Silensec Newsletter

Category: News

Top News

Microsoft warns about 2 apps that installed root certificates; leaked the private keys

Microsoft has issued a security advisory today warning that two applications accidentally installed two root certificates on users' computers, and then leaked the private keys for all.

The software developer's mistake means that malicious third-parties can extract the private keys from the two applications and use them to issue forged certificates to spoof legitimate websites and software publishers for years to come.


Two celebrities have been charged for illegally touting crypto offerings

Two American celebrities are facing charges from the Securities and Exchange Commission today after they failed to disclose that they were being paid promotional fees to tout fraudulent initial coin offerings.

According to the SEC, this is the first time that individuals have faced charges involving ICOs. The Commission is accusing Mayweather of failing to disclose a $100,000 promotional payment and DJ Khaled with a $50,000 one.


Major Hacks of the Week

Ransomware attack disrupted emergency rooms at Ohio Hospital System

The ransomware attack infected computer systems at the East Ohio Regional Hospital and Ohio Valley Medical Center reportedly caused the disruption of the hospitals’ emergency rooms.

The malware hit the Ohio Hospital System and the hospitals were not able to accept ER patients via emergency responders.


Allegiant Air customers say airline sent personal information to hundreds

Allegiant Air customers claim the airline violated their privacy and shared their sensitive information.

Customers who have used service and emotional support animals found out their personal email addresses were sent to hundreds of passengers.

Action 9 consumer investigator Todd Ulrich reports a class action lawsuit is demanding the airline protect customer information.


Major Vulnerabilities Disclosed

Cisco Releases Second Patch for Webex Meetings Vulnerability

Cisco has released a new round of patches for a potentially serious Webex vulnerability first addressed one month ago.

The vulnerability in question is tracked as CVE-2018-15442 and the Counter Hack researchers who discovered it have dubbed it WebExec.

It affects releases prior to 33.6.4 of the Cisco Webex Meetings desktop app, and Webex Productivity Tools releases 32.6.0 and later, prior to 33.0.6.


US iOS users targeted by massive malvertising campaign

A cybercriminal group known as ScamClub has hijacked over 300M browser sessions over 48 hours to redirect users to adult and gift card scams, a cybersecurity firm has revealed today.

The traffic hijacking has taken place via a tactic known as malvertising, which consists of placing malicious code inside online ads.


Legal, Regulatory and Corporate
Security and Beyond

FBI along with security firms dismantled 3ve Ad Fraud Operation

Law enforcement and private firms such as Google and WhiteOps took down one of the largest and most sophisticated digital ad fraud campaign, tracked as Dubbed 3ve, that infected over 1.7 million computers to carry out advertising frauds.

The name 3ve is derived from a set of three distinct sub-operations using unique measures to avoid detection, and each of them was built around different architectures with different components.


8 Popular Android apps caught up In million-dollar ad fraud scheme

Cheetah Mobile - a prominent Chinese app company, known for its popular utility apps like Clean Master and Battery Doctor - and one of its subsidiary Kika Tech have allegedly been caught up in an Android ad fraud scheme that stole millions of dollars from advertisers.

According to app analytics firm Kochava, 7 Android apps developed by Cheetah Mobile and 1 from Kika Tech with a total 2 billion downloads on Google Play Store have been accused of falsely claiming the credits for driving the installation of new apps in order to claim a fee or bounty.


Security Awareness Tip

Beware of cyber scammers as you prepare to shop this holiday

With the Christmas holidays just around the corner and online consumers are preparing once again to embrace and make this popular shopping season their own, where retailers offer massive discounts for both online as well as bricks-and-mortar shoppers.

But be warned – in the same way that scammers come out to try and relieve people of their money in the physical world – the beginning of the November/December retail season brings out the cyber - thieves online also.


Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.

Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed