Tag Archives: Windows 10

Security Never Sleeps- Microsoft Bugs, Android Patches

New Microsoft Kernel Bug Could Permit Malicious Modules

“Could bypass antivirus systems”

Security researchers have found a Microsoft kernel bug that may allow attackers to bypass antivirus systems and load in its own malware that infects users devices. The kernel flaw has been discovered in the PsSetLoadImageNotifyRoutine in all operating systems ranging from Windows 2000 to the most recent version of Windows 10.

AXA Insurance data breach hits 5,400 customers in Singapore

“Sensitive information likely obtained”

AXA Insurance has now revealed it has suffered a cybersecurity incident that compromised personal data of about 5,400 customers in Singapore. The breach affected users of the firms health portal including past customers according to data protection officer Eric Lelyon in a Thursday e-mail to customers. No other alerts or notices were posted on its website. The breach , according to Leylon, “exposed” the customer’s e-mail address, date of birth, and mobile number, which was used to transmit one-time passwords when users transacted on the portal.

Experts Find 2007 Variant of Malware Linked to French Intelligence

“Babar origins may have been found”

Palo Alto Networks researchers have discovered a 2007 variant of Babar, a malware program believed to have been developed by a covert French intelligence agency. The activities of the cyber espionage group known as the Animal Farm came to light in March 2014, when a French publication released a series of slides from united States NSA whistleblower Edward Snowden. The slides belonged to Canada’s Communications Security Establishment and they detailed an espionage campaign dubbed “Operation Snowglobe.”

Google Patches 81 Android Vulnerabilities With September 2017 Updates

“13 rated critical”

81 security vulnerabilities have been addressed in the September set of security patches for the Android platform. 13 had a severity rating of critical. The security bulletin has two security patch levels, each focused on addressing vulnerabilities in specific components.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 178

Windows 10 Is Getting A Clever New Way To Fight Off Ransomware

“New ability added to Windows Defender”

The built-in Windows anti-malware application has been outfitted with a new protective mechanism. ‘Controlled Folder Access’ allows only recognized trustworthy devices and users to access the files that you activate the feature for.

Medicare data breach: Alan Tudge admits department unaware darknet vendor selling card details

“HS Minister concedes after investigation”

Alan Tudge, Australian Human Services Minister, now confirms that his department was blind to the fact that a secretive Darknet vendor had obtained and began to sell Australian medicare information on the web. The Guardian published an investigation Tuesday that revealed the operation, which had sold about 75 individuals records on an illegal product auctioning site. Mr. Tudge has addressed the breach in a recent statement:

Decrypting the Motivations Behind NotPetya/ExPetr/GoldenEye

“Who and Why still largely unknown”

The most recent malware attack to rock the Ukraine and others has seemed to leave more questions than answers. Reaching at least 60 countries, the malware is now even taking on different names. Some researchers have dubbed it Petya, due to its similarities with the Petya malware seen previously. However, others refute the relationship, leaving it categorized as NotPetya, GoldenEye, and more. Kaspersky Labs has found similarities with a modified version of Petya, and have settled on ExPetr.

Zero-Day Found in Humax WiFi Router

“Vulnerable routers easily compromised”

Security systems in the new HG-100R Humax WiFi router are apparently fragile enough to allow hackers remote access to sensitive information and administrative command control. TrustWave SpiderLabs researchers discovered the flaw in May, but repeated warnings to the manufacturer were allegedly met with silence.

Personal Details of 117,000 AA Shoppers Exposed

“15 million member organization criticized for security faults”

The Automobile Association is the target of massive critique this week after news of a major data malfunction may have compromised the sensitive information of much of its membership base. A server misconfiguration brought the vulnerability of at least 100,000 customers data, however the organization had downplayed the severity of the incident. The company posted the following message to customers on Monday;

Enjoy your read? Check out our other blogs and content here.

10Fold- Security Never Sleeps- 175

GhostHook Attack Can Bypass Windows 10’s PatchGuard

“Newly discovered malware can hook kernel code”

CyberArk Security Labs has shown that an attack on Windows 10 PatchGuard systems can be compromised. The protective program was designed to prevent rootkits and other malicious software at kernel level on 64-bit versions of Windows. The attacking software, now dubbed GhostHook, can completely bypass PatchGuard as long as the cybercriminal already has a foothold in the system.

Nuclear Plants, Hospitals at Risk of Hacked Radiation Monitoring Devices

“Major flaws that are currently unfixable”

Design flaws that are used to track radiation levels in major public systems have been found to be able to be exploited. A shrewd cybercriminal could be capable of injecting fake radation level readings, causing concerns for many security researchers.

Cloud Security and the RNC Leak

“Researchers take lessons from breach”

A mal-configured Amazon S3 packet has led to a huge leak for the RNC networks. This could easily happen to other organizations that do not adopt adequate security measures.

Check Point says Fireball malware hit 250 million; Microsoft says no

“Microsoft conflicts Check Point statement”

Squabbles over the infection rate of Fireball have put Check Point and Microsoft in contrary positions. Check Point claimed that the China-based malware had affected over 250 million systems, which Microsoft denies. The firm countered the Check Point report with another statement, claiming it has been tracking Fireball since 2015 and that the total count of infected systems was only about 40 million.