ISC Stormcast For Sunday, October 22nd 2017 https://isc.sans.edu/podcastdetail.html?id=5722, (Sun, Oct 22nd)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Source: SANS Internet Storm Center ISC Stormcast For Sunday, October 22nd 2017 https://isc.sans.edu/podcastdetail.html?id=5722, (Sun, Oct 22nd)

Is a telco in Brazil hosting an epidemic of open SOCKS proxies?, (Sun, Oct 22nd)

This is a guest diary submitted by Alan Tu. Please let us know if you like this kind of post. I became interested in how criminals and bad actors conceal…

Hackers Take Over Funeral Home's Email Account and Run Online Scams

Hackers have taken over the email account of a Louisiana funeral home and are sending email scams to the company’s customers, asking for money. […] Source: leepingcomputer.com Hackers Take…

Anti-Virus: Don't Stop Believing

‘Devil You Know’ Is Better Than No Anti-Virus At All, Security Expert WarnsWill all of the anonymously lobbed U.S. government allegations against Moscow-based security vendor Kaspersky Lab send anti-virus users…

DMARC: A Close Look at the Email Validation System

An in-depth look at the DMARC anti-spoofing system – which the U.S. Department of Homeland Security this past week said it will require federal agencies to adopt – leads the…

Locky Ransomware Spam Infects via Microsoft Office

Look Ma, No Macros: Malicious Spam Wields Windows Application-Linking FeatureSpammers wielding Locky ransomware have a new trick up their sleeves: the ability to infect PCs via malicious Microsoft Word documents…

Surveying 17 Anti-Virus Firms on Their Security Practices

In Kaspersky Lab Saga’s Wake, Here’s How AV Firms Have Responded – Or NotThe Kaspersky Lab saga raises questions about how vulnerable any anti-virus products and back-end cloud networks might…

HIPAA Compliance: Self-Insured Company Reports Breach

Case Spotlights Regulatory Responsibilities of Businesses Outside Healthcare ArenaA lawn mower engine manufacturer’s notification to federal regulators of a health data breach impacting thousands of its workers highlights the HIPAA…

Office DDE attack works in Outlook too – here’s what to do

DDE attacks can be run from within Outlook emails and calendar invites Source: Naked Security Sophos Office DDE attack works in Outlook too – here’s what to do

New Magniber Ransomware Targets South Korea, Asia Pacific

Researchers identified a new ransomware family called Magniber that uniquely only targets users in South Korea and the Asia Pacific regions. Source: threatpost.com/ New Magniber Ransomware Targets South Korea,…

Microsoft Adds Game Anti-Cheat Engine to Windows 10

With the release of the Windows 10 Fall Creators Update earlier this week, Microsoft quietly rolled out a gaming anti-cheat engine, similar to Valve’s VAC system. […] Source: leepingcomputer.com …

One year Anniversary of Dyn DDOS, (Fri, Oct 20th)

Today,  October 21st, marks the one year anniversary of the DDOS attack on Dyn. The attack impacted Dyn’s DNS service, and caused degradation, or inavailability of several popular websites, including amazon.com….

Teen Sentenced for Prank That Almost Brought Down a County's 911 Service

A US judge sentenced a 19-year-old teenager to three years probation for a prank gone wrong that resulted in the accidental DDoS and near crash of the Mariposa County’s 911…

Cisco fixes for KRACKs not complete, (Fri, Oct 20th)

Cisco has updated their advisory from earlier in the week for CVE-2017-13082, Key Reinstallation Attacks, refered to as KRACKs. It appears the original updates did not completely address the CVE.  New…

The Week in Ransomware – October 20th 2017 – Magniber and the Hermes Bank Heist

This week we had our fair share of smaller variants being distributed or created, but the big news was by far the release of Magniber and the use of the Hermes…

Next Page