The news of the remote code execution vulnerability that impacted the Exim Email Server over Thanksgiving is just now reaching the thousands of administrators who rely on this application to handle email for their enterprise. While it’s relatively simple to mitigate this issue for organisations running Exim in their environment, it needs to be done quickly. Tod Beardsley, Rapid7’s research director has provided comment on the issue. You can also find additional details within Rapid7’s blog post. Tod Beardsley, Research Director at Rapid7: “News of CVE-2017-16943, a remote code execution vulnerability in the exim email server, is just now reaching the thousands of exim administrators who…
ISBuzz Team
In 2017, 26.2 per cent of business users were targeted by ransomware, compared to 22.6 per cent in 2016. This is due in part to three unprecedented attacks targeting corporate networks that changed forever the landscape for this increasingly virulent threat, according to Kaspersky Lab. 2017 will be remembered as the year the ransomware threat suddenly and spectacularly evolved with advanced threat actors targeting businesses the world over with a series of destructive worm-powered attacks whose ultimate goal remains a mystery. These attacks included WannaCry on May 12, ExPetr on June 27, and BadRabbit in late October. They all used exploits designed to compromise corporate networks. Businesses were also…
We tested the most popular crypto currency mobile apps from Google Play for common vulnerabilities and weaknesses. Over 90% may be in trouble. Introduction Over 1,300 crypto currencies exist today with over $308,694.631,252 market capitalization (at the moment of this post publication). One of the most popular and oldest cryptocurrency – Bitcoin has almost reached $10,000 price after several months of fluctuation, but continuous and steady growth. A wide spectrum of mobile applications for crypto currencies were released during the last few years by various startups, independent digital experts and even licensed banking institutions. The total number of crypto currency applications in Google Play designed to…
News reporting a major new ransomware campaign using the infamous Necurs botnet to spread via millions of spam emails. The Scarab ransomware was sent to 12.5 million email addresses in the first four hours alone, according to Forcepoint. IT security experts commented below. Jim Walter, Senior Research Scientist at Cylance: “This is an example of where modern, artificial intelligence antivirus solutions that employ machine learning are vital. As Scarab isn’t a new type of attack or a novel piece of ransomware, antivirus solutions that use AI recognise it as ‘bad’ and you are protected from the attack ever taking place. “Some basic tips…
68% of Organisations do not encrypt sensitive data SecureLink – Europe’s largest independent cybersecurity and Managed Security Service provider, today warned that organisations are failing to implement the most basic security practices to keep their networks safe and data secure. From its assessments of 100 organisations 68% were discovered not encrypting sensitive data, despite the fact that access to this capability is now widely available. Given that one of the biggest concerns organisations have is the protection of intellectual property or regulated customer data, this is incredulous. The data also showed that, while over 55% of organisations have URL filtering…
AI will make a medical breakthrough In the realms of the medical sector, software is capable of solving complex problems which would take humans an inordinately long period of time to achieve. As AI becomes less dependent on computing capacity, I expect that next year we will see some major medical research breakthroughs with very limited AI learning. Even the most intelligent doctors can only think of a few things at a time, if you channel hundreds of doctors’ research and thoughts through AI, the possibility of breakthroughs in medical research for diseases such as Alzheimer’s, cancer and HIV becomes…
It has been reported that the NHS Digital, the IT arm of the National Health Service, has secured a £20 million budget to spend on establishing a new cyber security centre, which will constantly scan for attacks and probe the organisation’s own defences using ethical hackers. The NHS will use the money to create ‘a national, near real-time monitoring and alerting service that covers the whole health and care system’, said NHS Digital, with ‘extra specialist resources during peak periods’. ‘It will also allow us to improve our capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious…
Security researchers have brought to light a Microsoft Office flaw that existed for 17 years was being exploited by hackers who were delivering malware that had the capabilities of commanding infected systems. Chris Doman, Security Researcher at AlienVault commented below. Chris Doman, Security Researcher at AlienVault: “Cobalt strike was originally built as a tool for penetration testers to imitate real attackers. But it’s become so successful that pirated versions are also popular with real attackers now, particularly low-end criminals and attackers located in the Middle East.”
McAfee forecasts developments in adversarial machine learning, ransomware, serverless apps, connected home privacy, and privacy of child-generated content NEWS HIGHLIGHTS McAfee Labs predicts an adversarial machine learning “arms race” between attackers and defenders Ransomware to evolve from traditional PC extortion to IoT, high net-worth users, and corporate disruption Serverless Apps to create attack opportunities targeting privileges, app dependencies, and data transfers Connected home devices to surrender consumer privacy to corporate marketers Consumer apps collection of children’s content to pose long-term reputation risk McAfee Inc. today released its McAfee Labs 2018 Threats Predictions Report, which identifies five key trends to watch in 2018.…
News is emerging about a flaw in MacOS High Sierra which allows hackers to gain access to machines without a password and gain coveted admin rights. IT security experts commented below. Lee Munson, Security Researcher at Comparitech.com: “It wasn’t that long ago that Apple was winning the desktop security space by a large margin, primarily through the advantage of obscurity versus its Windows competition. “Times have changed though and we can no longer say that Macs don’t get viruses and nor can we say that they are immune to potentially very serious bugs either. “The latest of those bugs to emerge is about as…
