Skip to main content

A week in security (December 17 – 23)

Last week on Labs we looked at Fuchsia OS as a possible alternative for Android, explained all the reasons why cybercriminals want to hack your phone, discussed a flaw in Twitter form that may have been abused by nation states, gave you a Christmas tech scams roundup, revealed why many online quizzes qualify as phishing scams, gave some tips about safely using those smart speakers you got for Christmas, pointed out that the Underminer exploit kit improved its latest iteration, and reminded everyone that Chromebooks can and do get infected.

Other cybersecurity news

  • PewDiePie hackers strike again: hackers claimed that they launched yet another attack tricking hundreds of thousands of printers globally to print pamphlets promoting YouTube celebrity "PewDiePie." (Source: ThreatPost)
  • Equifax breach was entirely preventable: the Republican majority staff of the U.S. House of Representatives Committee on Oversight and Government Reform says the hack attack and subsequent data breach suffered by credit reporting agency Equifax in 2017 "was entirely preventable." (Source: BankInfoSecurity)
  • Top 100 worst passwords of 2018: after evaluating more than 5 million passwords leaked on the Internet, SplashData found that computer users continue using the same predictable, easily guessable passwords. (Source: TeamsID)
  • Twitter memes to deliver malware commands: attackers developed a way to use memes posted to Twitter to control RAT-infected computers. The operators use steganography to hide the instructions in images, which the malware then parses and executes. (Source: TechSpot)
  • Cloudflare providing DDoS protection for terrorist websites: Cloudflare is facing accusations that it's providing cybersecurity protection for at least seven terrorist organizations—a situation that some legal experts say could put it in legal jeopardy. (Source: Gizmodo)
  • Government user credentials found on Dark Web: researchers from Group-IB have discovered more than 40,000 user accounts on the Dark Web that appear to be compromised credentials for online government websites in 30 countries. (Source: SecurityWeek)
  • Remote firmware attack renders servers unbootable: security researchers have found a way to corrupt the firmware of a critical component usually found in servers to turn the systems into an unbootable hardware assembly. (Source: BleepingComputer)
  • How hackers bypass Gmail 2FA: a new Amnesty International report goes into some of the technical details around how hackers can automatically phish two-factor authentication tokens sent to phones. (Source: Motherboard)
  • Pile of EU diplomatic cables nicked: the New York Times has published what it says are excerpts from hacked EU diplomatic cables obtained after discovering passwords that let them into a low-level EU database of diplomatic messages and cables. (Source: The Register)\

Stay safe, everyone!

The post A week in security (December 17 – 23) appeared first on Malwarebytes Labs.



from Malwarebytes Labs full article here

Popular posts from this blog

BlackArch Linux - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. It contains over 1800 security and hacking tools. Here is the complete list of tools in the BlackArch Linux: 0d1n : Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0trace :  A hop enumeration tool. 3proxy : Tiny free proxy server. 3proxy-win32 : Tiny free proxy server. 42zip : Recursive Zip archive bomb. a2sv : Auto Scanning to SSL Vulnerability. abcd : ActionScript ByteCode Disassembler. acccheck : A password dictionary attack tool that targets windows authentication via the SMB protocol. ace : Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface ad-ldap-enum : A LDAP based Active Directory user and grou...
Read more

Maltrail - Malicious Traffic Detection System

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. https://ift.tt/1O9qs2Q for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Requirements: To properly run the Maltrail, Python 2.6.x or 2.7.x is required, together with pcapy (e.g. sudo apt-get install python-pcapy). There are no other requirements, other than to run the Sensor component with the administrative/root privileges. The following (black)lists (i.e. feeds) are being ...
Read more