Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
On Friday, March 24, we were saddened to learn that our chief technology officer, Raimund Genes, died unexpectedly at his family home in Germany. It is an incredible loss for us all, and one that still has us wishing it were not true.
The CERBER family of ransomware has been found to have adopted a new technique to make itself harder to detect: it is now using a new loader that appears to be designed to evade detection by machine learning solutions. This loader is designed to hollow out a normal process where the code of CERBER is instead run.
There are many threats facing NASDAQ from criminals to hacktivists to nation states. CISO Modano’s observations provide insight into the big-picture problems that businesses, cybersecurity professionals, and policymakers should be thinking about.
Microsoft Internet Information Services (IIS) 6.0 is vulnerable to a zero-day Buffer Overflow vulnerability (CVE-2017-7269) due to an improper validation of an ‘IF’ header in a PROPFIND request. A remote attacker could exploit this vulnerability in the IIS WebDAV Component with a crafted request using PROPFIND method.
VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines. The patches fix four vulnerabilities that affect VMware ESXi, VMware Workstation Pro and Player and VMware Fusion.
A recent report states mobile device malware infections reached an all-time high last year. Smartphones were by far the most vulnerable devices, with infections that rose nearly 400% in 2016. Attacks on smartphones represented 85% of all mobile device infections in the second half of the year, according to the report.
Part of this month’s Patch Tuesday is an update for a zero-day information disclosure vulnerability (CVE-2017-0022), which we privately reported to Microsoft in September 2016. This vulnerability was used in the AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
One of the most common forms of ransomware is evolving a new technique in order to become even more effective and harder to detect: the ability to evade detection by cybersecurity tools which use machine learning to identify threats.
Hong Kong could be facing one of the most significant data breaches in its history. Two computers holding the personal data of 3.7 million voters have been reported stolen by the city’s Registration and Electoral Office. The computers were taken from a locked room at the AsiaWorld-Expo on Lantau, according to South China Morning Post.
U.S. cybersecurity firm CrowdStrike has revised and retracted statements it used to buttress claims of Russian hacking during last year’s American presidential election campaign. The shift followed a VOA report that the company misrepresented data published by an influential British think tank.
Please add your thoughts in the comments below or follow me on Twitter; @JonLClay.