You are here:-Vulnerabilities | Alerts | Solutions

Vulnerabilities | Alerts | Solutions

New ‘Early Bird’ Code Injection Technique Helps APT33 Evade Detection | Threatpost

Researchers have identified what they are calling an Early Bird code injection technique used by the Iranian group APT33 to burrow the TurnedUp malware inside infected systems while evading anti-malware tools. The Early Bird code injection technique, highlighted in a Wednesday report by Cyberbit, takes advantage of the application threading process that happens when a

By | 2018-04-12T16:05:40+00:00 April 12th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

AMD Rolls Out Spectre Fixes | Threatpost

AMD said that CPU firmware and Windows 10 patches are now available to safeguard its products against the Spectre security flaw. Mark Papermaster, senior vice president and chief technology officer at AMD, said in a Tuesday post that Spectre fixes are available for AMD customers, who can download BIOS updates provided by PC

By | 2018-04-11T16:49:28+00:00 April 11th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Microsoft Fixes 66 Bugs in April Patch Tuesday Release | Threatpost

Microsoft’s April Patch Tuesday release includes fixes for 66 bugs, 24 of which are rated critical. Notable is Microsoft’s disclosure of a publicly known SharePoint elevation of privilege bug (CVE-2018-1034), rated important, which has no fix but has not been publicly exploited. Microsoft SharePoint Enterprise Server 2016 is the only version impacted by

By | 2018-04-11T02:27:01+00:00 April 10th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Vulnerability in San Francisco’s Public Safety Warning Sirens Fixed | Threatpost

Public emergency alert sirens, designed to both warn the masses of a crisis and direct them to safety, can be compromised by attackers who can take control of the system to broadcast false alarms. That is the conclusion of researchers at radio security firm Bastille, who released details of its proof-of-concept attack against

By | 2018-04-10T23:24:25+00:00 April 10th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Ransomware Dominates Verizon DBIR | Threatpost

Ransomware has become the most prevalent malicious software as hackers cash in on locking up expensive business critical systems and demanding a ransom, researchers warn. Verizon’s 2018 Data Breach Investigations Report (DBIR), released Tuesday, said that ransomware attacks have doubled over the past year, and are now the top variety of malware found. “[Ransomware]

By | 2018-04-10T21:55:41+00:00 April 10th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Adobe Patches Four Critical Bugs in Flash, InDesign | Threatpost

Adobe fixed four critical vulnerabilities in its Flash Player and InDesign products as part of its regularly scheduled April Security Bulletin Tuesday morning. In all, Adobe released 13 patches for products including Adobe Experience Manager, Adobe InDesign CC, Adobe Digital Editions and the Adobe PhoneGap Push Plugin. According to Adobe, it “is not

By | 2018-04-10T18:28:04+00:00 April 10th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Quant Loader Trojan Spreads Via Microsoft URL Shortcut Files | Threatpost

Researchers are warning of a new email phishing campaign that downloads and launches the Quant Loader trojan, capable of distributing ransomware and stealing passwords. Barracuda on Tuesday said it has been tracking emails containing zipped Microsoft internet shortcut files with a “.url” file extension  sent to millions of inboxes via a phishing campaign over

By | 2018-04-10T15:51:05+00:00 April 10th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Word Attachment Delivers FormBook Malware, No Macros Required | Threatpost

A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware. Researchers at Menlo Security are reporting a wave of attacks that began last month that are targeting financial and information service sectors in the Middle East

By | 2018-04-10T01:54:54+00:00 April 9th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Impact Of Chat Service Breach Expands To Best Buy, Kmart | Threatpost

The number of companies coming forward as victims of a data breach – that potentially exposed hundreds of thousands of credit card payment information – has expanded to include Best Buy and Kmart. Last week, software service provider [24]7.ai, a company that provides online chat services for Delta, Sears and other companies, announced

By | 2018-04-09T15:37:44+00:00 April 9th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments

Mirai Variant Targets Financial Sector With IoT DDoS Attacks | Threatpost

A variant of the Mirai botnet was used to launch a series of distributed denial of service campaigns against financial sector businesses. The attacks utilized at least 13,000 hijacked IoT devices generating traffic volumes up to 30 Gbps, considerably less intense than the original Mirai assaults clocked at 620 Gbps. Researchers at Recorded

By | 2018-04-06T20:58:33+00:00 April 6th, 2018|Categories: Vulnerabilities | Alerts | Solutions|Tags: , |0 Comments