Graduation Day: From Cyber Threat Intelligence to Intelligence

Intelligence Can be Aligned With Larger Objectives to Improve Decision-Making Beyond the Cybersecurity Domain Cyber threat intelligence (CTI) has been a growing part of the cybersecurity industry for the past several years. Over-focus on this specific intelligence type may be undercutting the ROI that personnel and technologies used to manage CTI could be providing. Teams and solutions that are built for long-term success in the CTI field are by design capable of…

January 13, 2020
Read More >>

Oski Stealer Targets Browser Data, Crypto Wallets in U.S.

Still under development, a newly discovered information stealer is successfully targeting Internet browsers and cryptocurrency wallet applications, and most victims are apparently located in the United States. The fairly new malware, which has been dubbed Oski Stealer, is being advertised on underground cyber-forums, including several Russian forums, security researcher Aditya K Sood explained in a report shared with SecurityWeek. The malware is designed to gather sensitive information such as credentials, credit…

January 13, 2020
Read More >>

Facebook Rushes to Patch Bug Exposing Page Admins

Facebook last week rushed to patch a bug that exposed the accounts of individuals who manage pages, after the weakness was exploited against several high-profile pages. If a Facebook page’s administrator edits a post, users can keep track of the modifications with the “View edit history” feature. This feature should show the user exactly when changes were made to a post, but the recent bug also revealed the account (i.e….

January 13, 2020
Read More >>

Exploits Published for Citrix ADC Vulnerability, Patches Coming Soon

Exploits targeting the recent Citrix Application Delivery Controller (ADC) vulnerability have already been published online, yet security patches will not be available for at least another week. Impacting both Citrix ADC and Citrix Gateway (previously known as NetScaler ADC and NetScaler Gateway), the vulnerability is tracked as CVE-2019-19781 and could lead to code execution without authentication, Citrix revealed on December 17, 2019. The company also provided details on the steps…

January 13, 2020
Read More >>

UK National Lottery Hacker Sentenced to Prison

A man accused of hacking UK National Lottery accounts via credential stuffing attacks has been sentenced to nine months in prison, the UK’s National Crime Agency reported on Friday. Anwar Batson, 29, of London, has been sentenced for fraud and four violations under the Computer Misuse Act of 1990. The man was arrested in May 2017 and initially denied any involvement, claiming that he had been a victim of trolls…

January 13, 2020
Read More >>

Google Removes Trove of Risky ‘Bread’ Apps From Play Store

Google has removed roughly 1,700 unique applications from its Google Play app store that were part of a family of potentially unwanted programs.  Dubbed “Bread” and also known as “Joker“, this family of Potentially Harmful Applications (PHAs) was engaged in billing fraud and was initially observed in 2017, when the apps were focused solely on SMS fraud.  Over time, the developers of the applications have focused on finding new cloaking…

January 12, 2020
Read More >>

Pulse Secure VPN Vulnerability Still Widely Exploited, CISA Warns

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations that malicious hackers continue to exploit a widely known Pulse Secure VPN vulnerability. A researcher revealed recently that cybercriminals had started exploiting CVE-2019-11510, a critical vulnerability affecting enterprise VPN products from Pulse Secure, to deliver a piece of ransomware known as Sodinokibi and REvil. CVE-2019-11510 is an arbitrary file read vulnerability that can be exploited…

January 10, 2020
Read More >>

Dixons Fined by UK Regulator Over Data Breach

The UK Data Protection Regulator (the Information Commissioner’s Office – ICO) has issued a monetary penalty of £500,000 ($654,000) against Dixon Carphone for what it describes as “multiple, systemic and serious inadequacies” in the firm’s security posture. Dixons’ systems were compromised for a period of eight months between July 24, 2017 and April 25, 2018. This was just one month before GDPR came into effect on May 25, 2018, and…

January 10, 2020
Read More >>

Christmas Ransomware Attack Hit New York Airport Servers

An upstate New York airport and its computer management provider were attacked by ransomware over Christmas, officials said. Officials at the Albany County Airport Authority announced Thursday that the attack came to light after Schenectady-based LogicalNet reported its own management services network had been breached. From there, the virus spread to the authority’s servers and backup servers, encrypting files. The attack, which was discovered Christmas Day, encrypted administrative files like…

January 10, 2020
Read More >>

New Bill Prohibits Intelligence Sharing With Countries That Use Huawei

A bill introduced this week by Senator Tom Cotton (R-Arkansas) would ban the sharing of intelligence with countries that use Huawei technologies in their fifth generation (5G) networks. The United States has long expressed concerns that Huawei equipment may contain backdoors that would allow for the Chinese government to conduct espionage operations, and some European countries are sharing the same concerns. Although Huawei has denied the accusations, the U.S. has…

January 10, 2020
Read More >>