Security researcher Assaf Baharav from Check Point Security has discovered a new twist on an old, fairly well-known attack. He was able to essentially "weaponize" PDFs to steal Windows credentials stored in NTLM hashes. Unfortunately, no action other than simply opening the PDF is required for the hacker to gain access to the information. Baharav used the same methodology that hackers have used in the past, which amounts to instantiating SMB requests from inside the document. Hackers have … Read more
WiFi Sync on iOS Vulnerable To TrustJacking
Owners of Apple devices have a new attack vector to worry about, called "TrustJacking." Symantec researchers recently stumbled across a pair of scenarios that take advantage of Wi-Fi syncing of various Apple devices. These are scenarios that also take advantage of the trust users have in the security of their own devices, allowing hackers to take complete control over those devices. The flaw is a consequence of the way that iTunes Wi-Fi Sync is designed. The vulnerability manifests when a … Read more
New Malware Takes Screenshots and Steals Your Passwords
Recently, a new strain of malware called "SquirtDanger" has been found by researchers at Palo Alto Networks Unit 42, and it's a particularly nasty one for a couple of reasons. First and foremost, the owner of the malware isn't orchestrating campaigns himself, but rather, selling his product as a commodity on the Dark Web. That has troubling implications because the malware is quite advanced, and since it's being sold to a broad cross-section of hackers, odds are excellent that it will be … Read more
Bank Employee Steals Info On Over A Million Customers
Atlanta-based SunTrust Bank is the 12th largest bank in the US. They have a major problem, and so do roughly a million and a half of its customers. According to CEO William Rogers, an unidentified employee of the firm printed a vast amount of private customer information, including their names, addresses, phone numbers and account balance information. Rogers stressed that social security numbers, account numbers, driver's license numbers, user IDs, and passwords were not exposed. In a … Read more
Researchers Find Major Vulnerabilities In Banking Apps
Do you do your banking online? If so, there's bad news in the form of a report recently released by the security firm "Positive Technologies." The company tested a variety of websites using a proprietary tool they developed in-house, which scans websites for security flaws. While flaws were found across a wide range of industries, literally every banking site Positive Technologies tested was found to have serious security flaws. The particulars varied from one bank to the next, but the … Read more
Major Server Ring Distributing Malware Taken Down
Score one for the good guys. A researcher from BrilliantIT was recently able to figure out how infected computers would connect to EITest's command and control server, and using that information, was able to bring down their entire network. If you haven't heard of EITest before, the true significance of that statement might not be registering. EITest first appeared in 2011. In its original incarnation, it was little more than an annoyance. It was a collection of compromised servers used … Read more
Hacked Routers Being Used To Spread Malware
Beware of compromised routers spreading malware. This is according to both Kaspersky Labs and a recently released government report. Using hacked routers to spread malware is nothing new. Security insiders have known about it for years. However, since 2008, the number of instances where routers are being used to push malicious code has been steadily increasing. Researchers are observing marked increases in their use by APTs (Advanced Persistent Threat) around the world. APTs are nothing … Read more
Panera Bread Customer Accounts Exposed To Threats
Panera Bread company is the latest to find itself in hot water. Recently, security researcher Dylan Houlihan discovered that the company had failed to encrypt (or otherwise protect) a file containing usernames, email addresses, physical addresses, phone numbers and loyalty account numbers for a staggering thirty-seven million of its customers. The file was found stored as plain text, and accessible to anyone who bothered to go looking for it. The good news is that no one appears to have … Read more
No Spectre Fix For Certain Intel Processors
The bad news just doesn't seem to stop where Intel and the Speectre vulnerability are concerned. The latest bit of news comes directly from Intel, as the company admits that it's just not possible to address the Spectre vulnerability in some of its older hardware. This means that nine families of chips and more than 230 models of computers (mostly manufactured between 2007 and 2011) will remain vulnerable to Spectre forever. The company has stopped Spectre mitigation development on the … Read more
Microsoft Helping With Ransomware In Office 365
Microsoft recently made small but significant changes to its Office 365 subscription service and to OneDrive, which are often used in tandem. The goal is to make it easier for users whose files have been encrypted by ransomware (or otherwise corrupted) to recover them. The most significant of the changes is a new button that Office 365 users will see a new "File Restore" function in both applications. If you've saved your Office 365 files to OneDrive, you'll be able to restore files in a … Read more
