Month: October 2017

DNSmasq can ignite a cyber attack larger than WannaCry and Mirai

Good news everyone! It has now been 10 days since Google Security released 7 critical vulnerabilities along with PoC exploit code for popular dnsmasq service and the world is still alive as we know it. How long will this last? If we refer to WannaCry outbreak it takes a while from public exploit being released […]

Read More
POS Malware Breach at Sonic Drive-In

Delaware, USA ā€“ October 11, 2017 ā€“ Sonic Drive-In, a fast food restaurant chain in the United States, was attacked by cybercriminals that used POS terminals malware for stealing data on visitorsā€™ payment cards. The restaurant chain has more than 3,500 locations in 45 states. Data breach affected approximately 5 million payment cards. On September […]

Read More
Web Mining Detector now uncovers connections to Crypto-Loot platform

Delaware, USA ā€“ October 10, 2017 ā€“ In connection with the recent launch of a new platform that provides JavaScript cryptocurrency miners for integration into web pages, Web Mining Detector SIEM use case has been updated to version 1.1. Now it contains all the necessary indicators of compromise to detect any connections to this platform. […]

Read More
Dnsmasq vulnerabilities

Delaware, USA ā€“ October 10, 2017 ā€“ In early October, experts from Google published information on the research about the popular DNS forwarder and DHCP server – Dnsmasq. This program is used in routers and some IoT devices and it is also included in various Linux distributions. Currently, Shodan detects about 1.2 million devices with […]

Read More
FormBook infostealer targets aerospace and defense industry

Delaware, USA ā€“ October 09, 2017 ā€“ We have recently written that credential theft attacks have become more frequent. Last Thursday, researchers from FireEye, Arbor Networks and ISC SANS reported several campaigns that were targeted at the aerospace and defense industry mainly in the US, India and South Korea. The primary distribution vector is spear […]

Read More
Locky Ransomware disguises as a document scanned with Konica Minolta C224e

Delaware, USA ā€“ October 09, 2017 ā€“ For more than two weeks, Locky has been distributed by the Necrus botnet through emails with the subject “Status of invoice” and attached 7z archive containing a malicious VBS script. Encrypted files are assigned the .ykcol extension; this may be a reference to the same named virus that […]

Read More
Cryptocurrency mining came to a new level

Delaware, USA ā€“ October 04, 2017 ā€“ The second half of September was marked by a significant increase in the number of incidents with JavaScript cryptocurrency miners. The idea of ā€‹ā€‹cryptocurrency mining instead of displaying advertising banners was realized in 2013, but until recently it was not very popular. On September 14, the Coinhive platform […]

Read More
Forward Defense becomes SOC Primeā€™s partner

Delaware, USA ā€“ October 04, 2017 ā€“ SOC Prime, Inc. announces a new partnership with Forward Defense, a UAE-based leading information security advisor and integrator, to assist in their goal of providing world-class, innovative, value-added services and guidance to customers and establishing a position of leadership.

Read More
Saudi Arabia Government entities were hit by cyberespionage attack

Delaware, USA ā€“ October 3, 2017 ā€“ Researchers from Malwarebytes Lab reported a malicious campaign against Governmental entities in Saudi Arabia. Over the past year, Saudi Arabia has become the target of several large-scale cyber attacks: according to researchers from Kaspersky Lab, about 60 percent of organizations in this country were attacked by various malware. […]

Read More
KSK key update for DNSSEC protocol is postponed to the next year

Delaware, USA ā€“ October 2, 2017 ā€“ ICANN has postponed the date of the KSK key update to the beginning of 2018. The main reason for the delay is that some providers did not implement the KSK key in the infrastructure, which could lead to the impossibility of sending DNS queries to about 60 million […]

Read More