Cyber Threat Intelligence – Minority Report

cyber

Threat intelligence (TI) is at the maturity level to become a decision making tool. TI refers to evidence based information including context such as mechanisms, Indicators of Compromise (IOC), Indicators of Attribution (IOA), implications and actionable advice about existing or emerging hazards to assets. TI allows the technical staff professionals […]

ATMii Malware can make ATMs drain available cash

cyber

Security researchers from Kaspersky have detected a new ATM malware called ATMii that targets only ATMs operating on Microsoft Windows 7 and Windows Vista. The malware was first detected in April 2017 when one of the affected banks shared the malware with Kaspersky security researchers. The malware consists of two […]

MICROSOFT PATCHES CRITICAL WINDOWS DNS CLIENT VULNERABILITIES

cyber

Three critical Windows DNS client vulnerabilities were patched today by Microsoft, closing off an avenue where an attacker could relatively simply respond to DNS queries with malicious code and gain arbitrary code execution on Windows clients or Windows Server installations. The flaws were discovered and privately disclosed to Microsoft by […]

INSIDE THE CCLEANER BACKDOOR ATTACK

cyber

MADRID—As the investigation continues into the backdoor planted inside CCleaner, two members of parent company Avast’s threat intelligence team said today the desktop and cloud versions of the popular software contained different payloads. The revelation was made during a talk at Virus Bulletin 2017 during which Jakub Kroustek and Jiri […]

SAP vulnerabilities can take servers offline

cyber

Eight vulnerabilities have been found in SAP products which can lead not only to information leaks, but also the possibility of taking entire servers offline. On Wednesday, security researchers from Positive Technologies said the bugs were found in a variety of SAP solutions, including the Web Dynpro Island development — […]

NETGEAR FIXES 50 VULNERABILITIES IN ROUTERS, SWITCHES, NAS DEVICES

cyber

Netgear recently issued 50 patches for its routers, switches, NAS devices, and wireless access points to resolve vulnerabilities ranging from remote code execution bugs to authentication bypass flaws. Twenty of the patches address “high” vulnerability issues with the remaining 30 scored as “medium” security risks. Netgear posted advisories for the […]

Proof-of-concept iOS exploit released by Google’s Project Zero

cyber

A security researcher for Google’s Project Zero team has released a proof-of-concept iOS exploit that takes advantage of another Broadcom Wi-Fi issue. The vulnerability abused by Gal Beniamini, a security researcher for Google Project Zero based in Israel, was found in the same Broadcom BCM4355C0 Wi-Fi chips affected by the Broadpwn […]