Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


 Robots Can Crack Safes

Robots can crack safes faster than humans — and differently. We’re going to have to start thinking about robot adversaries as we design our security systems.  From Wired via Schneier.

https://www.wired.com/story/watch-robot-crack-safe/


[WordPress Security] Ransomware Targeting WordPress – An Emerging Threat

Over the past month, the Wordfence team has been tracking a ransomware campaign that is actively targeting WordPress websites. This is a change in tactic for attackers. Rather than using a hacked WordPress site for spam, they can now encrypt your data and extort money from you directly.

Today on the blog we analyze in depth the ransomware sample we captured. We also identify where the attacks are coming from and describe how you can protect yourself from this emerging threat.

You can find the full story on the Wordfence official blog…


Mozilla Releases Security Update

08/21/2017 07:32 AM EDT  Original release date: August 21, 2017

Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.3 and apply the necessary update.


This Is a First: Compromised PowerPoint Slide Deck Bypasses Antivirus

Bad guys are exploiting the CVE-2017-0199 vulnerability to bypass endpoint security software and deliver the Remcos remote access Trojan via Microsoft PowerPoint decks.

This particular flaw in the Windows Object Linking and Embedding (OLE) interface is normally used to deliver infected RTF documents, but researchers at Trend Micro have spotted cyber criminals using it to compromise PowerPoint slide show files for the first time.

Critically, since most methods of detecting the CVE-2017-0199 vulnerability focus on the RTF attack method, the use of the PPSX PowerPoint as an attack vector means attackers can code the malware to avoid antivirus detection.

More at the KnowBe4 blog, with links and screenshots:
https://blog.knowbe4.com/this-is-a-first-spear-phishing-attack-uses-compromised-powerpoint-slide-deck

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.