2019, Architecture and Information Security

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

A new vulnerability, tracked as CVE-2019-0090 , affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years.

Firmware

Firmware Technology Advertising Authentication

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. In May 2019, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Surveillance Architecture Software

CVE-2019-10149: “Return of the WiZard” Vulnerability: Crooks Start Hitting

Security Affairs

JUNE 24, 2019

Malware researchers at Cybaze-Yoroi ZLAB observed many attack attempts trying to spread malware abusing the CVE-2019-10149 issue. EW N030619 , CVE-2019-10149 ). Sigurdsson (Security Researcher), which abuses ToR network to distribute its payload, or also the 9th June wave which tried to download a particular Linux agent.

Malware

Malware Internet Internet Advertising

Webinars

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

MORE WEBINARS

ENISA publishes a Threat Landscape for 5G Networks

Security Affairs

NOVEMBER 21, 2019

An EU-wide Coordinated Risk Assessment of 5G networks has been published on the 9 th October 2019. Today’s ENISA 5G Threat landscape complements the Coordinated Risk Assessment with a more technical and more detailed view on the 5G architecture, the assets and the cyber threats for those assets.

Architecture

Architecture Risk Telecommunications Advertising

NASA Audit: Cyber Risk Skyrockets with 'Work from Home'

SecureWorld News

MAY 27, 2021

Here are three examples from the new report: "In 2019, a NASA contract employee used a personal computer to access NASA-owned networks and systems to mine cryptocurrency.". "In 6 key areas where NASA's information security is failing. Pervasive weaknesses exist in NASA IT internal controls and risk management practices.

Cyber Risk

Cyber Risk Risk Architecture Cyber threats

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Security Affairs

NOVEMBER 1, 2021

The number of infected devices is impressive, on 2019-11-30 a trusted security partner in the US informed Qihoo 360’s Netlab Cybersecurity reported to have observed 1,962,308 unique daily active IPs from the Pink botnet targeting its systems.

Architecture

Architecture DDOS Advertising Firmware

Securing the Unsecured: State of Cybersecurity 2019 – Part I

McAfee

OCTOBER 8, 2019

Q1: What are some of the IT security trends for 2019? The biggest challenge is information security extension in a multi-cloud world. Machine learning will be throughout the information security technology stack soon. What value do you add as a security professional to the customer experience?

Digital transformation

Digital transformation Cybersecurity IoT Technology

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

The RSA Conference USA 2019 held in San Francisco — which is the world’s largest cybersecurity event with more than 40,000 people and 740 speakers — is a decent measuring stick for representation of women in this field. Please join McAfee, AWS, and our customers to discuss the impact women are having on information security in the cloud.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

Finalists: Best Professional Certification Program

SC Magazine

MARCH 29, 2021

The following organizations are being recognized for delivering top programs that offer certifications to IT security professionals wishing to receive educational experience and credentials to enhance their knowledge and ensure they remain at the top of their game. FINALIST | BEST PROFESSIONAL CERTIFICATION PROGRAM. labor market.

Penetration Testing

Penetration Testing Architecture Education Technology

WildPressure APT expands operations targeting the macOS platform

Security Affairs

JULY 7, 2021

WildPressure APT is targeting industrial organizations in the Middle East since 2019 and was spotted using now a new malware that targets both Windows and macOS. Further investigation led to the discovery of other samples of the same malware that infected systems back in May, 2019. ” states the report published by Kaspersky.

Malware

Malware VPN Architecture Hacking

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019. ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Security Affairs

OCTOBER 11, 2023

Netis WF2419: CVE-2019-19356 , a Remote Code Execution (RCE) issue through the tracert diagnostic tool because caused by the lack of user input sanitizing. Upon executing the script, it deletes logs and downloads and executes various bot clients to target specific Linux architectures.

DDOS

DDOS Wireless Architecture IoT

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

In January 2019, Reuters published a report into Project Raven, a campaign allegedly conducted by former NSA operatives and aiming at the same types of targets as Stealth Falcon. The Deadglyph’s architecture is composed of cooperating components, a native x64 binary and other.NET assembly.

Spyware

Spyware Malware Architecture Encryption

New Mirai botnet targets tens of flaws in popular IoT devices

Security Affairs

JUNE 22, 2023

Upon executing the script, it would download and execute the proper bot clients for the specific Linux architectures: hxxp://185.225.74[.]251/armv4l Since March 2023, researchers at Palo Alto Networks Unit 42 have observed a new variant of the Mirai botnet targeting multiple vulnerabilities in popular IoT devices. 251/mips hxxp://185.225.74[.]251/mipsel

IoT

IoT Malware Encryption DDOS

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

The new WatchBog variant includes a new spreader module along with exploits for the following recently patched vulnerabilities in Linux applications: CVE-2019-11581 (Jira) CVE-2019-10149 (Exim) CVE-2019-0192 (Solr) CVE-2018-1000861 (Jenkins) CVE-2019-7238 (Nexus Repository Manager 3).

