Trickbot Malware Now Targets US Banks

Researchers with IBM and Flashpoint warn the Trickbot Trojan is growing more potent and now targeting U.S. banks.

Motivation Mystery Behind WannaCry, ExPetr

A shift in APT tactics is emerging as characterized by the destructive ExPetr attacks hidden in ransomware, and WannaCry, which also failed to turn a profit.

Apple Patches BroadPwn Bug in iOS 10.3.3

Apple released iOS 10.3.3 Wednesday that serves as a cumulative patch update for multiple vulnerabilities including the high-profile BroadPwn bug.

US, European Law Enforcement Shutter Massive AlphaBay Market

U.S. authorities along with law enforcement Europe and Asia announced today the takedown of the dark webrsquo;s largest illicit market, AlphaBay.

VU#586501: Inmarsat AmosConnect8 Mail Client Vulnerable to SQL Injection and Backdoor...

Inmarsat Solutions offers a shipboard email client service,AmosConnect 8(AC8),which was designed to be utilized over satellite networks in a highly optimized manner.

A third-party security research firm has identified two security vulnerabilities in the client software:On-board ship network access could provide visibility of user names and passwords configured on the client device.

A backdoor account has been identified in the client that provides full system privileges.

This vulnerability could be exploited remotely.

An attacker with high skill would be able to exploit this vulnerability.

AmosConnect 8 has been deemed end of life,and no longer supported.
Inmarsat customers must contact Inmarsat Customer Service to obtain the replacement mail client software.

Tor Project Opens Bounty Program To All Researchers

The Tor Project is launching a public bug bounty program to encourage security researchers to responsibly report issues they find in the software.

Cisco ASR 5000 Series Aggregation Services Routers Access Control List Security...

A vulnerability in certain filtering mechanisms of access control listsnbsp;(ACLs) for Cisconbsp;ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass ACL rules that have been conf...

Cisco Web Security Appliance Administrative Interface Access Control Bypass Vulnerability

A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative ma...

Cisco Web Security Appliance Command Injection and Privilege Escalation Vulnerability

A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root.

The attacker must authenticate with valid adm...

Cisco Web Security Appliance Static Credentials Vulnerability

A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authentica...

Senator Calls For Use Of DMARC To Curb Phishing

Senator Ron Wyden is pushing to mandate government-wide use of the email authentication protocol DMARC “to ensure that hackers cannot send emails that impersonate federal agencies.”

Modified Versions of Nukebot in Wild Since Source Code Leak

Criminals have made use of the leaked source code for the Nukebot banking Trojan, crafting modified versions of the malware to target banks in the U.S. and France.