CyberX, a company that specializes in ICS security, has been monitoring a well-organized campaign that has targeted at least 70 entities with ties to Ukraine, including the country’s critical infrastructure.
read more
Apple Patches Code Execution Flaw in GarageBand
An update released this week by Apple for the music creation app GarageBand addresses a high severity vulnerability that can be exploited for arbitrary code execution.
read more
High Severity Flaw Patched in OpenSSL 1.1.0
A high severity denial-of-service (DoS) vulnerability was patched on Thursday in OpenSSL with the release of version 1.1.0e.
The flaw, tracked as CVE-2017-3733, has been described as an “Encrypt-Then-Mac renegotiation crash.” The security hole, reported by Joe Orton of Red Hat on January 31, does not affect OpenSSL 1.0.2.
read more
Iranian Spies Target Saudi Arabia in “Magic Hound” Attacks
A cyber espionage operation linked to Iran and the recent Shamoon 2 attacks has targeted several organizations in the Middle East, particularly in Saudi Arabia.
read more
Shamoon Malware Delivered via Weaponized Documents: IBM
The notorious disk-wiping malware Shamoon used macro-enabled documents and PowerShell scripts to infect targeted systems, according to IBM’s X-Force Incident Response and Intelligence Services (IRIS) team.
read more
Microsoft Postpones February Security Updates to March 14
Microsoft has informed customers that the February security updates, which the company delayed due to unspecified issues, will only be released next month as part of the planned Update Tuesday.
read more
Cyber Warriors See Politics Muddying Security Efforts
San Francisco – President Donald Trump has vowed to improve cyber attack defense, but security experts meeting this week say a fractious domestic and international political landscape could hamstring efforts to improve internet security.
read more
Yahoo Notifies Users of Sophisticated Breach Methods
Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords.
read more
Easy-to-Use Remcos RAT Spotted in Live Attacks
After receiving numerous improvements, a Remote Administration Tool (RAT) that emerged last year on hacking forums was recently observed in live attacks, Fortinet security researchers reveal.
read more
Russian Black Hat Hacks 60 Universities, Government Agencies
A Russian-speaking black hat hacker has breached the systems of more than 60 universities and U.S. government agencies, according to threat intelligence firm Recorded Future.
read more
