Cybersecurity News and Product Reviews | SC Media

Home

Microsoft, oracle, cybersecurity

Microsoft, Oracle release security updates

Microsoft and Oracle issued security updates with Redmond, Wash., company patching a single issue in Windows Defender Application Control while Oracle’s update covered over 100 products and dozens of vulnerabilities. The issue with Windows Defender, CVE-2019-1167, if exploited would allow an attacker to circumvent PowerShell Core Constrained Language Mode on the machine. However, Microsoft noted…

Julian Assange

Former Ecuadorian president says Assange interfered in election

Ecuador’s former president, Rafael Correa, confirmed that Julian Assange ran an election interference initiative out of the country’s embassy in London, where the WikiLeaks founder was at first a welcome then an unwanted guest for seven years. “We did notice that he was interfering in the elections and we do not allow that because we…

Three reasons why moving target defense needs to be a priority in any cybersecurity ctrategy

The vicious cycle of imbalance between cyber attackers and defenders seems never-ending. Defenders continue to develop and implement new tools to prevent, detect, monitor and remediate cyber threats while attackers simultaneously develop new attack techniques to thwart defenses, which for all intents and purposes gives them the upper hand. But a new concept, originally conceived…

Unofficial Telegram app secretly loads malicious sites

An unofficial Telegram app is secretly loading malicious sites onto the devices of unsuspecting users and running other malicious services in the background without the users’ consent. Symantec researchers discovered the malicious app, named MobonoGram 2019 (detected as Android.Fakeyouwon) and advertised as an unofficial version of the Telegram messaging application with more features than the…

Malicious actor Sweed puts new spins on its attacks

A threat actor named Sweed who has been active for more than two years using spearphishing emails with malicious attachments to spread Formbook, Lokibot and Agent Tesla has been given a detailed examination by Cisco Talos. Cisco Talos researcher Edmund Brumaghin said for the most part Agent Tesla is the group’s favorite flavor of malware,…

Report suggests GandCrab’s developers may have created Sodinokibi ransomware

Evidence is reportedly mounting that the recently discovered ransomware program known as Sodinokibi was created by the same developers who introduced GandCrab ransomware. Last month, GandCrab’s developers publicly disclosed that they were retiring after raking in roughly $2 billion in extortion payments. But this announcement may have been misleading at best, according to security researcher…

No ID? Get off my cloud

Cloud-based IAM puts authentication to the test Traditional brick-and-mortar organizations with on-premise servers are striving every day to keep pace with cloud-driven digital enterprises that are untethered by physical restraints, enabling employees to work from anywhere, accessing applications, services and mobile devices as regular parts of their flexible workdays. However, much like ducks on the…

Lucky break: Cracked windshield helps hacker find bug in Tesla

Hackers typically crack software, but web application security researcher Sam Curry quite literally cracked his Tesla Model 3 and discovered a vulnerability that earned him a hefty reward from the car maker’s bug bounty program. After a rock bounced up and damaged the windshield of Curry’s very own Model 3, the seemingly unlucky happenstance actually…

La Porte County pays $130,000 ransom to regain access

After attempting to recover from a ransomware attack for about a week, the La Porte County Board of Commissioners opted to pay the $130,000 ransom in order to regain access to their network. Local news reports have the county paying the ransom after negotiating with the attackers and noting that insurance will cover about $100,000…

Next post in Ransomware