Security News > 2017 > June

EternalBlue Exploit Spreading Gh0st RAT, Nitol (Threatpost)
2017-06-02 18:32

FireEye said threat actors are using the NSA's EternalBlue exploit of the same Microsoft SMBv1 vulnerability as WannaCry to spread Nitol and Gh0st RAT.

Qbot Attacks Cause Active Directory Lockouts (Security Week)
2017-06-02 17:14

Recent malware-induced Active Directory (AD) lockouts impacting numerous organizations appear to have been caused by the Qbot banking malware, IBM security researchers warn. read more

Cybersecurity Reconsidered: A New Look at Exfiltration (InfoRiskToday)
2017-06-02 16:48

Security Leader Chris Pierson on Shifting Focus from InfiltrationToday's cybersecurity industry is far too focused on keeping bad guys out, says Chris Pierson of Viewpost. Organizations need to...

SSH Configuration on Nexpose Servers Allowed Weak Encryption Algorithms (Threatpost)
2017-06-02 16:46

Rapid7 warned this week that its Nexpose appliances were shipped with a SSH configuration that could have let obsolete algorithms be used for key exchange.

Unprotected Hadoop Servers Expose 5 PB of Data: Shodan (Security Week)
2017-06-02 16:46

Hadoop servers that are not securely configured expose vast amounts of data, according to an analysis conducted using the Internet search engine Shodan. read more

What About Mainframe Security? (InfoRiskToday)
2017-06-02 16:18

CA's Chip Mason on the Risks of Neglecting Those Legacy Data ProcessorsBy some estimates, 70 percent of enterprise data still resides on the mainframe. That means mainframe security needs to be a...

US visa applicants will have to provide social media handles (Help Net Security)
2017-06-02 16:16

US consular officials have been provided with a new questionnaire that they can give selected visa applicants to complete. Among other things, Form DS-5535 requires applicants to share all social...

Head to the Cloud for a Head's Up on Fraud (Security Week)
2017-06-02 14:48

When it Comes to Finding Fraudsters, You Must Keep Your Head Above the Clouds.  read more

Threatpost News Wrap, June 2, 2017 (Threatpost)
2017-06-02 14:30

Mike Mimoso and Chris Brook discuss the news of the week, including the ShadowBrokers crowdfunding attempt, errors in WannaCry, a new Wikileaks dump, last week's Samba vulnerability, and the...

Symantec Conducts Company-wide CyberWar Games (Security Week)
2017-06-02 14:23

CyberWar Games Highlight the Increasing Danger from and to an Interconnected World "The next significant cyber attack will likely involve targeting the connected ecosystem of a major business,...