Silensec Newsletter

Category: News

Top News

Russian Social Media Interference Continues

The battle against Russian disinformation is far from over. Two in-depth reports released have revealed a disturbing trend: Such campaigns are continuing, despite efforts by social media companies to cleanse their platforms.

The reports analyze a large batch of social media content turned over to Congress by Twitter, Facebook and Google as part of the committee's investigation into online disinformation campaigns that targeted the 2016 U.S. presidential election.

Both reports are critical of the technology firms, contending that the data they shared with researchers was hard to work with or incomplete, making it more difficult to assess the scale and reach of Russia's efforts.


US indicts two Chinese government hackers over global hacking campaign

The US Department of Justice recently charged 2 Chinese hackers associated with the Chinese government for hacking numerous companies and government agencies in a dozen countries.

The Chinese nationals, are believed to be members of a state-sponsored hacking group known as Advanced Persistent Threat 10 (APT 10) or Cloudhopper that has been working from over a decade to steal business and technology secretsfrom companies and government agencies around the world.


Major Hacks of the Week

European Union diplomatic communications 'targeted by hackers'

Hackers successfully targeted the European Union's diplomatic communications over a period of several years. Thousands of messages were intercepted in which diplomats referenced a range of subjects from US President Donald Trump to global trade.

European officials say that information marked as confidential and secret was not affected by the three-year hack.


Hackers using memes to spread malware

Researchers found out that hackers have come up with an interesting and unique way to spread a malware. They are now using internet memes for communicating with malware for various malicious operations.

A hacker has been found using the "What if I told you" meme on Twitter to grab screenshots from an infected Windows PCs. The memes containing the malware would appear same as an ordinary digital image, but it contains commands in the file's metadata which is hidden.


Happy Holidays - Remember to keep secure while online



Major Vulnerabilities Disclosed

Twitter fixed bug could have exposed Direct Messages to third-party apps

Researcher recently discovered that the permissions dialog when authorizing certain apps to Twitter could expose direct messages to the 3rd-party.

The flaw is triggered when apps that require a PIN to complete the authorization process instead of the using the OAuth protocol.

The expert discovered that some permissions such as that to access direct messages, remained hidden to the Twitter user.


Code Execution Flaw in SQLite Affects Chrome, Other Software

Many applications using the popular SQLite database management system could be exposed to attacks due to a potentially serious vulnerability that can lead to remote code execution, information disclosure, and denial-of-service (DoS) attacks.

The experts have named the flaw Magellan and they claim it affects any piece of software that uses SQLite or Chromium -€“ Chromium relies on WebSQL, which is based on SQLite.


Merry Christmas - Stay Secure during the Holidays



Legal, Regulatory and Corporate

Happy New Year - CyberSecure 2019



Security and Beyond

Cloud and automation allows Ticketek to sell thousands of tickets at once

One of the more well-known brands under the TEG banner is ticketing website Ticketek. When a major event goes on sale at a scheduled time, there is usually a rush to secure tickets, and amid the frustration from punters keen to get their hands on a seat is Ticketek's costly tech behind the scenes that stops the website from completely falling over.


Decrypting HiddenTear Ransomware for free with HT Brute Forcer

Back in 2015, Turkish security researchers published the HiddenTear ransomware, the first open source ransomware, for educational purposes.

The original code was decryptable, for this reason, many other variants based on it were decryptable too.

Victims of the HiddenTear Ransomware could follow the step by step procedure, published by Bleeping Computer, to decrypt their files for free.


Security Awareness Tip

12 ways to secure yourself while online over the holidays

The holidays are here again and gift exchanges are in full swing, many people receiving and setting up the latest devices in their homes and offices. However, no one wants their new gadget to open them or their work environment up to a security or privacy problem.

Here are 12 basic but critical precautions that you should take to ensure the security and privacy of your new devices:

  1. Use a password manager
  2. Protect your routers and Wi-Fi
  3. Set up more secure accounts on your PCs and Macs
  4. Prevent lost tablets and smartphones from turning into something worse
  5. Protect your data on smartwatches and personal fitness devices
  6. Be smart with your smart home
  7. Don't forget about home entertainment apps, TVs, and DVRs
  8. Protect your gaming consoles too
  9. Configure user profiles for voice assistants
  10. Use smart speakers smartly
  11. Drive safely and securely with smart cars
  12. Patch, patch, and patch some more


Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.

Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed