Robert Abel SC Media

Robert Abel

Content Coordinator/Reporter

Most recent articles by Robert Abel

Looming retirement of legacy system custodians put global IT systems at risk

By

Government IT systems and critical infrastructure systems around the world are at risk due to legacy technology and the pending retirement of those who have historically maintained these older systems. Of the U.S. General Services Administration’s mission-critical IT staff, 20-50 percent will be eligible to retire by 2024 and 66 percent of U.K. companies have…

WinPot ATM jacking malware lets users play the slots while stealing

By

Cybercriminals have gamified the ATM jackpotting experience with a malware variant dubbed WinPot which includes a slot machine-like interface. The graphics are a node to the popular term ATM-jackpotting techniques designed to empty ATMs minor modifications just as WinPot does when it infects a target system, according to a Feb. 19 Kaspersky Lab blog post.…

Monero miner combines RADMIN and MIMKATZ to spread and infect

By

A Monero miner-malware is leveraging RADMIN and MIMKATZ for propagation while exploiting critical vulnerabilities to spread in a worm-like behavior to covertly target specific systems in industries in China, Taiwan, Italy, and Hong Kong. Researchers noted an uptick in activities between the last week of January and February 2019 which coincidentally coincided with regional holiday…

Reitspoof mysterious multistage malware makes its rounds

By

A multi-staged malware dropping multiple payloads is infecting its victims without a clear purpose and has shown a significant uptick in activity since January 2019. Dubbed Reitspoof, the malware has bot capabilities although Avast researchers believe it was primarily designed as a dropper, according to a Feb. 16 blog post. The malware’s developers used several…

Wendy’s to pay $50M in data breach settlement

By

Wendy’s has agreed to pay $50 million to settle negligence claims following its 2015-2016 data breach that affected more than 1,000 of the burger chain’s locations. Payment card data was stolen from victims who purchased food at these locations then used fraudulently at other merchants after malware was installed through a third-party vendor. The settlement…

Google Play announces 2019 malicious app crackdown

By

Google Play announced it will continue its crackdown on malicious apps into 2019 by focusing more on user privacy, developer integrity and harmful app contents and behavior. Google said it plans to introduce additional policies for device permissions and user data throughout the year, according to a Feb. 13 blog post. “In addition to identifying…

Mozilla Foundation issues Firefox updates

By

Mozilla Foundation has issued security advisories for several vulnerabilities in Firefox ESR 60.5.1 and Firefox 65.0.1. The updates patch a use-after-free in skia flaw, an integer overflow in Skia flaw, and a buffer overflow in Skia with accelerated Canvas 2D vulnerability in Firefox ESR 60.5.1, all of which are rated high. The buffer overflow flaw…

Xiaomi electric scooter vulnerability allows remote hacks

By

The Xiaomi M365, a popular electric scooter used by several ride-share companies such as BIRD as well as for personal ownership, is vulnerable to remote hacking due to improper password validation. The scooters are enabled with Bluetooth access which allows the user to interact with the scooters for multiple features including its  Anti-Theft System, Cruise-Control,…

Cisco Network Assurance Engine (NAE) contains password vulnerability

By

A default password vulnerability in Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS) condition on the server. A flaw in NAE’s password management system can be exploited by authenticating with the default administrator password via the CLI of an affected server. Version…

Next post in Security News