The TorrentLocker ransomware, which has been in a lull as of late, has recently come back with new variants that are using a new delivery mechanism that uses abused Dropbox accounts. This new type of attack is in line with our 2017 prediction that ransomware would continue to evolve beyond the usual attack vectors.Read More
Apache Struts is a free and open-source framework used to build Java web applications. We looked into past several Remote Code Execution (RCE) vulnerabilities reported in Apache Struts, and observed that in most of them, attackers have used Object Graph Navigation Language (OGNL) expressions. The use of OGNL makes it easy to execute arbitrary code remotely because Apache Struts uses it for most of its processes.
Using OGNL, a researcher found a new remote code execution vulnerability in Apache Struts 2, designated as CVE-2017-5638. An exploit has been reported to be already in the wild; our own research and monitoring have also seen attacks using the vulnerability.Read More
Based on an INTERPOL survey, West African cybercriminals stole an average of US$2.7 million from businesses and an average of US$422,000 from individuals from 2013 to 2015. Scams, whether simple (like 419 or Nigerian prince scams) or complex (like business email compromise [BEC] scams), run rampant in the West African threat landscape. In fact, most of the online scams we see now may have to do with the increase in the region’s cybercriminal activity volume.Read More
Problems with hardcoded credentials are hitting consumer IoT devices, industrial SCADA devices, and even critical infrastructure. Despite the appeal on source code and firmware audition, this type of vulnerability recurs and threatens users’ privacy and data security.Read More
Due to three recently disclosed Microsoft vulnerabilities, the use of Intrusion prevention system (IPS) protection to shield against vulnerabilities (often referred to as Virtual Patching) is back in the spotlight. These allow systems to be protected even if patches have not yet been released by vendors.Read More