Bradley Barth SC Media | Page 25 of 27

Bradley Barth

Senior Reporter

Most recent articles by Bradley Barth

cybercrime_1414109

Cobalt Gang phishing campaign targets Eastern Europeans with CobInt backdoor-downloader

By

The Cobalt Gang cybercrime group has launched a new round of phishing campaigns targeting primarily Russian and Romanian banking customers with CobInt, a recently discovered malicious backdoor and downloader. Written in C, CobInt is comprised of three stages: a first-stage downloader, the primary payload, and a series of modules capable of reconnaissance activities such as capturing…

No fly-by-night operation: Researchers suspect Magecart group behind British Airways breach

By

A forensic analysis of the recent British Airways data breach has turned up evidence pointing to the involvement of Magecart, the same cybercriminal organization linked to a similar breach earlier this year affecting Ticketmaster. Moreover, it appears as if Magecart customized the digital payment skimmer it typically uses against retail companies to specifically target the…

Google’s desktop update for Chrome squashes two bugs

By

Google yesterday updated the its browser for Windows, Mac and Linux machines, fixing two vulnerabilities, including one considered high in severity. In a blog post, Google described the more serious bug as a “function signature mismatch” in WebAssembly binary language. The vulnerability has yet to be assigned a CVE number, but it did manage to…

Imaginary patch? SCADA software company reportedly never actually fixed RCE bug despite issuing update

By

A vulnerability that was supposedly patched last January in the Advantech WebAccess SCADA software solution for IoT environments was never actually fixed, according to a new report, and as a result the product remains susceptible to remote code execution from unauthenticated attackers. What’s worse, a proof-of-concept exploit for this vulnerability has been publicly available since…

Apache Struts exploit found in Mirai variant may signify shift in attack strategy

By

Researchers for the first time have discovered a variant of the Mirai Internet of Things botnet that targets an vulnerability found in unpatched versions of the open-source Apache Struts web app development platform. That bug is none other than the infamous CVE-2017-5638, a remote code execution flaw that was exploited in the Equifax data breach, according to…

‘Pass’ words: Philadelphia Eagles are the NFL team most often referenced in credentials

By

Proud Philadelphia Eagles fans might want to think of a more secure way to honor their Super Bowl-winning NFL franchise than using their team name as a user password. But an analysis of 61.5 million anonymized passwords found more references to “Eagles” and other team-related keywords than any other NFL franchise, according to a just…

New Fallout exploit kit peppers malvertising victims with GandCrab, SmokeLoader malware

By

Attackers are leveraging a newly discovered exploit kit in an international malvertising campaign that’s been observed delivering GandCrab ransomware and the SmokeLoader malicious downloader, as well as engaging victims in social engineering scams. Nicknamed Fallout, the kit exploits a remote code execution vulnerability in outdated versions of the Windows VBScript engine and an arbitrary code…

ProtonVPN and NordVPN reinforce incomplete patch for code execution bug

By

Two OpenVPN-based virtual private network clients have reportedly updated their software after a researcher discovered that a previous attempt to patch an arbitrary code execution vulnerability was not entirely effective. According to Cisco Systems’ Talos division, the bugs in Switzerland-based ProtonVPN (CVE-2018-4010) and Panama-based NordVPN (CVE-2018- 3952) can allow attackers in Windows environments to use…

Patched bug could have allowed attackers to remotely disconnect PLC devices from ICS systems

By

Energy management and automation firm Schneider Electric updated its Modicon M221 programmable logic controller for industrial controls systems after researchers discovered a vulnerability that could allow attackers to remotely disconnect the device. The flaw, designated CVE-2018-7789, is classified as an improper check for unusual or exception conditions. While such conditions wouldn’t normally occur, attackers can deliberately trigger them by sending…

Mozilla Firefox update includes repair for critical memory safety bugs

By

The Mozilla Foundation on Wednesday issued updates for the classic Firefox web browser and its Extended Support Release, in the process fixing nine vulnerabilities, one deemed critical. Six of the nine errors were discovered in both Firefox and Firefox ESR, while the reminder were located in only the former. The most serious flaw, designated CVE-2018-12376,…

Next post in Security News