Week in review: Fileless malware, HTTPS interception in the wild, simple Gmail spoofing

Here’s an overview of some of last week’s most interesting news, reviews and articles:

Banks around the world hit with fileless malware
Kaspersky Lab researchers have brought to light a series of attacks leveraged against 140+ banks and other businesses.

Review: The Internet of Risky Things
Building the IoT the same way we built the current Internet is not a good solution.

Don’t take your hands off the wheel
How much will we want the cars to take over?

The security impact of HTTPS interception in the wild
HTTPS deployment is on an upward trajectory, and this growth is accompanied by the increasing HTTPS interception and SSL inspection by enterprise-grade firewalls, web filters, gateways, as well as client-side antivirus and security solutions.

Qualys at RSA Conference: Implementing innovation
There will be no lack of interesting content from Qualys at this year’s RSA Conference. Depending on you interests, you might want to make time for some of these talks and presentations.

CERT updates insider threat guidebook
The guide describes 20 practices that organizations should implement across the enterprise to prevent and detect insider threats, as well as case studies of organizations that failed to do so.

LaunchKey: Passwordless consumer authentication at scale
The LaunchKey mobile multifactor authentication solution empowers global consumer brands to improve security and consumer experience by delivering a risk-aware alternative to passwords and two-factor authentication, at scale, via an easy-to-use mobile SaaS solution.

Simple Gmail spoofing leaves users open to targeted attacks
Gmail shows no warning as it delivers legitimate-looking spoofed emails seemingly coming from an existing Gmail.com address, even though they come from a non-Gmail server.

The anti social network
Reputations are being built on such platforms, and yet a large proportion are now manipulated and automated to the extent that the very integrity of this environment has to be called into question.

AKBuilder: A builder for exploit-laden Word documents
One doesn’t have to be a great coder to become a successful cybercriminal, as underground markets are filled with offerings that automate one or another step of an attack chain. Take for example the AKBuilder, a builder for Word documents that carry exploits for several vulnerabilities and a malicious, encrypted payload.

Vera for Mail protects the confidentiality of email messages and attachments
Vera for Mail is an enterprise-grade security solution that lets businesses secure, track, and revoke access to any email they send.

It’s time to rethink using remote access VPNs for third-party access
Third-party access is often the weakest link in network security.

Why you need a tailored application security program
For companies that provide applications to their customers, keeping those applications secure is a must. Setting up an application security program is the next logical step, but there are many choices to be made when trying to make it as effective as possible.

Self-healing endpoint security as a foundation for visibility
The new Application Persistence product from Absolute provides embedded, self-healing capabilities to third-party endpoint controls such as VPN, anti-virus, encryption, systems management and other critical controls that are too easily compromised.

Your web browsing history can be linked to your social media accounts
Your web browsing history contains enough information for third parties to be able to link it to your social media profile (Twitter, Facebook, Reddit), Stanford and Princeton researchers have found.

Tens of thousands WordPress sites defaced, SEO spam to follow
Attackers are actively exploiting the recently patched unauthenticated privilege escalation vulnerability in WordPress’ REST API to deface websites.

USM Anywhere simplifies security for organizations of all sizes
USM Anywhere is an all-in-one SaaS security monitoring platform designed to centralize threat detection, incident response and compliance management of cloud, hybrid cloud, and on-premises environments from a single cloud-based console.

Will February’s Patch Tuesday fix a known zero-day?
Coming into Patch Tuesday we have a known zero day on the Microsoft side, and we’ve seen example code for an SMB exploit that could lead to DoS and BYOD of a system.

Less than half of organizations trust their data for business decisions
While data supports major business initiatives, the level of data accuracy is lower than required.

Monitoring scanning activities that could lead to IoT compromises
Looking at honeypot data during a two week period, Arbor Networks saw a total of 1,027,543 login attempts, of which 819,198 failed, from a total of 92,317 unique source IP addresses.

Vizio smart TVs spied on millions of users without their consent
American company Vizio has decided to settle charges that it installed software on its smart TVs that collected viewing data of some 11 million users without their knowledge or consent.

Anti-piracy tech firm Denuvo inadvertently leaks sensitive info
Denuvo Software Solutions has suffered an embarrassing and potentially damaging information leak.

New infosec products of the week​: February 10, 2017
A rundown of infosec products released last week.

More about

Don't miss