Security News

Application threats and security trends you need to know aboutApplications are a gateway to valuable data, so it's no wonder they are one of attackers' preferred targets. C-suite execs often pressure IT teams to make security exceptions for themThe C-suite is the most likely group within an organization to ask for relaxed mobile security protocols - despite also being highly targeted by malicious cyberattacks, according to MobileIron.

The Russia-linked APT group Sandworm has been spotted exploiting a vulnerability in the internet's top email server software, according to the National Security Agency. Exim is the default MTA included on some Linux distros like Debian and Red Hat, and Exim-based mail servers in general run almost 57 percent of the internet's email servers, according to a survey last year.

A new version of the Sarwent malware can open the Remote Desktop Protocol port on target Windows computers to make sure that crooks can find their way back into the system through the backdoor. Create a new Windows user account, enable the RDP service for it, and make changes to the Windows firewall so that RDP access to the infected machine is allowed.

While encryption can come in many forms, it always comes with the same goal: protecting data confidentiality. End-to-end encryption achieves that goal by setting up an encrypted channel where only the client applications themselves have access to the decryption keys.

The U.S. Department of Justice announced on Monday that the FBI managed to gain access to the data stored on two iPhones belonging to an individual who last year killed and wounded several people at a United States naval base. U.S. Attorney General William Barr and FBI Director Christopher Wray announced on Monday that the FBI managed to access the data stored on the two locked iPhones.

A vulnerability discovered last year in the defunct OneTone WordPress theme plugin is now being exploited by hackers to compromise entire sites while installing backdoor admin accounts. If successful, hijacking this session in turn allows them to create a backdoor admin account as well as set up additional PHP backdoors through the WordPress dashboard for added persistence.

In March researchers reported that some apps pay a lot of attention to other apps installed on a device, which in theory could be used to gather data on a user's behaviour and inclinations. The study examined two issues - what proportion of apps exhibited secret behaviours and how these might be used or abused.

A recently uncovered attack campaign that stayed under the radar since May 2018 has targeted Microsoft SQL servers with backdoors and crypto-miners, Guardicore Labs reveals. Attacks begin with MS-SQL brute force login attempts and continue with a series of configuration changes to allow command execution.

Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "Vulgar" modus operandi, researchers at Guardicore Labs said the attack employs password brute-force to breach Microsoft SQL servers with weak credentials exposed to the Internet. Researchers claim the attackers managed to successfully infect nearly 2,000-3,000 database servers daily over the past few weeks, with potential victims belonging to healthcare, aviation, IT & telecommunications, and higher education sectors across China, India, the US, South Korea, and Turkey.

Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems. Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.