Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: Badlock flaw found in Linux and Windows PCs has already been patched, but some are speculating whether or not the security researcher who found the flaw was just trying to benefit from the publicity surrounding the new vulnerability. Hackers are using Microsoft’s PowerShell to hide their malicious activity – this is part of the growing trend of malware authors trying to evade detection by using native tools on the operating system. A malvertising campaign has plagued more than 288 major foreign websites. Experts warn that the Panama Papers breach just scratched the surface of the relative lack of budget and resources in the legal sector that leaves many law firms vulnerable to cyberattacks.
Badlock flaw is patched, but failed to live up to the security hype – Publication: ZDNet- Reporter name: Zach Whittaker
Badlock, the latest security flaw with a catchy name and a logo, has been fixed, but not without stirring the controversy pot. Samba, an open-source software that connects Linux and Unix servers and Windows PCs over a network, has patched seven separate vulnerabilities, which would allow an attacker to conduct man-in-the-middle or denial-of-service attacks.
Attackers are using Microsoft’s PowerShell to cloak their activities, warns Carbon Black – Publication: FierceITSecurity – Reporter name: Fred Donovan
There has been a substantial increase of attackers exploiting Microsoft’s PowerShell, a Windows task automation and configuration management framework, during cyberattacks, according to a study [.pdf] released Tuesday by security firm Carbon Black. PowerShell is an ubiquitous technology in Windows, and it serves as an ideal way for attackers to remain undetected. Its ability to dynamically load and execute code without touching the file system makes it especially difficult to secure, according to Carbon Black.
Massive malvertising attack poisons 288 sites – Publication: Naked Security – Reporter name: Lisa Vaas
A malvertising campaign has swamped most of the Netherlands’ most popular sites, affecting millions of users. The campaign began to take root on Sunday, when security firm Fox-IT noted a spike in incidents involving malware exploit kits. Spotted among those kits was the notorious Angler: the CaaS, or Crimeware-as-a-Service, that crooks have chosen to spread such nasties as the CryptoWall 4.0 ransomware.
Law Firms Present Tempting Targets For Attackers– Publication: Dark Reading – Reporter name: Jai Vijayan
Mossack Fonseca has not disclosed how exactly it was breached. But it has blamed external actors for a theft that has exposed the potentially illicit offshore financial dealings of numerous political leaders and public figures around the world including Russian president Vladmir Putin and British prime minister David Cameron. Many view the sheer scope of the data breach—over 2.6 terabytes of data was stolen without the firm detecting the theft—as a sign that MF did not have basic controls in place for detecting and mitigating such incidents. Unfortunately, such a lack of preparedness is fairly common in the legal industry.