners could get distracted by news reports around Jeep hacks and data exfiltration… Continue reading Webroot Exec: Partners Should Get Back To Security Basics And Double Down on Backup, Patch Managemen