Privilege escalation on Unix machines via plugins for text editors

Several of the most popular extensible text editors for Unix environments could be misused by attackers to escalate privileges on targeted systems, SafeBreach researchers have found. They tested Sublime, Vim, Emacs, Gedit, Pico and its clone Nano on machines running Ubuntu, and have managed to exploit the process of loading plugins to achieve privilege escalation […]

Orbitz says hacker stole two years’ worth of customer data

Travel booking website Orbitz has been hacked, the company said. The site, now owned by Expedia, confirmed in a statement that it “identified and remediated a data security incident affecting a legacy travel booking platform.” According to the statement, the company found evidence in March that an attacker had access to the company’s legacy systems between […]

A look inside the big business of cybercrime

For three months, Armor’s Threat Resistance Unit (TRU) research team compiled and analyzed data from the black market to shed light on the type of activity threat actors are participating in and how underground forums operate in the burgeoning industry. Just as big businesses operate based on regulations, the laws of supply and demand, and even customer […]

Email fraud warning: Now hackers want your data as well as your money

Fraudsters are launching phishing campaigns that come in the shape of emails pretending to be from someone within the same organisation as the victim — and the crooks are increasingly targeting data rather than money. Email fraud, particularly business email compromise, hit the headlines when the FBI said this particular form of cybercriminal activity cost victims […]

Hackers are using a Flash flaw in fake document in this new spying campaign

A hacking group is using updated cyber-attacks as part of a campaign targeting a European government, in what’s thought to be a continued attempt to conduct espionage and surveillance. The latest campaign by the Fancy Bear group — also known as Sofacy and APT28, and believed to be linked to the Kremlin — has been uncovered by researchers […]

PinkKite point of sale malware spotted in the wild

Researchers have discovered a new family of point-of-sale (PoS) malware which is far more powerful than its small size would have you believe. As reported by ThreatPost, researchers from Kroll Cyber Security spotted the new malware, dubbed PinkKite, in 2017. According to Kroll Cyber Security, PinkKite was uncovered during an investigation into a nine-month PoS campaign […]

DDoS explained: How distributed denial of service attacks are evolving

A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it’s one system that is sending […]

What Is Strategic Threat Intelligence?

Threat intelligence is a category of intelligence that focuses on information security. As defined by Gartner, it is “evidence-based knowledge…about an existing or emerging menace or hazard…to inform decisions regarding the subject’s response to that menace or hazard.” Essentially, threat intelligence provides you with curated information to inform you about potential malicious activity and helps […]

CIGslip Lets Attackers Bypass Microsoft Code Integrity Guard

A new attack method lets attackers bypass Microsoft’s Code Integrity Guard (CIG) and inject malicious code into protected processes, including Microsoft Edge. Researchers at Morphisec this week disclosed the details of the technique and proof-of-concept code. CIG is a mitigation that was first introduced in Windows 10 in 2015, and later became part of Device Guard. It […]

Organizations Shouldn’t Ignore Threat of Mining Malware

A report by NTT Security has warned that organizations could be targeted by malware designed for mining cryptocurrency. Researchers a NTT Security’s Global Threat Intelligence Center (GTIC) share their research into a type of malware solely designed to mine Monero (XMR), a form of cryptocurrency affording its users the greatest amount of anonymity. “Monero mining malware is installed on the […]