Every major OS maker misread Intel’s docs. Now their kernels can be hijacked or crashed

Linux, Windows, macOS, FreeBSD, and some implementations of Xen have a design flaw that could allow attackers to, at best, crash Intel and AMD-powered computers. At worst, miscreants can, potentially, “gain access to sensitive memory information or control low-level operating system functions,” which is a fancy way of saying peek at kernel memory, or hijack the critical code running the machine. The vulnerabilities can be exploited by malware running on a computer, or a malicious logged-in user. Patches are now available to correct the near-industry-wide programming blunders.

‘I’m hacked’ message left on dozens of defaced Canon IoT security cameras in Japan

“I’m Hacked. bye2” – That’s the message left behind on most of the hacked Canon security cameras in Japan. Over 60 cameras were hijacked and defaced on Sunday, but dozens more had been hacked over the last several weeks. Some victims reportedly are locked out of their cameras; they can’t control them and they can’t correct the defacement. That’s because they didn’t bother to change the default password, but the attacker did. As of right now, only Canon security cameras in Japan have been targeted.

Nice Phishing Sample Delivering Trickbot, (Wed, May 9th)

Users have to deal with phishing for a very long time. Today, most of them remain dumb messages quickly redacted with a simple attached file and a message like “Click on me, it’s urgent!”. Yesterday, I put my hands on a very nice sample that deserve to be dissected to demonstrate that phishing campaigns remain an excellent way to infect a computer! In the following scenario, nobody was hurt and the targeted user took the right action to report it to the security team.

Let’s review the classic initial email:

When the victim clicks on the link, this initial screen is displaying mimicking a PDF file. Note that the password in the mail body is not used.

The different links do not work and only empty pages are displayed from the fake PDF. What will most of the users do in this situation? They scroll down! This event can be intercepted by JavaScript:

window.onscroll = function (e) { // called the malicious code. }

The King is dead. Long live the King!

In late April 2018, a new zero-day vulnerability for Internet Explorer (IE) was found using our sandbox; more than two years since the last in the wild example (CVE-2016-0189). This particular vulnerability and subsequent exploit are interesting for many reasons. The following article will examine the core reasons behind the latest vulnerability, CVE-2018-8174.

Cryptojacking malware was secretly mining Monero on many government and university websites

A new report published by security researched Troy Mursch details how the cryptocurrency mining code known as Coinhive is creeping onto unsuspecting sites around the web. Mursch recently detected the Coinhive code running on nearly 400 websites, including ones belonging to the San Diego Zoo, Lenovo and another for the National Labor Relations Board. The full list is available here.

Facebook United

Facebook was a mess. The independence it dangled to close acquisition deals with Instagram and WhatsApp turned the company into a tangle of overlapping products. Every app had its own messaging and Stories options. Economies of scale were squandered. Top innovators led mature products already bursting at the seams with features while new opportunities went unseized.

Fighting SOC Alert Overload With Effective Threat Intelligence

Key Takeaways

  • Threat intelligence isn’t just a silo in security and has advantages to bring to many different roles in your organization.
  • Teams triaging alerts in security operations centers (SOCs) are overwhelmed with event data that has no context.
  • Threat intelligence packaged correctly for the SOC analyst can make them 10 times more productive.

The concept of threat intelligence and its potential usefulness to any business that’s serious about cybersecurity is not difficult to grasp. The more you know about potential attacks, how you might be attacked, and what those attacks will target, the better equipped you are to defend and align your resources effectively.