Architecture

Architecture Cryptocurrency Malware Advertising

New modular ModPipe POS Malware targets restaurants and hospitality sectors

Security Affairs

NOVEMBER 12, 2020

ESET has been aware of the existence of modules since the end of 2019 when its experts first spotted the “basic” components of the malware. ” The credentials exfiltrated by ModPipe allow operators to access database contents, including various definitions and configuration, status tables, and information about POS transactions.

Malware

Malware Architecture Passwords Software

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

If this level of access is acquired, an attacker could potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by the operating system.” AMD pointed out that only certain processors released between 2016 and 2019 are affected by the vulnerability.

Firmware

Firmware Architecture Advertising Manufacturing

VMware addressed flaws in its Workstation and Tools

Security Affairs

JUNE 6, 2019

VMware has informed its users that it has patched two high-severity vulnerabilities that affect its Tools and Workstation software. The first security flaw, tracked as CVE-2019-5522, affects VMware Tools 10.x VMware has patched two high-severity flaws that affect its Tools and Workstation software. x on Windows. for Linux.

Architecture

Architecture Advertising Software Hacking

Black Hat USA 2021 Network Operations Center

Cisco Security

AUGUST 12, 2021

This requires a robust connection to the Internet (Lumen and Gigamon), firewall protection (Palo Alto Networks), segmented wireless network (Commscope Ruckus) and network full packet capture & forensics and SIEM (RSA NetWitness); with Cisco providing cloud-based security and intelligence support. SECURITY CATEGORY (PHISHING).

DNS

DNS Firewall Phishing Mobile

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. The campaign was uncovered by CrowdStrike by investigating a series of security incidents in multiple countries, the security firm added that the threat actors show an in-depth knowledge of telecommunications network architectures.

Telecommunications

Telecommunications Mobile Hacking Architecture

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other Small Office/Home Office (SOHO) network devices. ” reads the advisory published by the UK National Cyber Security Centre. ” reads the advisory published by the UK National Cyber Security Centre.

Malware

Malware Firmware Architecture Firewall

New GTPDOOR backdoor is designed to target telecom carrier networks

Security Affairs

MARCH 4, 2024

CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. In October 2021, CrowdStrike uncovered a campaign after the investigation of a series of security incidents in multiple countries.

Telecommunications

Telecommunications Firewall Mobile Malware

Does your Next-gen SWG provide Next-Gen Availability?

McAfee

JUNE 2, 2020

No doubt, information security is only one of many professions tasked with making strategic or procedural shifts in response to the pandemic. Keeping remote workers productive, data secured, and endpoints protected from ransomware —may seem a bit overwhelming at times. Consider these three factors: 1. Scalability. Reliability.

Architecture

Architecture Mobile Phishing Malware

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

includes several new flaws, including: Vulnerability Affected software CVE-2017-17105 Zivif PR115-204-P-RS CVE-2019-10655 Grandstream CVE-2020-25223 WebAdmin of Sophos SG UTM CVE-2021-42013 Apache CVE-2022-31137 Roxy-WI CVE-2022-33891 Apache Spark ZSL-2022-5717 MiniDVBLinux. “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other Small Office/Home Office (SOHO) network devices. ” Cyclops Blink is nation-state botnet with a modular architecture, it is written in the C language. India, Italy, Canada, and Russia.

IoT

IoT Firewall Malware Internet

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Security Affairs

OCTOBER 20, 2021

The payload fetched by the PowerShell targets 64-bit architecture systems, it is a long script consisting of three components: Tater (Hot Potato – privilege escalation) PowerSploit Embedded exploit bundle binary (privilege escalation). Most of the servers are located in China and belong to the infrastructure of the PurpleFox botnet.

Encryption

Encryption DNS Architecture Firewall

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

The new versions of FinSpy spyware were used by a new unknown hacking group, Amnesty International speculates the involvement of a nation-state actor that employed them since September 2019. It extracts the binary for the relevant architecture in /tmp/udev2 and executes it. ” continues the analysis.

