IBM AI-Powered Data Management Software Subject to Simple Exploit
A low-privileged process on a vulnerable machine could allow data harvesting and DoS.
Transparent Tribe: Evolution analysis, part 1
Background and key findings Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities can be traced as far back as 2013. Proofpoint published a very good article about them in 2016, and since that day, we have kept an eye on the group. We have periodically reported their…
Researchers Warn of Flaw Affecting Millions of IoT Devices
A patch has been issued for the flaw in a widely-used module, and researchers are urging IoT manufacturers to update their devices ASAP.
FritzFrog Botnet Attacks Millions of SSH Servers
The unique, advanced worming P2P botnet drops backdoors and cryptominers, and is spreading globally.
Airline DMARC Policies Lag, Opening Flyers to Email Fraud
Up to 61 percent out of the IATA (International Air Transport Association) airline members do not have a published DMARC record.
The Sounds a Key Make Can Produce 3D-Printed Replica
Researchers reveal technology called SpiKey that can ‘listen’ to the clicks a key makes in a lock and create a duplicate from the sounds.
Researchers Warn of Active Malware Campaign Using HTML Smuggling
A recently uncovered, active campaign called “Duri” makes use of HTML smuggling to deliver malware.
Large Orgs Plagued with Bugs, Face Giant Patch Backlogs
Vulnerability management continues to challenge businesses, as they face tens of thousands of bugs with every scan.
AWS Cryptojacking Worm Spreads Through the Cloud
The malware harvests AWS credentials and installs Monero cryptominers.
IcedID Trojan Rebooted with New Evasive Tactics
Juniper identifies phishing campaign targeting business customers with malware using password protection, among other techniques, to avoid detection.