The Skybox View

10 09, 2018

Android API Vulnerability Exposes Sensitive Customer Information

By |2018-09-10T16:02:24-07:00September 10th, 2018|Vulnerability & Threat Management|

Researchers from Nightwatch Cybersecurity have discovered an Android API vulnerability (CVE-2018-9489) in the Google Android OS which exposes sensitive information about the user’s device to any app that’s installed on the phone — regardless of whether the app requires that data to function. The sensitive information passes via a system broadcast and includes the WiFi network [...]

27 08, 2018

Security Automation: Can it Fix What Ails Enterprises Cybersecurity Programs?

By |2018-08-27T17:09:05-07:00August 27th, 2018|Security Automation|

A report on our seminal security automation survey was released today with insights on how enterprises are already using automation, where they’re finding benefits and challenges and what’s been the impact to their business. The stats must have been swimming in my head as it seemed everywhere I turned in recent weeks, themes of automation, [...]

21 08, 2018

MikroTik Routers Infected in Mass-Scale Coinhive Cryptojacking Campaign

By |2018-08-21T14:06:30-07:00August 21st, 2018|Threat Intelligence|

A massive cryptojacking campaign that targets MikroTik routers and utilizes Coinhive was initially discovered on July 31 and has infected more than 200,000 routers worldwide. The Coinhive malware started spreading on routers in Brazil and later targeted MikroTik routers in other countries around the globe. MikroTik Infection Process and Exploit Method The infection exploited a [...]

15 08, 2018

Ransomware in India: the SamSam Ransomware and Beyond

By |2018-08-15T12:52:48-07:00August 15th, 2018|Vulnerability & Threat Management|

A Sophos survey shed light on the state of ransomware in India. It revealed that 67 percent of Indian respondents reported being hit by ransomware in the last year. Due to a number of factors, it’s likely Indian business will see an increase in cyberattacks in the near future. SamSam ransomware could be one of [...]

27 07, 2018

Oracle WebLogic Vulnerability Used for Cryptomining and Other Attacks

By |2018-07-30T09:23:30-07:00July 27th, 2018|Threat Intelligence|

A critical Oracle WebLogic vulnerability (CVE-2018-2893) is being utilized by attackers three days after the publication of a proof of concept. Since the sample exploit code was released, there has been a rise in its exploitation attempts. The vulnerability has received a "critical" severity level and a score of 9.8 out of 10 on the [...]