Skybox Security Blog - Cybersecurity from The Skybox View

7 12, 2018

Permalink
Gallery
Zero-Day Attack on Russia Prompts OOB Patches

Threat Intelligence

Zero-Day Attack on Russia Prompts OOB Patches

By Shannon Ragan| 2018-12-07T12:03:22+00:00 December 7th, 2018|Threat Intelligence|Comments Off on Zero-Day Attack on Russia Prompts OOB Patches on Zero-Day Attack on Russia Prompts OOB Patches

A malicious Word document was used to exploit an Abobe Flash Player bug in a targeted zero-day attack on Russia

Tags: Adobe Flash Player, Adobe PSIRT, CVE-2018-15982, Gigamon, Hacking Team, Microsoft operating systems, Out-of-Band Patch, Qihoo, use-after-free, Zero-day attack on Russia

8 11, 2018

Permalink
Gallery
Bleedingbit Vulnerabilities Could Affect Enterprises Worldwide

Vulnerability & Threat Management

Bleedingbit Vulnerabilities Could Affect Enterprises Worldwide

By Skybox Blog Team| 2018-11-08T16:28:12+00:00 November 8th, 2018|Vulnerability & Threat Management|Comments Off on Bleedingbit Vulnerabilities Could Affect Enterprises Worldwide on Bleedingbit Vulnerabilities Could Affect Enterprises Worldwide

The Bleedingbit vulnerabilities impact Bluetooth low-energy chips used in millions of wireless access points

Tags: Aironet, Armis, Aruba, Bleedingbit, Bluetooth low-energy, Cisco access point, CVE-2018-16986, CVE-2018-7080, Meraki, Meraki access point, Texas Instruments

16 10, 2018

Permalink
Gallery
Foreshadow Vulnerabilities Impact Siemens Products

Vulnerability & Threat Management

Foreshadow Vulnerabilities Impact Siemens Products

By Skybox Blog Team| 2018-10-23T14:26:14+00:00 October 16th, 2018|Vulnerability & Threat Management|Comments Off on Foreshadow Vulnerabilities Impact Siemens Products on Foreshadow Vulnerabilities Impact Siemens Products

Foreshadow, or L1 terminal fault vulnerabilities, in various Siemens industrial products could put the most isolated and secure microprocessor memory at risk

Tags: Foreshadow, Foreshadow CVE, L1 Terminal Fault, RUGGEDCOM, Siemens products affected by Foreshadow, SIMATIC, SIMOTION, SINUMERIK

8 10, 2018

Permalink
Gallery
TSMC WannaCry Hits OT Plants with a Hefty Price Tag

Uncategorized, Vulnerability & Threat Management

TSMC WannaCry Hits OT Plants with a Hefty Price Tag

By Skybox Blog Team| 2018-11-01T15:07:13+00:00 October 8th, 2018|Uncategorized, Vulnerability & Threat Management|Comments Off on TSMC WannaCry Hits OT Plants with a Hefty Price Tag on TSMC WannaCry Hits OT Plants with a Hefty Price Tag

The TSMC WannaCry attack is yet another reminder in the constant vigilance of vulnerability management — and the effect it can have on your bottom line

Tags: air gap, fab tools, MS17-010, operational technology, ransomware, Taiwan Semiconductor, TSMC WannaCry, WannaCrypt

10 09, 2018

Permalink
Gallery
Android API Vulnerability Exposes Sensitive Customer Information

Vulnerability & Threat Management

Android API Vulnerability Exposes Sensitive Customer Information

By Skybox Blog Team| 2018-09-10T16:02:24+00:00 September 10th, 2018|Vulnerability & Threat Management|Comments Off on Android API Vulnerability Exposes Sensitive Customer Information on Android API Vulnerability Exposes Sensitive Customer Information

Attackers could use the Android API vulnerability to physically locate a user, track their online activity or target them with ads

Tags: Android 9 Pie, Android API, Android OS, Android P, CVE-2018-9489, intent message, listening ports, physically locate a user

27 08, 2018

Permalink
Gallery
Security Automation: Can it Fix What Ails Enterprises Cybersecurity Programs?

Security Automation

Security Automation: Can it Fix What Ails Enterprises Cybersecurity Programs?

By Michelle Johnson Cobb| 2018-08-27T17:09:05+00:00 August 27th, 2018|Security Automation|Comments Off on Security Automation: Can it Fix What Ails Enterprises Cybersecurity Programs? on Security Automation: Can it Fix What Ails Enterprises Cybersecurity Programs?

New security automation survey reveals many organizations struggling with core security issues, yet automation initiatives driven by cost-cutting concerns

Tags: automation and cloud, Michael Osterman, Osterman Research, security automation, security automation survey, self-driving car

21 08, 2018

Permalink
Gallery
MikroTik Routers Infected in Mass-Scale Coinhive Cryptojacking Campaign

Threat Intelligence

MikroTik Routers Infected in Mass-Scale Coinhive Cryptojacking Campaign

By Skybox Blog Team| 2018-08-21T14:06:30+00:00 August 21st, 2018|Threat Intelligence|Comments Off on MikroTik Routers Infected in Mass-Scale Coinhive Cryptojacking Campaign on MikroTik Routers Infected in Mass-Scale Coinhive Cryptojacking Campaign

More than 200,000 MikroTik routers have been infected worldwide, an upgrade to the firmware is available

Tags: CoinHive, cryptocurrency mining, cryptojacking, CVE-2018-14847, MikroTik, routers in Brazil, Simon Kenin, Trustwave, Winbox

15 08, 2018

Permalink
Gallery
Ransomware in India: the SamSam Ransomware and Beyond

Vulnerability & Threat Management

Ransomware in India: the SamSam Ransomware and Beyond

By Skybox Blog Team| 2018-08-15T12:52:48+00:00 August 15th, 2018|Vulnerability & Threat Management|Comments Off on Ransomware in India: the SamSam Ransomware and Beyond on Ransomware in India: the SamSam Ransomware and Beyond

Survey shows ransomware in India is prevalent, ranking sixth among countries affected by SamSam — how will they cope?

Tags: bitcoin, infection method of SamSam, malicious coding, model of the attack surface, ransomware attacks, ransomware in India, SamSam, Sophos survey

27 07, 2018

Permalink
Gallery
Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks

Threat Intelligence

Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks

By Skybox Blog Team| 2018-07-30T09:23:30+00:00 July 27th, 2018|Threat Intelligence|Comments Off on Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks on Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks

A recently published Oracle WebLogic vulnerability has been exploited in large-scale campaigns, many to mine cryptocurrency for the attackers such as Iuoxk Group

Tags: cryptocurrency, Cryptomining, DSL(Nitol), Gh0st, Iuoxk, Monero, Oracle WebLogic vulnerability, xmrig

26 07, 2018

Permalink
Gallery
Cryptominers Surpass Ransomware as Most Widespread Cybercrime Malware

Vulnerability & Threat Management

Cryptominers Surpass Ransomware as Most Widespread Cybercrime Malware

By Victoria Schmidt| 2018-07-26T14:31:09+00:00 July 26th, 2018|Vulnerability & Threat Management|Comments Off on Cryptominers Surpass Ransomware as Most Widespread Cybercrime Malware on Cryptominers Surpass Ransomware as Most Widespread Cybercrime Malware

Report shows malicious cryptominers and ransomware trading places in attack popularity between the last half of 2017 and first half of 2018

Tags: browser-based malware, cryptominers, Cryptomining, cybercrime, Monero, ransomware, Skybox Research Lab, Vulnerability and Threat Trends Report