A zero-day vulnerability in OS X which was discovered about a month ago, has unfortunately now appeared in the wild with its first known exploit. Lane Thames, Software Development Engineer and Security Researcher at Tripwire explains what the implications of zero-day vulnerability in OS X can be : Lane Thames, Software Development Engineer and Security Researcher at Tripwire : “Based on reports that are surfacing, this bug could open doors for malvertising. The Malwarebytes report suggests that this DYLD-Print_to_File zero-day bug was used by an adware installer that was able to add commands to the system’s “sudoers” file. The sudoers file in Unix-based…
ISBuzz Team
A broad strategy is being executed to enhance the Federal Government’s cyber security, including both defensive and offensive capabilities, to tackle today’s increasingly sophisticated cyber actors. Two key takeaways : Federal agencies have increased strong authentication for unprivileged and privileged users from 42% to 72%, but this still leaves 28% And they’ve increased strong authentication for just privileged users from 33% to 75% – but that leaves a quarter who haven’t. Philip Lieberman CEO of Lieberman Software has commented on the result of the US government’s 30-day cyber security sprint, announced to shore up defences after the OPM breach. Philip Lieberman,…
Next generation attacks easily turn widely used cloud services into devastating attack tools Black Hat USA 2015: “Man in the Cloud Attacks.” This new report uncovers how a new type of attack, “Man in the Cloud” (MITC), can quietly coopt common file synchronization services, such as Google Drive and Dropbox, to turn them into devastating attack tools not easily detected by common security measures. The report notes that this next-generation attack does not require compromising the user’s cloud account username or password. “Our research has revealed just how easy it is for cyber criminals to coopt cloud synchronization accounts, and…
A wave of malware is hitting online advertising this week with the latest report of hackers buying ads and then loading Rig 3.0, a service that reports back whether a person’s computer is vulnerable and then loads a Trojan. This malware has reportedly infected 1.3 million people already. Adding to that hackers have infected Yahoo’s Ad Network to infect devices with Angler exploit kits – a particularly virulent form of malware. The affected websites include Yahoo.com and its related news, sport, and celebrity gossip pages. Lane Thomas, Security Research and Software Development Engineer of Tripwire says, these latest hits reflect the bad…
As Ofcom’s 2015 Communications Market Report reveals that smartphones have become the hub of our daily lives, technology experts are warning that there is a urgent need to make radical changes to the emergency ‘999’ call service to reflect the digital age. The Institution of Engineering and Technology (IET) is highlighting that urgent action is needed now to keep pace with the increasing move away from landlines to smart phones and to devices they enable like wearables, and from voice to data. The IET is also calling on the Government to ensure that reform of the service is not allowed…
Wild speculation and simultaneous head scratching were the order of the day when the trio of computer glitches recently befell the NYSE, United Airlines and the Wall Street Journal. The rickety position : All three organizations have arguably some of the best IT staff in the world, yet the simple fact remains neither computers nor humans are infallible. According to our own internal studies, almost 90 percent of downtime is caused by mundane technical issues rather than coordinated cyberattacks or natural disasters. In fact, some are saying that a network router failure is one of the causes for the NYSE…
Alert Logic Cloud Insight Delivers Automated, Continuous and Scalable Vulnerability and Configuration Management for Applications Running on AWS Alert Logic, a leading provider of Security-as-a-Service for the cloud, announced at the Black Hat Conference in Las Vegas, NV availability of Alert Logic Cloud Insight, a cloud-native vulnerability and configuration management solution designed for customers running on Amazon Web Services (AWS). Alert Logic Cloud Insight integrates with AWS native security features to provide an integrated view of potential host and application level vulnerabilities for customers deploying on the AWS Cloud. Once identified, Alert Logic Cloud Insight takes the next step and…
A few months ago the RIG exploit kit took quite a hit when its source code was leaked by a disgruntled reseller. At the time we wrote a blog post detailing the inner workings of RIG’s infrastructure and business model, comprised mainly of three layers: administration server, VDS and PROXY servers. The first layer is the backend that includes the control panel and the payloads – this is the most privately kept layer, and access is provided only to customers. The second layer is the VDS, which contain the exploits and functions as a tunnel between the first and the…
Hackers are using Yahoo’s ad network to spread malware to hundreds of millions of internet users. Cybercriminals are utilising Yahoo’s own ad network to deliver malware to hundreds of millions of visitors to some of the internet giant’s most popular websites. Hugely popular websites including Yahoo.com itself, as well as the portal’s sports, finance, celebrity and games websites have been hit by one of the biggest malvertising campaigns seen in recent years. Following this news, security experts at Imperva, STEALTHbits, Spikes Security, ESET have explained what happened and how, as well as malvertising trends and what users can do to protect…
US-CERT published an advisory titled, “TA15-213A: Recent Email Phishing Campaigns – Mitigation and Response Recommendations”. One of the vulnerabilities leveraged in these new phishing campaigns is a use-after-free (UAF) vulnerability in Adobe Flash (CVE-2015-5119). This vulnerability is particularly interesting because it was leaked as a result of the hack and subsequent dump of HackingTeam’s email and source code. What is interesting here is not the existence of the vulnerability, but how this case underlines the massively asymmetric situation that defenders find themselves in. The HackingTeam exploit was already “weaponized”, in that it was fully productized, tested and documented. There is a…