The Skybox View

20 07, 2018

Spectre Reemerges With Two New Variants

By |2018-07-20T16:32:25-07:00July 20th, 2018|Vulnerability & Threat Management|Comments Off on Spectre Reemerges With Two New Variants

In January 2018, chip-level design flaws — dubbed Spectre and Meltdown — in Intel processors made headlines as they affected every Intel chip for the last decade. The vulnerabilities could allow any application running on a user-level mode to access protected kernel memory areas. The next day, researchers announced Spectre (CVE-2017-5753 and CVE-2017-5715) was present [...]

3 07, 2018

Cisco ASA Vulnerabilities See POC and Active Exploits

By |2018-07-03T13:44:31-07:00July 3rd, 2018|Uncategorized, Vulnerability & Threat Management|Comments Off on Cisco ASA Vulnerabilities See POC and Active Exploits

A vulnerability recently surfaced in Cisco ASA, affecting Cisco Firepower and other Cisco devices. Exploiting the vulnerability (CVE-2018-0296) could cause an affected device to reload unexpectedly, allowing remote denial-of-service or information disclosure due to a path transversal issue. The vulnerability exists at the web interface and applies to IPv4 and IPv6 traffic. It does not [...]

11 06, 2018

Thousands of Open Source Projects at Risk Due to Zip Slip Vulnerability

By |2018-06-18T15:37:25-07:00June 11th, 2018|Vulnerability & Threat Management|Comments Off on Thousands of Open Source Projects at Risk Due to Zip Slip Vulnerability

An archive extraction vulnerability known as Zip Slip is putting thousands of open source projects across many ecosystems at risk. These projects are within recognizable companies including Amazon, HP, Apache and many others. The June 5, 2018 disclosure was published shortly after the Zip Slip vulnerability was discovered by the Synk Security team sometime during the [...]

28 05, 2018

VPNFilter Malware: What we know so far on the router threat

By |2019-03-08T12:58:10-07:00May 28th, 2018|Threat Intelligence|Comments Off on VPNFilter Malware: What we know so far on the router threat

Recently, a malware known as “VPNFilter” was discovered infecting various types of routers. VPNFilter is a modular, multi-stage malware that works mainly on home or small office routers. Since 2016, when the malware was initially introduced, it has compromised more than 500,000 home and small office routers and NAS boxes. Infection of such a large [...]

23 05, 2018

Speculative Store Buffer Bypass, Rogue System Register Read

By |2018-05-23T17:16:43-07:00May 23rd, 2018|Vulnerability & Threat Management|Comments Off on Speculative Store Buffer Bypass, Rogue System Register Read

Bug bounties pay off, uncovering two more side-channel flaws in the wake of Meltdown and Spectre — Rogue System Register Read and Speculative Store Buffer Bypass. Timeline As soon as Google Project Zero publicized Meltdown and Spectre, researchers started hunting down related flaws. For any hackers not motivated enough by the impact of identifying such a widespread [...]

10 05, 2018

Double Kill Exploit Jumps From MS Office to Internet Explorer

By |2018-05-10T14:57:32-07:00May 10th, 2018|Threat Intelligence|Comments Off on Double Kill Exploit Jumps From MS Office to Internet Explorer

This week, Microsoft released a patch for the zero-day vulnerability (CVE-2018-8174) — central to the Double Kill exploit — affecting VBScript Engine. In this coordinated release, Qihoo 360 researchers discovered that it was exploited in the wild as early as April 18, 2018, allowing code execution by remote attackers. The vulnerability was used to install [...]

9 05, 2018

Ransomware Packs a Punch but Malicious Cryptomining Spikes

By |2018-05-10T15:24:25-07:00May 9th, 2018|Vulnerability & Threat Management|Comments Off on Ransomware Packs a Punch but Malicious Cryptomining Spikes

The last few years have seen ransomware attacks capture global headlines for the widespread and brazen tactics used to install and hold victim's data hostage. As recently as March of 2018, WannaCry reared its head again at a US-based Boeing manufacturing plant, and SamSam striking the city of Atlanta, one of the country’s largest municipalities. [...]

7 05, 2018

How Will NHS Windows 10 Upgrade Impact Risk?

By |2018-05-08T13:47:05-07:00May 7th, 2018|Vulnerability & Threat Management|Comments Off on How Will NHS Windows 10 Upgrade Impact Risk?

The NHS Windows 10 upgrade is likely a response to the crippling WannaCry attack of May 2017, which affected more than a third of English trusts and forced the cancellation of at least 6,912 appointments. According to the BBC, NHS Digital had assessed the cybersecurity standards of 88 out of 236 trusts prior to the [...]

27 04, 2018

Orangeworm and Abbott Shed Light on Healthcare Cyberthreat

By |2019-03-08T12:52:30-07:00April 27th, 2018|Healthcare|Comments Off on Orangeworm and Abbott Shed Light on Healthcare Cyberthreat

Orangeworm On April 23, Symantec published a report on the Orangeworm cyberattack. Operating since January 2015, Orangeworm infected more than 100 organizations of which 40 percent are confirmed to be at the healthcare sector, mostly located in the United States, Europe and Asia. Other affected organizations are supply chain, IT, pharmaceutical and manufacturing companies working with [...]

26 04, 2018

Drupalgeddon2 Attack Puts Sites at Risk Worldwide

By |2018-04-26T17:01:53-07:00April 26th, 2018|Threat Intelligence|Comments Off on Drupalgeddon2 Attack Puts Sites at Risk Worldwide

Drupal, a popular open-source content management system (CMS) used by more than a million sites worldwide, published yesterday another security advisory rated as highly critical in response to the Drupalgeddon2 attack. This is the third security advisory from Drupal within the last 30 days. Drupalgeddon2 Vulnerability On March 28, Drupal published CVE-2018-7600. Dubbed Drupalgeddon2, the [...]