ASCO factory in Zaventem, Belgium was hit by a ransomware infection causing major downtime as most of the plants IT systems were infected. ASCO shut down production in factories across Germany, Canada, and the United States. What is the issue? ASCO, one of the largest airplane parts manufacturer, suffered a ransomware attack crippling production in factories across four countries. What ...
Read More »Cyber Security News
Microsoft fixes 88 flaws, Adobe security updates, Intel’s advisories, and many more: Patch Tuesday – Week 2, June 2019
Adobe Adobe has released security updates to fix major vulnerabilities in its Adobe Flash, Adobe ColdFusion, and Adobe Campaign software products. The update for Flashpatches a critical use-after-free vulnerability (CVE-2019-7845) that can lead to arbitrary code execution (ACE) attack. The ColdFusion updates also address three critical ACE vulnerabilities (CVE-2019-7838, CVE-2019-7839, and CVE-2019-7840) in the platform. On the other hand, seven vulnerabilities that existed ...
Read More »Vulnerability in SymCrypt could allow an attacker to perform DoS on any Windows server
The vulnerability could allow an attacker to perform DoS on any Windows server such as IPsec, Internet Information Services (IIS), and Microsoft Exchange Server. The researcher found out that any program on the system that processes the X.509 digital certificate will trigger the vulnerability causing deadlock. A vulnerability researcher at Google, Tavis Ormandy, uncovered a vulnerability in the primary cryptographic ...
Read More »‘Triple Threat’ Ransomware Attack Cripples Email Systems and Services of Lake City
The ‘Triple Threat’ ransomware program had combined three different methods of attack to target the City’s network systems. This has forced the city’s email systems, land-line phones, and credit card services to shut down. The Lake City Police Department is investigating a ransomware attack on their city network systems that resulted in the shutdown of several emergency services. The ransomware ...
Read More »New malspam campaign exploits DNS records to target victims
The spam campaign, which specifically targeted UK users, relied on DNS TXT records and redirected users to a fraudulent trading site. IP addresses associated with the campaign are likely linked with Necurs botnet. A new malspam campaign targeting UK users has been spotted in the wild. MyOnlineSecurity.com which came across a number of spam emails related to this campaign found ...
Read More »Scammers abuse Google Calendar feature to trick users into revealing their personal information
The scammers are leveraging phishing attacks to target users in this scam. The emails contain a link that exploits a common default feature of Google Calendar to include automatic addition and notification of unwanted events & invitations. Multiple cases of a sophisticated scam targeting consumers through unsolicited Google Calendar notifications has been observed recently. The main purpose of the scam ...
Read More »Consumers are Concerned About Biometrics and Online Payments
Fifty-six percent of consumers in North America and Europe are concerned about biometrics, and 81 prefer passwords for online payments due to security concerns, according to the report “Lost in Transaction: The end of Risk?”. Forty-eight percent of consumers have already authenticated a payment using some form of biometric authentication, rising to 54 percent in the UK. n mCommerce and biometric identification is marked, ...
Read More »Vulnerabilities in Hardware Security Modules (HSMs) allow attackers to retrieve sensitive data
Several vulnerabilities are detected in the HSM of a major vendor, allowing an attacker to take full control of the vendor’s HSM. The vulnerabilities could allow attackers to retrieve sensitive data stored inside Hardware Security Modules. Security researchers Gabriel Campana and Jean-Baptiste Bédrune uncovered vulnerabilities that could allow attackers to retrieve sensitive data stored inside Hardware Security Modules. What is ...
Read More »Attackers exploit major vulnerability in Oracle WebLogic Server to drop cryptominers
The vulnerability was actively exploited to install miners for cryptocurrencies such as Monero. It was reported that the malware used in the attack cloaked itself in certificate files for obfuscation. A security vulnerability in Oracle WebLogic Server was found to be actively exploited by cybercriminals to install cryptocurrency miners. Security researchers from Trend Micro discovered that the malware used in ...
Read More »New Hawkball backdoor attacks government sector in Central Asia
A newly discovered malicious backdoor by the name of Hawkball was recently observed in a campaign apparently targeting one or more Russian-speaking government entities in Central Asia, according to a blog post this week from FireEye Labs. Upon successful infection, Hawkball offers the unidentified attackers a range of malicious capabilities, writes FireEye blog post author and malware researcher Swapnil Patil. These include surveying the ...
Read More »