Vulnerability & Threat Management

20 11, 2017

Terdot Resurrects Zeus Banking Trojan, Bigger and Badder Than Before

By | November 20th, 2017|Threat Intelligence|Comments Off on Terdot Resurrects Zeus Banking Trojan, Bigger and Badder Than Before on Terdot Resurrects Zeus Banking Trojan, Bigger and Badder Than Before

Terdot builds on Zeus’ source code to do more than steal banking credentials, including eavesdrop on social media and email activity
25 10, 2017

Bad Rabbit Relies on Social Engineering, Not Exploits

By | October 25th, 2017|Threat Intelligence|Comments Off on Bad Rabbit Relies on Social Engineering, Not Exploits on Bad Rabbit Relies on Social Engineering, Not Exploits

Unlike WannaCry and Petya/NotPetya before it, the Bad Rabbit ransomware requires user interaction to download and install the payload
17 10, 2017

KRACK Targets WPA2 Protocol Putting Millions of Devices at Risk

By | October 17th, 2017|Vulnerability & Threat Management|Comments Off on KRACK Targets WPA2 Protocol Putting Millions of Devices at Risk on KRACK Targets WPA2 Protocol Putting Millions of Devices at Risk

Researchers’ POC of KRACK, a key reinstallation attack on WPA2 protocols, impacts all modern protected Wi–Fi networks
17 10, 2017

Adobe Flash Exploit Delivering FINSPY to UN Member Countries

By | October 17th, 2017|Threat Intelligence, Vulnerability & Threat Management|Comments Off on Adobe Flash Exploit Delivering FINSPY to UN Member Countries on Adobe Flash Exploit Delivering FINSPY to UN Member Countries

The BlackOasis threat actor is exploiting an Adobe Flash vulnerability to deliver the FINSPY spyware
5 10, 2017

ZNIU: Mobile Malware and Dirty COW

By | October 5th, 2017|Vulnerability & Threat Management|Comments Off on ZNIU: Mobile Malware and Dirty COW on ZNIU: Mobile Malware and Dirty COW

How a Dirty COW steals your information and your money
21 09, 2017

Microsoft Fixes .NET Zero–Day Exploited to Install Espionage Spyware

By | September 21st, 2017|Cybercrime, Patch Tuesday, Vulnerability & Threat Management|Comments Off on Microsoft Fixes .NET Zero–Day Exploited to Install Espionage Spyware on Microsoft Fixes .NET Zero–Day Exploited to Install Espionage Spyware

The .Net flaw is one of more than 80 vulnerabilities Microsoft fixed during September’s Patch Tuesday.
13 09, 2017

BlueBorne Threatens 5.3 Billion Devices

By | September 13th, 2017|Vulnerability & Threat Management|Comments Off on BlueBorne Threatens 5.3 Billion Devices on BlueBorne Threatens 5.3 Billion Devices

Eight zero–day vulnerabilities have been announced affecting Android, iOS, Windows and Linux devices
28 08, 2017

Attackers Go Retro

By | August 28th, 2017|Vulnerability & Threat Management|Comments Off on Attackers Go Retro on Attackers Go Retro

Why old vulnerabilities are still able to wreak havoc on enterprises and network worms are back in style
10 08, 2017

Next on Your Summer Reading List: Cisco’s Midyear Report

By | August 10th, 2017|Vulnerability & Threat Management|Comments Off on Next on Your Summer Reading List: Cisco’s Midyear Report on Next on Your Summer Reading List: Cisco’s Midyear Report

Cisco releases its Bible–length cybersecurity report. Aside from the stats, makes a Hail Mary to improve security (and management) through vendor consolidation.
4 08, 2017

CVEs Abound, But Not Enough to Secure the Enterprise

By | August 4th, 2017|Vulnerability & Threat Management|Comments Off on CVEs Abound, But Not Enough to Secure the Enterprise on CVEs Abound, But Not Enough to Secure the Enterprise

While MITRE improves catalog methods, it still falls short to improve vulnerability management programs and prioritization to tackle today’s threats.