Spyware

Spyware Surveillance Mobile Advertising

Code Execution and DoS flaw addressed in QEMU

Security Affairs

AUGUST 27, 2019

QEMU is affected by a vulnerability, tracked as CVE-2019-14378 , that could be exploited by attackers to trigger a DoS condition or to gain arbitrary code execution. “ CVE-2019-14378 , which is a pointer miscalculation in network backend of QEMU. Some context on the impact and the security architecture of QEMU : 1.

Advertising

Advertising Architecture Internet Internet

Millions of computers powered by Intel chips are affected by MDS flaws

Security Affairs

MAY 14, 2019

Researchers from multiple universities and security firms discovered a new class of speculative execution side-channel vulnerabilities that could be exploited with new side-channel attack methods dubbed Fallout, RIDL (Rogue In-Flight Data Load), and ZombieLoad. ” reads a post published by Intel. .

Architecture

Architecture Advertising Encryption Passwords

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

In December 2019, Maastricht University (UM) announced that ransomware infected almost all of its Windows systems on December 23. “Since the cyber attack on 23 December 2019, UM has been working hard: on the one hand, to repair the damage and, on the other hand, to make education and research p ossible again as soon as p ossible.”

Ransomware

Ransomware Cyber Attacks Architecture Backups

Companies paid $4.2M bug bounties for XSS flaws in 2020

Security Affairs

OCTOBER 31, 2020

” Improper Access Control follows XSS in the list of most awarded vulnerability type in 2020, experts observed an increase of 134% in occurrence compared to 2019. Information Disclosure accounts for 63% from last year. That means organizations are mitigating this common, potentially painful bug on the cheap.” million / €33.4

Accountability

Accountability Advertising Architecture Hacking

Cisco and Netflix execs: The pandemic brought good, and some bad changes in security standards

SC Magazine

MAY 17, 2021

CEO Chuck Robbins speaks onstage September 26, 2019 in New York City. Robbins and Jimmy Sanders, head of information security at Netflix, both noted during the RSA Conference the degree of change in security driven by the pandemic. Photo by Theo Wargo/Getty Images for Global Citizen).

Architecture

Architecture Cybercrime Information Security Mobile

AMD admits hacker stole source code files related to its GPUs

Security Affairs

MARCH 28, 2020

The hacker claims to have obtained files related to several AMD graphics processing units (GPUs), including the Navi 10 architecture and the upcoming Navi 21, and Arden. Arden is believed to be the codename for the GPU that will be used in Microsoft’s next- gen Xbox Series X console. . “In

Advertising

Advertising Architecture Hacking Data breaches

Myrocket HR platform’s data leak turns into privacy nightmare for employees

Security Affairs

JANUARY 18, 2023

Rocket was recently acquired [Dutch-owned OLX bought it back in 2019], and enforcement of parent company standards is in progress, along with architectural corrections. To guarantee the safety of the user data, the company claims to have started an internal investigation of the matter.

Identity Theft

Identity Theft Insurance Penetration Testing Banking

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

Privacy and Cybersecurity Law

JUNE 23, 2021

On June 11, 2021, the Regulation on notifications of incidents affecting networks, information systems and IT services (“ Regulation ”) – adopted by means of the Decree of the President of the Council of Ministers (DPCM) of 14 April 2021, no. 81– was published in the Italian Official Gazette. 105 (establishing the NCSP). Share on Facebook.

Cybersecurity

Cybersecurity Architecture Data breaches Technology

5ss5c Ransomware emerges after Satan went down in the hell

Security Affairs

JANUARY 15, 2020

The threat actors behind the Satan , DBGer and Lucky ransomware and likely Iron ransomware, is back with a new piece of malware named ‘5ss5c’ The Bart Blaze believes that the threat actors have been working on the 5ss5c ransomware since at least November 2019, and likely the malicious code is still under development.

Ransomware

Ransomware Cybercrime Architecture Advertising

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The MosaicRegressor framework was developed for cyber espionage purposes, its modular architecture allows operators to perform multiple actions. Kaspersky researchers revealed to have found MosaicRegressor components at several dozen entities between 2017 and 2019.

Firmware

Firmware Spyware Surveillance Hacking

Silex malware bricks thousands of IoT devices in a few hours

Security Affairs

JUNE 26, 2019

Cashdollar (@_larry0) June 25, 2019. pic.twitter.com/gUjWCdSIQO — Ankit Anubhav (@ankit_anubhav) June 25, 2019. The IoT malware is targeting any Unix-like system with default login credentials, according to Cashdollar it leverages a Bash shell version to target any architecture running a Unix like OS.

