Microsoft has released updates earlier this month to patch a vulnerability in the Windows 10 Hello facial recognition system that allows an attacker to bypass the facial scan with a printed photo. Windows Hello is a Windows 10-only feature that uses near infrared (IR) imaging to authenticate and unlock Windows devices, such as desktops, laptops, and tablets that use compatible cameras equipped with a near...
Read More
The Cobalt hacking group was one of the first to promptly and actively exploit CVE-2017-11882(patched last November) in their cybercriminal campaigns. We uncovered several others following suit in early December, delivering a plethora of threats that included Pony/FAREIT, FormBook, ZBOT, and Ursnif. Another stood out to us: a recent campaign that used the same vulnerability to install a “cracked” version of the information-stealing Loki. Sold in hacking forums as a password and cryptocurrency wallet stealer, Loki can...
Read More
Three malware strains —GratefulPOS, Emotet, and Zeus Panda— have sprung to life with new active campaigns just in time for the holiday shopping season. While GratefulPOS appears to be a new malware strain, the other two, Emotet and Zeus Panda, have just suffered minor updates to allow them to go after online shops more active this time of year. GratefulPOS Of the three, the most...
Read More
For the seventh year in a row, password management security company SplashDatahas scraped password dumps to find the year’s worst passwords. This year’s research was drawn from over five million leaked passwords, not including those on adult sites or from the massive Yahoo email breach. The passwords were mostly held by users in North America and Western Europe. SplashData estimates that nearly 10 percent of people have used...
Read More
Android malware like ransomware exemplify how the platform can be lucrative for cybercriminals. But there are also other threats stirring up as of late: attacks that spy on and steal data from specific targets, crossing over between desktops and mobile devices. Take for instance several malicious apps we came across with cyberespionage capabilities, which were targeting Arabic-speaking users or Middle Eastern countries. These were published on Google...
Read More
A malware strain known as Loapi will damage phones if users don’t remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone’s components, which will make the battery bulge, deform the phone’s cover, or even worse. Discovered by Kaspersky Labs, researchers say Loapi appears to have evolved from Podec, a malware...
Read More
Earlier this year researchers first disclosed a targeted attack campaign targeting various sectors in the Middle East. This threat actor was called Two-tailed Scorpion/APT-C-23. Later on, a mobile component called VAMP was found, with a new variant (dubbed FrozenCell) discovered in October. (We detect these malicious apps as ANDROIDOS_STEALERC32). VAMP targeted various types of data from the phones of victims: images, text messages, contacts, and call history, among others. Dozens...
Read More
A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network. Microsoft issued an advisory for the vulnerability on Tuesday. Affected are Office 365 customers running Microsoft’s Active Directory Domain Services in conjunction with Azure AD Connect software installed with the Express Settings, according to Preempt Security that first...
Read More
Ride-sharing company reveals 380,000 in Singapore were affected by the massive data breach that compromised 57 million accounts globally, but says no fraud or misuse has been tied to these users. Uber says an estimated 380,000 users in Singapore were impacted by the 2016 data breach that compromised 58 million accounts globally, but finds no incidents of fraud related to the attack. The ride-sharing operator...
Read More
A dump of 1.4 billion passwords – clear text passwords available in an aggregated, interactive database – was recently discovered online by 4iQ. While it might sound like more of the same, a couple factors make this news both particularly concerning and sadly predictable. Details of the Data Here are a few details about what 4iQ discovered: The 41GB dump was found on December 5, 2017 in...
Read More
