To deal hunters, Black Friday and Cyber Monday have become even more exciting than the Thanksgiving holiday that spawned them. Unfortunately, cyber criminals understand our weakness for deals, and use the time themselves to increase their phishing and web scam campaigns. Watch today’s video for some quick tips on how you might avoid any Black Friday related cyber attacks
Introduction Earlier today (Wednesday2015-11-25), one of our readers notified the ISC of malicious spam (malspam) with a Word document designed to infect a Windows computer with malware.
LANDESK , a company that sells software to help organizations securely and remotely manage their fleets of desktop computers, servers and mobile devices, alerted employees last week that a data breach may have exposed their personal information. But LANDESK employees contacted by this author say the breach may go far deeper for the company and its customers
Information sharing has been a much discussed, but traditionally a hit-and-miss affair within the world of information security – after all, one’s information can hardly be said to be secure if you’re bandying it about to anyone who expresses an interest, can it? …is a Problem Doubled Let’s try something: How many enterprise-grade switch vendors can you name off the top of your head? (I managed eight, for what it’s worth)
Vulnerability Note VU#566724 Embedded devices use non-unique X.509 certificates and SSH host keys Original Release date: 25 Nov 2015 | Last revised: 25 Nov 2015 Overview Embedded devices use non-unique X.509 certificates and SSH host keys that can be leveraged in impersonation, man-in-the-middle, or passive decryption attacks. Description CWE-321 : Use of Hard-coded Cryptographic Key – Multiple CVEs Research by Stefan Viehböck of SEC Consult has found that numerous embedded devices accessible on the public Internet use non-unique X.509 certificates and SSH host keys. Products are identified as vulnerable if unpacked firmware images are found to contain hard-coded keys or certificates whose fingerprints can be matched to data from the Internet-wide scan data repository, scans.io (specifically, see SSH results and SSL certificates )
Earlier this month, a new ransomware-as-a-service (RaaS) from a group called “FAKBEN Team” emerged. In this post, we will talk about our findings on the ransomare binary that they sell on their website. Our analysis indicates that the enc…
ISC StormCast for Wednesday, November 25th 2015 http://isc.sans.edu/podcastdetail.html?id=4761, (Wed, Nov 25th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Two months after KrebsOnSecurity first reported that multiple banks suspected a credit card breach at Hilton Hotel properties across the country, Hilton has acknowledged an intrusion involving malicious software found on some point-of-sale systems. According to a statement released after markets closed on Tuesday, the breach persisted over a 17-week period from Nov. 18, 2014 to Dec
Original release date: November 24, 2015 Dell consumer personal computers using the preinstalled certificate authority (CA) root certificate (eDellRoot) contain a critical vulnerability.