A China-linked cyber espionage group known as Lotus Blossom has used fake invitations to an upcoming Cybersecurity Summit to trick users into installing a piece of malware on their systems. This is the latest in a string of cyber attacks where hacker groups use educational cybersecurity presentations and events to lure unsuspecting users into downloading malware. The security firm respponsible for the event in question had spotted attacks against government and military organizations in Southeast Asia, including Vietnam, Philippines, Taiwan, Hong Kong and Indonesia.
Source: http://www.securityweek.com/china-linked-cyberspies-lure-victims-security-conference-invites
Monday, October 31, 2016
Wednesday, October 26, 2016
VMware Flaws Allow Security Bypass on Mac OS X
This article describes a security vulnerability on VMware running Mac OS X. To most users this presents as a surprise given Mac OS's reputation for security. VMware tools has been patched for several of these vulnerabilities.
Source: http://www.securityweek.com/vmware-flaws-allow-security-bypass-mac-os-x
Source: http://www.securityweek.com/vmware-flaws-allow-security-bypass-mac-os-x
Wednesday, October 19, 2016
Researchers Build Configuration Extractor for Locky Ransomware
There is a new open source utility called LockyDump. This utility was created by researchers working on the problem of the ransom ware Locky. The utility allows users to extract the config and various information. Ransom ware researchers can then track information used in developing trends shown by criminals and the ransom ware.
Source: http://www.securityweek.com/researchers-build-configuration-extractor-locky-ransomware
Source: http://www.securityweek.com/researchers-build-configuration-extractor-locky-ransomware
Wednesday, October 12, 2016
Newsweek Joins Growing Club of Possible Russian Cyberattack Targets
After some comments made by a Newsweek article their site was under DDoS attack. It is suspected that the attack was politically motivated. Most of the IP addresses were originating from Russia. This would not be the first DDoS attack that has been politically motivated.
Source: http://www.technewsworld.com/story/83968.html
Source: http://www.technewsworld.com/story/83968.html
Monday, October 3, 2016
Hacking Elections Is Easy, Study Finds
This article discusses hacking in relation to the U.S. democratic process. I found it rather interesting that educated security personnel had a few comments on the subject. "It might be possible to change some votes, but to change the outcome of an election and do so in a way that could not be detected is not practical at this point." Apparently the current system(s) used by each state makes it rather difficult to influence the elections in any major or undetectable manner. The question is raised if suggested systems by the media recently are actually safer and what would be realistically required for a standardized IT solution to voting.
Source: http://www.technewsworld.com/story/83947.html
Source: http://www.technewsworld.com/story/83947.html
Subscribe to:
Posts (Atom)