Recent Posts

Pages: [1] 2 3 ... 10
1
Security & Technology News / Who Is Agent Tesla?
« Last post by Antus67 on Today at 01:07:54 am »
Author: Brian Krebs

A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay monthly fees to license the software. Although Agent Tesla includes a multitude of features designed to help it remain undetected on host computers, the malware’s apparent creator seems to have done little to hide his real-life identity.

The proprietors of Agent Tesla market their product at agenttesla-dot-com, selling access to the software in monthly licenses paid for via bitcoin, for prices ranging from $15 to $69 per month depending on the desired features.



Krebs On Security:https://krebsonsecurity.com/
2

By AFP on October 22, 2018

A website for a Saudi investment summit was down on Monday after an apparent cyber attack, just a day before the three-day conference overshadowed by the murder of journalist Jamal Khashoggi begins.

There was no immediate claim of responsibility for the apparent attack on the Future Investment Initiative (FII) website, as organisers scrambled to prepare for the summit after a string of cancellations from global business titans over the murder.

Hackers appeared to deface the website with a host of critical messages over its role in the war in Yemen and accusing the kingdom of terrorism financing.

The website was later taken down.

full article here:https://www.securityweek.com/hackers-deface-website-saudi-investment-forum
3

By Ionut Arghire on October 22, 2018

Cisco and F5 Networks are investigating the possible impact of the recently patched libssh vulnerability on their products, while other vendors have concluded similar investigations.

The bug, discovered by Peter Winter-Smith, security consultant at NCC Group, could allow an attacker to authenticate on a server without credentials. Specifically, the attacker could send the server a message to trick it into believing that authentication has been successful even if the process didn’t even start.

The flaw was reported to libssh developers on June 25 and impacts versions 0.6 and later of the library. Tracked as CVE-2018-10933, the vulnerability was addressed with the release of libssh 0.8.4 and 0.7.6 last week.

full article here:https://www.securityweek.com/cisco-f5-networks-investigate-libssh-vulnerability-impact
4
Author:
InfoSec Insider
Steve McGregory
October 22, 2018


The advent of 5G presents an opportunity for us to think the exploding number of IoT devices and how we securely connect to the digital world.

There is a lot of buzz building over fifth-generation mobile networks (5G) and how they will revolutionize the fast-growing numbers of internet-connected devices — but what about security?

What makes 5G so closely tied to billions of Internet of Things (IoT) devices is its speed (5G is expected to be 10 times faster than 4G LTE), low latency, and the fact that it is expected to use Low Power Wide Area (LPWA) technology to connect large numbers of far-flung, low-power IoT devices for industrial applications.

full article here:https://threatpost.com/the-danger-and-opportunity-in-5g-connectivity-and-iot/138493/
5

Author: Tara Seals
October 22, 2018 11:41 am





A hack targeted the Direct Enrollment pathway, which allows insurance agents and brokers to help consumers sign up for Affordable Care Act coverage.

A hack of the government’s Affordable Care Act-mandated healthcare exchanges has exposed the files of 75,000 individuals.

According to the Centers for Medicare and Medicaid Services (CMS), its staff detected “anomalous activity” in the Direct Enrollment pathway on Oct. 13 – with a breach declared three days later on Oct. 16. Details as to how the portal was compromised and what specific consumer information was exposed have not been released.

full article here:https://threatpost.com/obamacare-sign-up-channel-breach-affects-75k-consumers/138482/
6
Security Software / Re: SpywareBlaster Updates
« Last post by hayc59 on October 22, 2018, 09:27:24 pm »
New: 10.22.2018
Items: 17934
Last: 09.18.2018
Last: 17918
Changes: 16 Entries
16 Internet Explorer
0 Restricted Sites
0 Mozilla/Firefox
0 Chrome
0 Pale Moon

After updating remember to enable all protection!

Download: Online Updater
7
General Software / Re: Mozilla Firefox Quantum
« Last post by hayc59 on October 22, 2018, 05:40:58 pm »
Firefox v63.0 Released
Released: October 23 2018


Whats New
• We’re still preparing the notes for this release, and will post them here when they are ready.
Please check back later.

Direct Download: Firefox 63.0 for Windows | Fully Localized Versions
More Info: Release Notes
More Info: Build Notes
More Info: Security Advisories
8
Author: Ionut Ilascu



FreeRTOS, the open-source operating system that powers most of the small microprocessors and microcontrollers in smart homes and critical infrastructure systems has 13 vulnerabilities, a third of them allowing remote code execution.

The vulnerabilities are in the TCP/IP stack and affect the FreeRTOS derivation maintained by Amazon and the OpenRTOS and SafeRTOS maintained by WITTENSTEIN high integrity systems (WHIS), which are variants for commercial products available under the MIT license.

full article here:https://www.bleepingcomputer.com/news/security/remote-code-execution-flaws-found-in-freertos-popular-os-for-embedded-systems/
9
Security & Technology News / USA and China identified as top cyber attack sources
« Last post by Antus67 on October 22, 2018, 01:51:26 pm »
Author: Help Net SecurityOctober 22, 2018

NSFOCUS released its H1 Cybersecurity Insights report, which analyzed traffic from January 1, 2018 to June 30, 2018.



Since the end of March, the number of crypto mining activities has risen sharply compared to the beginning of 2018. Among all crypto miners, WannaMine was the most active, responsible for more than 70 percent of all detected crypto mining activities detected by NSFOCUS.

full article here:https://www.helpnetsecurity.com/2018/10/22/top-cyber-attack-sources/
10
Security & Technology News / City Pays $2,000 in Computer Ransomware Attack
« Last post by Antus67 on October 22, 2018, 01:15:00 am »

By Associated Press on October 19, 2018

A Connecticut city has paid $2,000 to restore access to its computer system after a ransomware attack.

West Haven officials said Thursday they paid the money to anonymous attackers through the digital currency bitcoin to unlock 23 servers and restore access to city data.

The attack disabled servers early Tuesday morning, and city officials say it was contained by 5:30 p.m. Wednesday.

full article here:https://www.securityweek.com/city-pays-2000-computer-ransomware-attack
Pages: [1] 2 3 ... 10