Security news, views, and insight from the Neuralys Team and community.
Latest Articles
-
Alert! Unpatched Strandhogg Android Vulnerability Actively Exploited in the Wild
Cybersecurity researchers have discovered a new unpatched vulnerability in the Android operating system that dozens of malicious mobile apps are already exploiting in the wild to steal users’ banking and other login credentials and spy on their activities. Dubbed Strandhogg, the vulnerability resides in the multitasking feature of Android that can be exploited by a malicious… Read more
Read More -
Understanding the security risks of Remote Desktop Protocol over the internet
RDP, if not properly configured and secured, can act as a gateway within an organization for cybercriminals to access sensitive internal resources. Attackers can also exploit vulnerable RDP services to perform remote code execution and seize control over targeted gateways. Today, it is very common for businesses to use RDP as a method to access… Read more
Read More -
Black Friday/Cyber Monday Ecommerce Security Threats
With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the last calendar days of November into the first week of December. As consumer behavior changes and online transactions become favored over traditional retail-store purchases, Black Friday and Cyber Monday are… Read more
Read More -
Dozens of Severe Flaws Found in 4 Popular Open Source VNC Software
Four popular open-source VNC remote desktop applications have been found vulnerable to a total of 37 security vulnerabilities, many of which went unnoticed for the last 20 years and most severe could allow remote attackers to compromise a targeted system. VNC (virtual network computing) is an open source graphical desktop sharing protocol based on RFB… Read more
Read More -
Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak
Although the data was legitimately scraped by legally operating firms, the security and privacy implications are numerous. An open Elasticsearch server has exposed the rich profiles of more than 1.2 billion people to the open internet. First found on October 16 by researchers Bob Diachenko and Vinny Troia, the database contains more than 4 terabytes… Read more
Read More -
Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware
What an irony — someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users’ wallets. The latest supply-chain cyberattack was revealed on Monday after a Monero user spotted that the cryptographic hash for binaries he downloaded from… Read more
Read More -
4 Ways to Soothe a Stressed-Out Incident Response Team
IR teams are under tremendous pressure, often working long hours and putting their needs aside amid a security crisis. Their care is just as important as policy and procedure.
Read More -
Active Office 365 Credential Theft Phishing Campaign Targeting Admin Credentials
Using a real Office 365 account at a legitimate company to send out lures helps phishers evade email defenses. A phishing campaign that uses legitimate organizations’ Office 365 infrastructure to send emails has emerged onto the cyberscam scene. According to Michael Tyler at PhishLabs, cybercriminals are looking to compromise Microsoft Office 365 administrator accounts to… Read more
Read More -
More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
The threat group regularly referred to as APT33 is known to target the oil and aviation industries aggressively. This threat group has been reported on consistently for years, but our recent findings show that the group has been using about a dozen live Command and Control (C&C) servers for extremely narrow targeting. The group puts up multiple layers of obfuscation to… Read more
Read More -
Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information
Majorities think their personal data is less secure now, that data collection poses more risks than benefits, and believe it is not possible to go through daily life without being tracked
Read More -
Fraud Attacks Increase 30% in Q3 2019
Fraud increased 30 percent overall in Q3 2019 and bot-driven account registration fraud is up 70 percent as cybercriminals test stolen credentials in advance of the holiday retail season. The Q4 Fraud and Abuse Report by Arkose Labs found that one in five account openings were fraudulent. Arkose Labs examined transactions in the financial services, e-commerce, travel, social media,… Read more
Read More -
DHS Warns of Critical Flaws in Medtronic Medical Devices
Critical vulnerabilities impacting Medtronic Valleylab products could allow attackers to overwrite files and achieve remote code execution, the Department of Homeland Security (DHS) warns.
Read More -
Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone
Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies. Big businesses are constantly under attack, and that affects everyone from customers and business partners to parties with national security interests. When successful, the initial compromise is only a means to an end — the real… Read more
Read More -
Malware Meets Politics With Trump and Clinton Themed Infections
Just as people express their political views through art, malware developers express their political ideologies, hopes, and frustrations through the computer infections they create. While investigating a recent malspam campaign, the Cisco Talos Group noticed that the payload was named Trump.exe. Noticing the politically themed name, Talos began researching other malicious programs that contained political… Read more
Read More -
Using Light Beams to Control Google, Apple, Amazon Assistants
Academic researchers found that certain microphones convert light to sound, allowing voice commands to be sent to voice-controlled (VC) devices like Google Home, Amazon Echo, Facebook Portal, smartphones, or tablets. Dubbed Light Commands, the attack works from afar by shining a laser beam at microphones that use micro-electro-mechanical systems (MEMS), which convert the light into… Read more
Read More -
Office 365 to Prevent Malicious Docs From Infecting Windows
Microsoft Office 365 ProPlus is getting a new feature called Application Guard that will allow users to open attachments in a virtualized container to protect Windows from malicious macros and exploits. Microsoft Edge for Windows 10 includes a feature called Windows Defender Application Guard that allows you to launch a browser tab into a special… Read more
Read More -
¡Alerta! BlueKeep explotado activamente en RDP vulnerables.
Investigadores de ciberseguridad han descubierto un nuevo ataque que se cree que es el primer intento de explotar atctivamente la infame vulnerabilidad BlueKeep RDP, para comprometer en masa los sistemas vulnerables y permitir minería de criptomonedas. En mayo de este año, Microsoft lanzó un parche para un error de ejecución de código remoto altamente crítico, denominado… Read more
Read More -
Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig
If you’re using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you. A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow unauthenticated… Read more
Read More -
Windows BlueKeep RDP Attacks Are Here, Infecting with Miners
The BlueKeep remote code execution vulnerability in the Windows Remote Desktop Services is currently exploited in the wild. Vulnerable machines exposed to the web are apparently compromised for cryptocurrency mining purposes. The attempts have been recorded by honeypots that expose only port 3389, specific for remote assistance connections via the Remote Desktop Protocol (RDP). Attacks… Read more
Read More -
QSnatch: miles de dispositivos NAS de QNAP infectados
Miles de dispositivos NAS (Network Attached Storage o Almacenamiento conectado a la red, en español) del proveedor taiwanés QNAP se han visto afectados por una nueva variedad de malware llamada QSnatch. Esta es la cuarta cepa de malware detectada este año que se ha dirigido a dispositivos NAS, siguiendo los pasos del ransomware que afectó a los dispositivos… Read more
Read More