News Highlights This Week
- Hackers bypassing a security feature of Microsoft Office 365,
- Twitter is testing an end-to-end encryption for Messages,
- Microsoft released security patches for the Zero-day flaws,
- Facebook Messenger is getting more and more Phishy,
- Healthcare industry is struggling with the intense wave of cyber-attacks,
- Cyber-attacks could crash Airplanes says Merle Maigre, the director of the NATO Cooperative Cyber Defence Centre of Excellence
- Cryptojacking hits hundreds of Drupal sites.
In-Short Overview:
- A security researcher revealed that hackers bypassing a safe links features of Microsoft Office 365 through a new technique which is designed to protect users from malware and phishing attacks. This technique is called “baseStriker Attack“. Researchers have seen hackers using the baseStriker attack to send phishing emails. Read More?
Hackers Bypassing A Safe Links Of Microsoft 365 (The Hacker News, May 08, 2018)
Basestriker Technique Allow To Bypass Microsoft 365 Security Feature (Security Affairs, May 09, 2018)
A security researcher found that Twitter is testing an encrypted direct messages feature for its Android app. This new feature is currently called “Secret Conversations”. At present Secret Conversation is currently available only to a small number of users for testing purpose. Unlike other platforms like WhatsApp, Twitter will not use end-to-end encryption by default. Users have to choose to start an encrypted chat.
Read More:
Twitter Is Testing End-To-End Encryption Feature (MSN, May 08, 2018)
Twitter Testing A New Feature For Direct Messages (Security Affairs, May 08, 2018)
Microsoft released security patches for a total of 67 vulnerabilities, including two zero-day flaws under active attack in which 21 vulnerabilities are rated as critical, 42 rated as important, and 4 rated as low severity. Users are strongly advised to install security updates as soon as possible in order to protect themselves against active attacks.
Read More:
Microsoft Patches Two Zero-Day Flaws (The Hacker News, May 08, 2018)
Facebook Messenger wants your password, your money, and your computer through a new malware,
FacexWorm, which is a modified version of malware that first appeared in August of 2017. Facebook Spam campaigns are quite common, users are advised to be vigilant when clicking on links and files provided via the social media site platform.
Read More:
Malware Virus Is Spreading Through Facebook Messenger (Foxnews, 02 May, 2018)
A simple new tool is released to protect the “Critically Vulnerable” Dasan GPON Wi-Fi Router from remote hacking.
Read More:
Protect Dasan GPON Routers from Remote Hacking (Professional hacker, 08 May 2018)
According to a threat report which is released on 01 May 2018,
healthcare industries are suffering more cyber-attacks. According to a Cylance, 2017 threat report healthcare industry is taking the lion’s share of Ransomware attacks.
Read More:
Healthcare Industry Suffered More Cyber-Attacks (Health It Security, 03 May 2018)
A CYBER defense expert has warned nations to prepare for shock cyberattacks. The leader of NATO warned that a cyber-attack could be targeted civilian populations. The security chief said that Cyber-attack threats could CRASH Airplanes.
Cryptojacking is hitting hundreds of Drupal websites. “Drupalgeddon2” has been exploited to Cryptojack more than 340 government, corporate, and university websites.
Read More:
Cryptojacking Hits Hundreds Of High-Level Drupal Sites (SC Media UK, 08 May 2018)
SynAck targeted Ransomware implements a new code injection technique Doppelgänging Evasion technique. SynAck Ransomware uses this technique to bypass modern security solutions. The main of this technique is to use NTFS transactions to launch a malicious process from the transacted file so that the malicious process looks like a legitimate one.
Read More:
SynAck Ransomware Implements Doppelgänging Technique (Securelist, 07 May, 2018)
In Other News