Monthly Archives: September 2017

BlueBorne – Bluetooth’s airborne influenza

Armis Labs has discovered a new attack vector that targets any device that has Bluetooth capability. This includes mobile, desktop, and IoT — roughly accounting for 8.2 billion devices. All operating systems are susceptible — Android, iOS, Windows, and Linux. … Continue reading

Posted in Antivirus | Comments Off on BlueBorne – Bluetooth’s airborne influenza

Threat Landscape for Industrial Automation Systems in H1 2017

Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the results of its research on the threat landscape for industrial automation systems for the first six months of 2017. All statistical data used in this … Continue reading

Posted in Antivirus | Comments Off on Threat Landscape for Industrial Automation Systems in H1 2017

Deloitte breached by hackers for months

On September 25, 2017, Deloitte announced that they detected a breach of the firm’s global email server via a poorly secured admin email in March of this year. Further, the attackers most likely had control of the server since November … Continue reading

Posted in Antivirus | Comments Off on Deloitte breached by hackers for months

Tech support scammers abuse native ad and content provider Taboola to serve malvertising

A large number of publishers – big and small – are monetizing their sites by selling space for companies that provide so-called native advertising, cited as more effective and engaging than traditional banner ads. Indeed, on a news or entertainment … Continue reading

Posted in Antivirus | Comments Off on Tech support scammers abuse native ad and content provider Taboola to serve malvertising

Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity

This post was co-authored by David Sánchez and Jérôme Segura We recently came across a campaign targeting the Saudi Arabia Government via a malicious Word document which at first reminded us of an attack we had previously described on this … Continue reading

Posted in Antivirus | Comments Off on Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity

Elaborate scripting-fu used in espionage attack against Saudi Arabia Government

This post was co-authored by David Sánchez and Jérôme Segura We recently came across a campaign targeting the Saudi Arabia Government via a malicious Word document which at first reminded us of an attack we had previously described on this … Continue reading

Posted in Antivirus | Comments Off on Elaborate scripting-fu used in espionage attack against Saudi Arabia Government

A simple example of a complex cyberattack

We’re already used to the fact that complex cyberattacks use 0-day vulnerabilities, bypassing digital signature checks, virtual file systems, non-standard encryption algorithms and other tricks. Sometimes, however, all of this may be done in much simpler ways, as was the … Continue reading

Posted in Antivirus | Comments Off on A simple example of a complex cyberattack

Keychain vulnerability in macOS

On Monday, Patrick Wardle, a respected security researcher at Synack and owner of Objective-See, sent a tweet about a keychain vulnerability he had found in macOS High Sierra. As his tweet showed, it is possible for a malicious app to … Continue reading

Posted in Antivirus | Comments Off on Keychain vulnerability in macOS

Drive-by mining and ads: The Wild Wild West

There seems to be a trend lately for publishers to monetize their traffic by having their visitors mine for cryptocurrencies while on their site. The idea is that you are accessing content for free and in exchange, your computer (its … Continue reading

Posted in Antivirus | Comments Off on Drive-by mining and ads: The Wild Wild West

A week in security (September 18 – September 24)

Last week, we kept you updated on our blog about the infected versions of CCleaner that were offered as downloads on the official servers. We also warned you against a fake IRS notice that delivers a customized spying tool, some … Continue reading

Posted in Antivirus | Comments Off on A week in security (September 18 – September 24)