Olympic Destroyer Moves from Pyeongchang to Europe and Russia

Olympic Destroyer Moves from Pyeongchang to Europe and Russia

Olympic Destroyer, the threat actor that targeted the 2018 Winter Olympics in Pyeongchang, South Korea, has launched new attacks against organizations from Russia, Ukraine and several other European countries. To sabotage the 2018 Winter Olympics computer infrastructure, the group used a destructive network worm. Initial evidence suggested the attack was ... Read More
Security Boulevard
Application Exceeds its Brief

Security Flaws Allow Attackers to Hijack 400 Axis Camera Models

Axis Communications, one of the largest manufacturers of video surveillance equipment in the world, has fixed critical security flaws that affect some 390 of its network camera models. The vulnerabilities were found by researchers from IoT security firm VDOO as part of a research project called Vizavis that focuses on ... Read More
Security Boulevard
Multipurpose Trojan MysteryBot Targets Android Devices

Multipurpose Trojan MysteryBot Targets Android Devices

Cybercriminals have a new Android malware program in their toolbox called MysteryBot that can serve multiple purposes: banking Trojan, keylogger and ransomware. The Trojan was identified by researchers from threat intelligence firm ThreatFabric and seems to be related to the LokiBot Android banking trojan—possibly even created by the same authors ... Read More
Security Boulevard
Intel Releases Microcode Spectre Patches

Intel Faces Yet Another Speculative Execution Flaw in Its CPUs

As predicted by security researchers, the Meltdown and Spectre vulnerabilities announced this year were just the tip of the iceberg when it comes to security issues related to the speculative execution feature of modern CPUs. In coordination with operating system makers, Intel has revealed a new vulnerability dubbed LazyFP, or ... Read More
Security Boulevard
Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4

Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4

Microsoft has fixed 50 vulnerabilities in its products during this month’s Patch Tuesday, 11 of which are rated critical. The company has also released mitigation for the new Spectre variant announced last month, known as Spectre Variant 4 or Speculative Store Bypass. One of the critical flaws is located in ... Read More
Security Boulevard
Stealing Infrastructure Cryptomining Attacks

Study: More than 5 Percent of Monero Cryptocurrency was Mined by Malware

Unauthorized cryptocurrency mining has been one of the major malware trends this year, with attackers managing to mine more than 5 percent of Monero coins currently in circulation using abused devices. Researchers from Palo Alto Networks have analyzed around 630,000 samples of cryptocurrency mining malware captured by the company’s systems ... Read More
Security Boulevard
Hackers Use EternalBlue Exploit Cryptominer

Cisco Patches Critical Flaws in IOS XE and Prime Collaboration Provisioning

Cisco Systems has released a new set of patches this week for a variety of products, including updates for IOS XE and Prime Collaboration Provisioning that fix two critical vulnerabilities. The Cisco IOS XE Software, the company’s operating system for networking devices such as routers, has a critical flaw in ... Read More
Security Boulevard
Flash Update Fixes Zero-Day Flaw Used in Targeted Attack

Flash Update Fixes Zero-Day Flaw Used in Targeted Attack

Adobe Systems released a security update for Flash Player to fix four vulnerabilities, including one that was discovered in an attack targeting individuals and organizations from the Middle East. Two of the patched vulnerabilities, CVE-2018-4945 and CVE-2018-5002, are rated critical and can lead to arbitrary code execution. The other two, ... Read More
Security Boulevard
VPNFilter Targets More Devices Than Initially Reported

VPNFilter Targets More Devices Than Initially Reported

The sophisticated VPNFilter botnet that enslaved more than 500,000 routers and network-attached storage (NAS) devices is capable of infecting more devices than initially believed. The initial reports about VPNFilter identified 16 device models from Linksys, MikroTik, Netgear, TP-Link and QNAP that were being targeted by the malware. Since then, researchers ... Read More
Security Boulevard
Criminals Use Jackpotting Attack

Zip Slip Vulnerability Affecting Thousands of Apps Puts Systems at Risk

Thousands of software projects and libraries contain code that extracts archives in an insecure way, allowing attackers to write arbitrary files outside the intended directories. In many cases, this can lead to remote code execution. The vulnerability, dubbed Zip Slip, was found by researchers from code security scanning firm Synk ... Read More
Security Boulevard
Loading...