Another Cloud Storage Leak Exposes Verizon IT Files

Security researchers have found yet another Amazon S3 storage container with sensitive data that was publicly accessible to anyone on the internet. The S3 bucket contained around 100MB of data, including internal files, usernames, passwords and email messages from U.S. telecommunications provider Verizon Wireless. Many of the files were associated with an internal middleware application
Read more

CCleaner Supply Chain Attack Targeted Technology Companies

New evidence shows the hackers who infected the installers for the popular CCleaner system optimization tool were primarily targeting the program’s business users. There are also links between the malware code and a well-known Chinese cyber-espionage group. The malware-infected installers for 32-bit versions of CCleaner and CCleaner Cloud released in August were installed on more
Read more

Fake IRS notice delivers customized spying tool

Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT). Categories: Malware Threat analysis Tags: CP2000CVE-2017-0199docexploitIRSmalspammalwareOfficephishingratremote administration toolRMSspyword (Read more...) The post Fake IRS notice delivers customized spying tool appeared first on Malwarebytes Labs.
Read more

APT33 Group Targeting Aerospace and Energy Sectors with Spear Phishing

A threat actor known as APT33 is actively targeting organizations in the aerospace and energy sectors with spear phishing campaigns. Between mid-2016 and early 2017, the suspected Iranian digital espionage group attacked a U.S. organization in the aerospace sector, a Saudi Arabian conglomerate with aviation holdings, and a South Korean company known for its business … Read More The post APT33 Group Targeting Aerospace and Energy Sectors with Spear Phishing appeared first on The State of Security.
Read more

Like Equifax, Thousands of Companies Use Vulnerable Apache Struts Versions

U.S. credit monitoring bureau Equifax has been heavily criticized for its failure to patch a known critical vulnerability in the Apache Struts web development framework, an oversight that led to a massive data breach affecting 143 million people. A new report shows that poor patch management practices are common in enterprise environments and that Equifax
Read more

Globe Imposter Named Second Most Prevalent Malware for August 2017

Globe Imposter earned the dubious title of second most prevalent malware for its impact on organizations worldwide in August 2017. Researchers first discovered Globe Imposter, a crypto-malware family that masquerades as Globe ransomware, in May 2017. The digital threat’s proliferation remained steady for several months. But in August 2017, the ransomware revved up its distribution … Read More The post Globe Imposter Named Second Most Prevalent Malware for August 2017 appeared first on The State of Security.
Read more
Page 1 of 1712345...10...Last »