Home | Latest News | Popular News | Our Network | About | Contact
Security Research News | www.SecurityPhresh.com
Security Research News
Showing 'Security Research News' from 31 to 40
FireEye Uncovers CVE-2017-8759: Zero-Day Used In The Wild To Distribute FINSPY,FireEye Uncovers CVE-2017-8759: Zero-Day Used In The Wild To Distribute...
5th Sep 2019 [19 days ago] from FireEye Research
FireEye recently detected a malicious Microsoft Office RTF documentthat leveraged CVE-2017-8759,a SOAP WSDLparser code injection vulnerability. This vulnerability allows amalicious actor to inject arbitrary code during the parsing of SOAPWSDL...
Why Is North Korea So Interested In Bitcoin?,Why Is North Korea So Interested In Bitcoin?
5th Sep 2019 [19 days ago] from FireEye Research
In 2016 we began observing actors we believe to be North Koreanutilizing their intrusion capabilities to conduct cyber crime,targeting banks and the global financial system. This marked adeparture from previously observed activity of North...
Foundations Of Microsoft Flow—secure And Compliant Automation, Part 1
5th Sep 2019 [19 days ago] from Microsoft
In part 1 of our two-part series, we introduce a security minded audience to Microsoft Flow—an automation service with a strong security and compliance foundation. The post Foundations of Microsoft Flow—secure and compliant automation,...
Spam Campaign Abuses PHP Functions For Persistence, Uses Compromised Devices For Evasion And Intrusion
5th Sep 2019 [19 days ago] from TrendMicro
We found a spam campaign that uses compromised devices to attack vulnerable web servers. From the devices, attackers use a PHP script to send an email with an embedded link to a scam site to specific email addresses. The use of compromised...
Ransomware Protection And Containment Strategies: Practical Guidance For Endpoint Protection, Hardening, And Containment
4th Sep 2019 [19 days ago] from FireEye Research
Ransomware is a global threat targeting organizations in allindustries. The impact of a successful ransomware event can bematerial to an organization - including the loss of access to data,systems, and operational outages. The potential...
Glupteba Campaign Hits Network Routers And Updates C&C Servers With Data From Bitcoin Transactions
4th Sep 2019 [20 days ago] from TrendMicro
After looking into the recent variant of the Glupteba dropper delivered from a malvertising attack, we found that the dropper downloaded two undocumented components aside from the Glupteba malware—a browser stealer and a router exploiter....
‘Satori’ IoT Botnet Operator Pleads Guilty
3rd Sep 2019 [20 days ago] from Krebsonsecurity
A 21-year-old man from Vancouver, Wash. has pleaded guilty to federal hacking charges tied to his role in operating the "Satori" botnet, a crime machine powered by hacked Internet of Things (IoT) devices that was built to conduct massive...
Spam In Your Calendar? Here’s What To Do.
3rd Sep 2019 [21 days ago] from Krebsonsecurity
Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working. But periodically they circle back to old tricks, and few spam trends are as perennial as calendar spam, in...
SharPersist: Windows Persistence Toolkit In C#
3rd Sep 2019 [21 days ago] from FireEye Research
BackgroundPowerShell has been used by the offensive community for severalyears now but recent advances in the defensive security industry arecausing offensive toolkits to migrate from PowerShell to reflective C#to evade modern security...
Deep Learning Rises: New Methods For Detecting Malicious PowerShell
3rd Sep 2019 [21 days ago] from Microsoft
We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATPs coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector. The...
« Newer 1 2 3 4 5 6 7 8 9 10 Older »