Orangeworm cyber espionage group target Healthcare organizations worldwide

Symantec researchers have monitored the activity of a cyber espionage group tracked as Orangeworm that targets organizations in the healthcare sector. Security experts at Symantec have published a report on the activity of a cyber espionage group tracked as Orangeworm that targets healthcare organizations. “Symantec has identified a previously unknown group called Orangeworm that has […]

The post Orangeworm cyber espionage group target Healthcare organizations worldwide appeared first on Security Affairs.

CSE-News / 22 Apr 2018

Google Project Zero hacker discloses a Zero-Day in Windows Lockdown Policy

Google researcher has publicly disclosed a Windows 10 zero-day that could be exploited by attackers to bypass Windows Lockdown Policy on systems with User Mode Code Integrity (UMCI). Google has publicly disclosed a Windows 10 zero-day vulnerability that could be exploited by attackers to bypass Windows Lockdown Policy on systems with User Mode Code Integrity (UMCI) enabled […]

The post Google Project Zero hacker discloses a Zero-Day in Windows Lockdown Policy appeared first on Security Affairs.

CSE-News / 22 Apr 2018

Take These Steps to Secure Your WordPress Website Before It’s Too Late

You might have heard that WordPress security is often referred to as hardening, WordPress website security is all about putting locks on doors and windows and having lookouts on each of your “towers.” You might have heard that WordPress security is often referred to as “hardening.” While the name might cause a few eyebrows to […]

The post Take These Steps to Secure Your WordPress Website Before It’s Too Late appeared first on Security Affairs.

CSE-News / 22 Apr 2018

CVE-2018-0229 flaw in SAML implementation threatens Firepower, AnyConnect and ASA products

Cisco has announced a set of security patches that address the CVE-2018-0229 vulnerability in its implementation of the Security Assertion Markup Language (SAML). The CVE-2018-0229 flaw could be exploited by an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. “A vulnerability in the implementation of Security […]

The post CVE-2018-0229 flaw in SAML implementation threatens Firepower, AnyConnect and ASA products appeared first on Security Affairs.

CSE-News / 22 Apr 2018

Health Stream left exposed online a database containing contact data for roughly 10,000 medics

An IT professional has discovered that the US healthcare company Health Stream left exposed online contact information for roughly 10,000 medics. The IT expert Brian Wethern has discovered that the US healthcare company Health Stream left exposed online a database containing contact information for roughly 10,000 medics. Wethern reported his discovery to Health Stream ten days ago, he explained that […]

The post Health Stream left exposed online a database containing contact data for roughly 10,000 medics appeared first on Security Affairs.

CSE-News / 22 Apr 2018

SunTrust unfaithful employee may have stolen data on 1.5 Million customers

SunTrust Banks Inc announced it discovered that a former employee may have attempted to download information on nearly 1.5 million clients and share it a criminal organization. A former employee at the SunTrust Bank may have stolen data on 1.5 million clients,  including names, addresses, phone numbers, and account balances. “The company became aware of potential […]

The post SunTrust unfaithful employee may have stolen data on 1.5 Million customers appeared first on Security Affairs.

CSE-News / 21 Apr 2018

Experts spotted spam campaigns delivering XTRAT and DUNIHI backdoors bundled with the Adwind RAT

Security experts at Trend Micro have spotted spam campaigns delivering XTRAT and DUNIHI Backdoors and Loki malware bundled with the Adwind RAT. Malware researchers at Trend Micro have uncovered a spam campaign that delivers the infamous Adwind RAT (aka jRAT) alongside the XTRAT backdoor (aka XtremeRAT) and the Loki info stealer. In a separate Adwind RAT spam campaign, the researchers observed the use […]

The post Experts spotted spam campaigns delivering XTRAT and DUNIHI backdoors bundled with the Adwind RAT appeared first on Security Affairs.

CSE-News / 21 Apr 2018

Security Affairs newsletter Round 159 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·      Microsoft engineer charged with money laundering linked to Reveton ransomware ·      TrueMove H, […]

The post Security Affairs newsletter Round 159 – News of the week appeared first on Security Affairs.

CSE-News / 21 Apr 2018

Unscrupulous crooks behind the RansSIRIA Ransomware try to exploit attentions on Syrian refugee crisis

Researchers at MalwareHunterTeam have discovered a new strain of ransomware called RansSIRIA that encrypts victim’s files and then states it will donate the ransom to Syrian refugees. Unscrupulous cybercriminals try to exploit every situation, even the most dramatic incidents. In the past, crooks attempted to exploits the media attention on dramatic events such as the Boston Marathon, the […]

The post Unscrupulous crooks behind the RansSIRIA Ransomware try to exploit attentions on Syrian refugee crisis appeared first on Security Affairs.

CSE-News / 21 Apr 2018

AlienVault presents OTX Endpoint Threat Hunter, its innovative free endpoint scanning service

Threat intelligence firm AlienVault announced the launch of a free endpoint scanning service, called OTX Endpoint Threat Hunter. Threat intelligence firm AlienVault announced the launch of a free endpoint scanning service, called OTX Endpoint Threat Hunter, that allows private firms and security experts to identify threats in their networks. “OTX Endpoint Threat Hunter is a free threat-scanning […]

The post AlienVault presents OTX Endpoint Threat Hunter, its innovative free endpoint scanning service appeared first on Security Affairs.

CSE-News / 20 Apr 2018