Fraud Attacks Increase 30% in Q3 2019

Fraud increased 30 percent overall in Q3 2019 and bot-driven account registration fraud is up 70 percent as cybercriminals test stolen credentials in advance of the holiday retail season. The Q4 Fraud and Abuse Report by Arkose Labs found that one in five account openings were fraudulent. Arkose Labs examined transactions in the financial services, e-commerce, travel, social media,…

Read More

DHS Warns of Critical Flaws in Medtronic Medical Devices

Critical vulnerabilities impacting Medtronic Valleylab products could allow attackers to overwrite files and achieve remote code execution, the Department of Homeland Security (DHS) warns.

Read More

Understanding the Ripple Effect: Large Enterprise Data Breaches Threaten Everyone

Fallout from giants at the top is one of the largest drivers of cyber-impacts on everyday people and companies. Big businesses are constantly under attack, and that affects everyone from customers and business partners to parties with national security interests. When successful, the initial compromise is only a means to an end — the real…

Read More

Malware Meets Politics With Trump and Clinton Themed Infections

Just as people express their political views through art, malware developers express their political ideologies, hopes, and frustrations through the computer infections they create. While investigating a recent malspam campaign, the Cisco Talos Group noticed that the payload was named Trump.exe. Noticing the politically themed name, Talos began researching other malicious programs that contained political…

Read More

Using Light Beams to Control Google, Apple, Amazon Assistants

Academic researchers found that certain microphones convert light to sound, allowing voice commands to be sent to voice-controlled (VC) devices like Google Home, Amazon Echo, Facebook Portal, smartphones, or tablets. Dubbed Light Commands, the attack works from afar by shining a laser beam at microphones that use micro-electro-mechanical systems (MEMS), which convert the light into…

Read More

Office 365 to Prevent Malicious Docs From Infecting Windows

Microsoft Office 365 ProPlus is getting a new feature called Application Guard that will allow users to open attachments in a virtualized container to protect Windows from malicious macros and exploits. Microsoft Edge for Windows 10 includes a feature called Windows Defender Application Guard that allows you to launch a browser tab into a special…

Read More

¡Alerta! BlueKeep explotado activamente en RDP vulnerables.

Investigadores de ciberseguridad han descubierto un nuevo ataque que se cree que es el primer intento de explotar atctivamente la infame vulnerabilidad BlueKeep RDP, para comprometer en masa los sistemas vulnerables y permitir minería de criptomonedas. En mayo de este año, Microsoft lanzó un parche para un error de ejecución de código remoto altamente crítico, denominado…

Read More

Watch Out IT Admins! Two Unpatched Critical RCE Flaws Disclosed in rConfig

If you’re using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you. A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow unauthenticated…

Read More

Windows BlueKeep RDP Attacks Are Here, Infecting with Miners

The BlueKeep remote code execution vulnerability in the Windows Remote Desktop Services is currently exploited in the wild. Vulnerable machines exposed to the web are apparently compromised for cryptocurrency mining purposes. The attempts have been recorded by honeypots that expose only port 3389, specific for remote assistance connections via the Remote Desktop Protocol (RDP). Attacks…

Read More

QSnatch: miles de dispositivos NAS de QNAP infectados

Miles de dispositivos NAS (Network Attached Storage o Almacenamiento conectado a la red, en español) del proveedor taiwanés QNAP se han visto afectados por una nueva variedad de malware llamada QSnatch. Esta es la cuarta cepa de malware detectada este año que se ha dirigido a dispositivos NAS, siguiendo los pasos del ransomware que afectó a los dispositivos…

Read More