IoT

IoT Malware Advertising Firmware

NK CARROTBALL dropper used in attacks on U.S. Govn Agency

Security Affairs

JANUARY 24, 2020

Experts noticed that all of the malicious documents used in the campaign used the same macro that allowed attackers to determine the target Windows architecture, execute a command that was hidden in a textbox included in the document and then clear the contents of the textboxes and save the document. ” continues the analysis.

Malware

Malware Government Advertising Phishing

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

“According to our telemetry, several dozen unique mobile devices have been infected over the past year, with recent activity recorded in Myanmar in June 2019.” The implant analyzed by the experts contained binary files for ARMv7 and ARM64 CPU architectures. ” reads the report published by Kaspersky.

Spyware

Spyware Mobile Advertising Architecture

NUVOLA: the new Cloud Security tool

Security Affairs

SEPTEMBER 28, 2022

Still, with common configuration issues and other vulnerabilities becoming commonplace in AWS architecture, it’s important to understand how bad actors could exploit our environments by understanding the most common AWS privilege escalations used. Cloud Security Context.

Engineering

Engineering Technology Architecture Accountability

Trend Micro observed notable malware activity associated with the Momentum Botnet

Security Affairs

DECEMBER 18, 2019

The Momentum bot targets various Linux platforms running upon multiple CPU architectures, including ARM, MIPS, Intel, and Motorola 68020. The C&C servers were live as recently as November 18 2019.” “Smart and connected devices are prone compromise because of limited security settings and protection options.

Malware

Malware DDOS DNS Advertising

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. RCE CVE-2020-5902 F5 BigIP RCE No CVE (vulnerability published on 2019) ThinkPHP 5.X The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities.

Malware

Malware DDOS IoT Cybercrime

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

Security Affairs

JULY 4, 2019

The experts analyzed two samples of the Godlua backdoor, one for Linux boxes (version 201811051556) and the other for Windows systems, the latter supporting more built-in commands and more CPU architectures (version 20190415103713 ~ 2019062117473). Only the second sample, the Windows one, appears to be continuously updated.

DNS

DNS Malware Advertising DDOS

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Webinars

Trending Sources

CVE-2019-10149: “Return of the WiZard” Vulnerability: Crooks Start Hitting

Webinars

ENISA publishes a Threat Landscape for 5G Networks

NASA Audit: Cyber Risk Skyrockets with 'Work from Home'

Pink Botnet infected over 1.6 Million Devices, it is one of the largest botnet ever seen

Securing the Unsecured: State of Cybersecurity 2019 – Part I

SPOTLIGHT: Women in Cybersecurity

Finalists: Best Professional Certification Program

WildPressure APT expands operations targeting the macOS platform

Mozi Botnet is responsible for most of the IoT Traffic

Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

New Mirai botnet targets tens of flaws in popular IoT devices

WatchBog cryptomining botnet now uses Pastebin for C2

New modular ModPipe POS Malware targets restaurants and hospitality sectors

AMD is going to patch UEFI SMM callout privilege escalation flaw

VMware addressed flaws in its Workstation and Tools

Black Hat USA 2021 Network Operations Center

China-linked LightBasin group accessed calling records from telcos worldwide

US and UK link new Cyclops Blink malware to Russian state hackers?

New GTPDOOR backdoor is designed to target telecom carrier networks

Does your Next-gen SWG provide Next-Gen Availability?

A new Zerobot variant spreads by exploiting Apache flaws

Russia-linked Cyclops Blink botnet targeting ASUS routers

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Unknown FinSpy Mac and Linux versions found in Egypt

Code Execution and DoS flaw addressed in QEMU

Millions of computers powered by Intel chips are affected by MDS flaws

Maastricht University finally paid a 30 bitcoin ransom to crooks

Companies paid $4.2M bug bounties for XSS flaws in 2020

Cisco and Netflix execs: The pandemic brought good, and some bad changes in security standards

AMD admits hacker stole source code files related to its GPUs

Myrocket HR platform’s data leak turns into privacy nightmare for employees

Italian National Cybersecurity Perimeter: With great power comes great responsibility!

5ss5c Ransomware emerges after Satan went down in the hell

Second-ever UEFI rootkit used in North Korea-themed attacks

Silex malware bricks thousands of IoT devices in a few hours

NK CARROTBALL dropper used in attacks on U.S. Govn Agency

New FinFisher spyware used to spy on iOS and Android users in 20 countries

NUVOLA: the new Cloud Security tool

Trend Micro observed notable malware activity associated with the Momentum Botnet

EnemyBot malware adds new exploits to target CMS servers and Android devices

Godlua backdoor, the first malware that abuses the DNS over HTTPS (DoH)

Stay Connected