Adware accounts for 72% of all mobile malware according to a new report from Avast. The report reveals that android malware has increased by 38% alone in the last year.
ISBuzz Team
Entercom, one of the largest radio companies with 235 radio stations broadcasting across the country with more than 112 Million listeners has suffered a data breach related to its third-party cloud hosting services.
New vulnerability research by Outpost24 has revealed interesting data trends in vulnerability management across different regions and sectors. When analysed, the number of high, medium and low-risk security vulnerabilities based on CVSS criticality shows the Netherlands had the largest percentage of high-risk critical vulnerabilities in Europe (50%), with the UK marginally behind in second (43%). The country which had the most severe flaws outside of Europe was Brazil (47%) with Japan having the lowest percentage of high-risk vulnerabilities out of the markets investigated. When exploring specific sectors, manufacturing had the highest number of critical risk level vulnerabilities at 50%, indicating there is…
As reported by the BBC, a novel attempt to convince people to open malicious email attachments is spreading online, purporting to offer nude photos of a friend’s girlfriend. Instead of threatening to distribute stolen private images, this new attempt claims to have already “sextorted” the recipient’s friend, who refused to pay. It tells them it is now emailing nude photos to every contact of the supposed victim – and to check the attachment. Recipients who click on the attachment open a Word document with a blurred image that hints at possibly sexual content – and instructions on how to “enable content”.…
It has been reported that Microsoft leaked info on a security update for a ‘wormable’ pre-auth remote code execution vulnerability found in the Server Message Block 3.0 (SMBv3) network communication protocol that reportedly should have been disclosed as part of this month’s Patch Tuesday. The vulnerability is due to an error when the SMBv3 handles maliciously crafted compressed data packets and it allows remote, unauthenticated attackers that exploit it to execute arbitrary code within the context of the application.
Cybereason’s Nocturnus Research Team is investigating a campaign where cybercriminals are trojanising multiple hacking tools with njRat, a well known RAT. The campaign ultimately gives attackers total access to the target machine. The threat actors behind this campaign are posting malware, embedded inside various hacking tools, and cracks for those tools on several websites. Once the files are downloaded and opened, the attackers are able to completely take over the victim’s machine. In this new piece of research, Cybereason presents its analysis of the TTPs of the attackers, and the indicators of compromise. In the investigation of this campaign, Cybereason has found hundreds…
It has been reported that COVID-19 is causing a digital threat. Forbes claims that coronavirus is a good opportunity for companies to test remote work structures. Everyone is covering COVID-19, few are covering the real risk that comes with trying to contain this virus. Thousands of workers have been forced to work remotely as a result of this new health scare and thousands more across the globe are preparing to soon join them. As top countries prepare to turn their brick and mortar offices into virtual work hubs, companies are forced to assess the vulnerability that comes with being remote. Apps…
A new report out of the UK shows that 60% of data breaches were caused by human error according to research firm Gallagher as reported by Infosecurity.
Firefox’s latest update and its implications for the hundreds of thousands of websites that still use the outdated TLS 1 & 1.1 standards. With this update, Firefox will restrict access to any website using TLS 1 & 1.1, marking them as insecure. Websites still relying on these standards include those of major banks, retailers, news organizations and other high-profile businesses. https://twitter.com/newslet007/status/1237408635854024704
It has been reported that a huge proportion of internet-connected imaging devices at hospitals run outdated operating systems, according to research released today. The researchers found that 83% of these devices run on outdated software that can’t be updated even when it contains known vulnerabilities that hackers can exploit. The number increased significantly from 2018, which coincides with Microsoft ending support for Windows 7 earlier this year. A significant number of machines run even older operating systems, including Windows XP, which Microsoft stopped supporting in 2014. The imaging devices include machines that take X-rays, MRIs, mammograms and CAT scans.