September 19, 2017 Security Utility Abuses Supply Chain for a Malware Attack 2 min read - CCleaner was compromised at the main distribution site to include a malware attack. The Floxif attack is a downloader that breached the app supply chain.
Advanced Threats September 19, 2017 Network Attacks Containing Cryptocurrency CPU Mining Tools Grow Sixfold 6 min read - IBM Managed Security Services (MSS) detected a sixfold increase in attacks involving embedded CPU mining tools between January and August 2017.
September 15, 2017 Content Delivery Networks Offer More Bandwidth, but Can Hide Malware 2 min read - Cybercriminals are using content delivery networks to spread malware. This vector is especially effective because it is difficult to block CDN IPs.
September 14, 2017 POS Attacks Possible as Different Types of Malware Infect 4,000 ElasticSearch Servers 2 min read - Kromtech Security found different types of malware that infected more than 4,000 ElasticSearch servers. Other security experts found additional risks.
September 14, 2017 Risky Routers? New Malware Attacks Leverage Popular Hardware by Proxy 2 min read - New malware attacks are using popular router hardware to carry out proxy-based credential stuffing. Admins should regularly install firmware updates.
Advanced Threats September 14, 2017 Downward Trend in Publicly Available Exploit Code? Don’t Ease Up on Patch Management Just Yet 5 min read - IBM X-Force reported a downward trend in publicly available exploit code, but security teams must still prioritize vulnerability and patch management.
Malware September 12, 2017 Brazilian Malware Client Maximus: Maximizing the Mayhem 5 min read - A new, upgraded version of remote access malware Client Maximus points to the growing sophistication of cybercriminals in Brazil.
September 12, 2017 Facebook’s CDN Enables Security Breaches Targeting Brazilian Users 2 min read - A malware group is using Facebook's CDN servers to store malicious files that it later uses as a vehicle for security breaches targeting Brazilian users.
Fraud Protection September 12, 2017 Frost & Sullivan Report Highlights Rise in Phishing Attacks 3 min read - Financial institutions need intelligence-driven fraud detection and prevention solutions to protect customers' sensitive data from phishing attacks.
September 11, 2017 Scientists Show How Speech Recognition Software Can Be Compromised via Ultrasounds 2 min read - Through a DolphinAttack experiment, a group of researchers from China discovered an easy way to compromise speech recognition software.