Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
We are Saddened by the Loss of our CTO, Raimund Genes
On Friday, March 24, we were saddened to learn that our chief technology officer, Raimund Genes, died unexpectedly at his family home in Germany. It is an incredible loss for us all, and one that still has us wishing it were not true.
Cerber Started Evading Machine Learning
The CERBER family of ransomware has been found to have adopted a new technique to make itself harder to detect: it is now using a new loader that appears to be designed to evade detection by machine learning solutions. This loader is designed to hollow out a normal process where the code of CERBER is instead run.
Apple Blocked ‘Locked for Illegal Pornography’ Ransomware
A scareware group has been seeding bogus websites with malicious JavaScript that locks Apple iOS devices and demands a ransom, payable as an iTunes gift card code. But the flaw exploited in the attack is blocked in iOS 10.3, released March 27 as part of a big batch of Apple security updates.
NASDAQ’s Chief Information Security Officer has Two Big Cybersecurity Fears
There are many threats facing NASDAQ from criminals to hacktivists to nation states. CISO Modano’s observations provide insight into the big-picture problems that businesses, cybersecurity professionals, and policymakers should be thinking about.
IIS 6.0 Vulnerability Leads to Code Execution
Microsoft Internet Information Services (IIS) 6.0 is vulnerable to a zero-day Buffer Overflow vulnerability (CVE-2017-7269) due to an improper validation of an ‘IF’ header in a PROPFIND request. A remote attacker could exploit this vulnerability in the IIS WebDAV Component with a crafted request using PROPFIND method.
VMWare Patched Critical Virtual Machine Escape Flaws
VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines. The patches fix four vulnerabilities that affect VMware ESXi, VMware Workstation Pro and Player and VMware Fusion.
Report Says Smartphone Malware Increased 400% in 2016
A recent report states mobile device malware infections reached an all-time high last year. Smartphones were by far the most vulnerable devices, with infections that rose nearly 400% in 2016. Attacks on smartphones represented 85% of all mobile device infections in the second half of the year, according to the report.
Microsoft Patched a Vulnerability Exploited by AdGholas and Neutrino
Part of this month’s Patch Tuesday is an update for a zero-day information disclosure vulnerability (CVE-2017-0022), which we privately reported to Microsoft in September 2016. This vulnerability was used in the AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
One of the Most Dangerous Forms of Malware Has Just Evolved to Be Harder to Spot
One of the most common forms of ransomware is evolving a new technique in order to become even more effective and harder to detect: the ability to evade detection by cybersecurity tools which use machine learning to identify threats.
3.7 Million Hong Kong Voters’ Personal Data was Stolen
Hong Kong could be facing one of the most significant data breaches in its history. Two computers holding the personal data of 3.7 million voters have been reported stolen by the city’s Registration and Electoral Office. The computers were taken from a locked room at the AsiaWorld-Expo on Lantau, according to South China Morning Post.
Crowdstrike Rewrites Part of Disputed Russian Hacking Report
U.S. cybersecurity firm CrowdStrike has revised and retracted statements it used to buttress claims of Russian hacking during last year’s American presidential election campaign. The shift followed a VOA report that the company misrepresented data published by an influential British think tank.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.