Tag Archives: Department of Justice

10Fold- Security Never Sleeps- 154

Dridex gang uses unpatched Microsoft Word exploit to target millions

“Attacks beginning in January”

The group associated with the Dridex trojan software has begun using an unpatched Microsoft Word vulnerability that allows it to potentially affect millions of users. The capability of harm was revealed Friday by McAfee antivirus researchers, and security researchers firm FireEye have confirmed more instances of issues over the past several weeks as well.

US dismantles Kelihos botnet after Russian hacker’s arrest

“Unrelated to potential tampering in U.S. election”

The recent arrest of a Russian cybercriminal in Spain has led to the destruction of a large scale botnet. Kelihos, a botnet that is directly responsible for the remote control and ‘enslavement’ of hundreds of thousands of IoT devices, has been used to distribute malware globally in the past. On Monday the U.S. Justice Department released a statement claiming it had taken actions to officially dismantle the project.

Hackers Steal Customer Card Data From GameStop

“Popular gaming retailer apparently breached”

GameStop, a popular retailer among the gaming community, allegedly has been compromised with the possibility of customer payment card information stolen. Included are the name, address, and verification numbers of credit cards.

Cisco Finds Many Flaws in Moxa Industrial Aps

“More than a dozen issues identified”

Talos Intelligence, a Cisco research group, has finished a two-week observation of a wireless AP from Moxa, concluding that many vulnerabilities are apparent from their tests. Over a dozen were officially verified, including remote exploitation that would effectively give a cybercriminal full access to operating functions of a device. Moxa has apatched all but on of these vulnerabilities, the details of which will be disclosed after it has been dealt with.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 136

Virulent Android malware returns

“Over 2 million downloads on Google Play”

A strain of malware that had infected over 10 million Android devices in 2016 has been making the rounds again, embedding itself in Google Play applications that may have affected nearly 12 million users. Professionally developed, HummingWhale is a variant of a researcher documented strain hitting the Google store last July.

Court denies U.S. government appeal in Microsoft case

“Appeals court not reconsidering DOJ request for email handover”

An appeals court has refused the Department of Justice’s request to force Microsoft to release thousands of customer emails held outside of the United States. A 4-4 decision by the Second Circuit court refused to rehear a July decision that denied access to a suspected drug dealers account stored on a server based in Ireland. DOJ requests are not new to Microsoft, having been in consistent battles for email requests since early 2013.

Cisco’s web meeting plugin for Chrome has a whopping flaw

“Extension may need security patch”

Users of the Cisco WebEx extension would be keen on ensuring they have installed the 1.03 patch, as security experts have been claiming earlier versions leave considerable vulnerabilities in a users device. Filippo Valsorda (@FiloSottile) has recently tweeted on the matter “…any website could just install malware on your machine silently.”

Enjoy your read? Check out our other content here.