Security Talk (124)

News, and Disucssions centered on Security

Rate this item
(0 votes)
This one goes in the “this is why patching is important” file and highlights the need to be able to quickly apply patches for critical flaws found in different devices and software. After the disclosure of a critical vulnerability tracked…
Rate this item
(0 votes)
When most people think of malware, they think of binaries that are downloaded to a drive and executed. However, that is only part of the malware world. The other side does not actually download the malicious binary directly to the…
Rate this item
(0 votes)
Its seems that the efforts of Ukrainian hacktivists have decided to focus their efforts on a new and interesting target. In addition to other strategic targets, they have gone after one of the central portals for Russian alcohol distribution. The…
Rate this item
(0 votes)
in the wild. The patch for this bug is one of 37 that are part of the monthly security release which covers multiple components in the popular mobile OS. This comes at a time when mobile banking malware is on…
Rate this item
(0 votes)
The idea of DLL hijacking is a well known one and one that is used by attackers to compromise security tools and even sophisticated anti-malware solutions. DLLs (Dynamic Link Library) are not much more than static files that sit idle…
Rate this item
(0 votes)
Ransomware is a huge shadow over many businesses and individuals’ heads. It has loomed as a significant threat since the first stains hit the internet inside malicious zip files masquerading as “Xerox” documents. Since that time ransomware and the groups…
Rate this item
(0 votes)
Google is an odd company. They have used the personal vs corporate data ownership line like a jump rope over the years. We have watched them for a long time and all we can say is that their track record…
Rate this item
(0 votes)
It Cloud services are exceptionally popular as a cost effective and simple method to maintain common operational needs. Everything from email to fully fledged infrastructures can be maintained in the “cloud”. All of these can be accomplished at lower overall…
Rate this item
(0 votes)
April must be the month for new malware tools to be released, or at least announced as we have already heard about new forms of attack/infection from the group behind Emotet and now we hear that Conti has replaced BazarLoader…
Rate this item
(0 votes)
A new flaw has been identified in the Node.js package manager, NPM. The flaw is being described as a logical flaw, but in reading over the data it seems more like a permissions flaw. The good news is that as…
Rate this item
(0 votes)
Yesterday we told you that the gang behind Emotet was looking to used Excel add-ins as a possible new technique to compromise systems as part of their spamming campaigns. The detected techniques were labeled as potentially being part of research…
Rate this item
(0 votes)
TA542 the wonderful people that brought you Emotet appears to be in the middle of a development and testing cycle on new delivery methods. According to researchers at ProofPoint the creators or the Emotet Botnet are potentially looking to find…
Rate this item
(0 votes)
It seems that Amazon’s hotfix for Log4Shell in their AWS environment might have been a bit rushed. According to a review of the hot there are a total of four CVEs specifically related to the hotfix and how it functions.…
Rate this item
(0 votes)
The breach of IDAM group Okta in January by the self-promoting group Lapsus$ amidst other high-profile breaches and data leaks this year was a significant concern. The concern rose because when the incident first happened, Okta passed it off as…
Rate this item
(0 votes)
CISA has issued another warning that SCADA/ICS systems are being targeted for attack. This time they are in the sights of Nation-State groups and with customized tools. The tools are part of follow-on activities after the initial beachhead has been…
Rate this item
(0 votes)
2022 has been a busy year for the information security industry on both sides of the playing field. We have seen an increase in target attacks on businesses, a larger number of Zero-Day vulnerabilities disclosed that were being actively exploited…
Page 1 of 8