Silensec Newsletter

Category: News

Top News

FBI warns companies about hackers increasingly abusing RDP connections

In a recent publication issued by the FBI, is a warning to companies about the dangers of leaving RDP (Remote Desktop Protocol) endpoints exposed online. In its alert, the FBI mentions that the number of computers with an RDP connection left accessible on the Internet has gone up since mid and late 2016.

This assertion from the FBI correlates with numbers and trends reported by cybersecurity firms in the past few years.


New Linux Kernel bug affects Red Hat, CentOS, and debian distributions

Security researchers have published the details and proof-of-concept PoC exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system.

The vulnerability, discovered by cloud-based security and compliance solutions provider Qualys, which has been dubbed "Mutagen Astronomy," affects the kernel versions released between July 2007 & July 2017, impacting the Red Hat Enterprise Linux, CentOS, and Debian distributions.


Major Hacks of the Week

Phorpiex bots target remote access servers to deliver ransomware

Threat actors are brute-forcing their way into enterprise endpoints running server-side remote access applications and attempting to spread the GandCrab ransomware onto other enterprise computers, SecurityScorecard researchers are warning.

Their weapon of choice is Phorpiex/Trik, a bot with worm capabilities that allows it to spread to other systems by copying itself to USBs and other removable drives.


Pangu hackers have jailbroken iOS 12 on Apple's new iPhone XS

The Chinese hacking team Pangu is back and has once again surprised everyone with a jailbreak for iOS 12 running on the brand-new iPhone XS. Well, that was really fast.

Pangu jailbreak team has been quiet for a while, since it last released the untethered jailbreak tool for iOS 9 back in October 2015.

Jailbreaking is a process of removing limitations on Apple's iOS devices so users can install 3rd-party software not certified by Apple.


Major Vulnerabilities Disclosed

Banking trojan found in call recorder app on Play Store - stole over 10,000 euro

Android is one of the most vulnerable mobile operating systems with hackers developing new Android malware and banking trojan every 17 seconds.

Recently an IT security researcher at ESET discovered a nasty piece of banking trojan targeting unsuspected Android users on Play Store.

The trojan was downloaded and installed by over 10,000 users and so far stole more than 10,000 euros.


Critical flaw affects Cisco Video Surveillance Manager

Cisco has fixed a critical vulnerability in the Cisco Video Surveillance Manager software running on some Connected Safety and Security Unified Computing System UCS platforms.

The flaw could give an unauthenticated, remote attacker the ability to execute arbitrary commands as root on targeted systems. The software running on certain systems includes default, static credentials for the root account that could allow attackers to gain root access.


Legal, Regulatory and Corporate
Security and Beyond

Facebook Warns Memphis Police: No More Fake “Bob Smith” Accounts

Facebook has a problem: an infestation of undercover cops. Despite the social platform’s explicit rules that the use of fake profiles by anyone - police included - is a violation of terms of service, the issue proliferates.

While the scope is difficult to measure, EFF has identified scores of agencies who maintain policies that explicitly flaunt these rules.


Malware disguised as job offers targets freelancers

A report by cybersecurity experts shows that hackers are using freelancing web applications such as the Fiverr and Freelancer to distribute malware disguised as job offers which contain attachments that are pretending to be a job description but are actually installing keyloggers such as Agent Tesla or Remote Access Trojan RATs in victim files.


Security Awareness Tip

How To spot Identity Theft

  • Closely monitor your bank accounts, credit reports and any other financial accounts you may have. If the financial companies you do business with offer activity alerts, sign up for them. And if you receive an alert or your financial institution reports unusual account activity, respond as soon as possible.
  • Pay attention to your regular utility bills and bank statements. If you suddenly stop receiving bills, this can be a red flag - a criminal could be using your information to have these accounts transferred to their own address.
  • Suddenly receiving credit cards in the mail that you did not apply for.
  • Receiving calls from debt collectors for goods and services you did not sign up for.
  • Being unable to log into a website using your normal password
Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.

Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed