Weekly InfoSec Roundup 07/27/18

Two-Thirds of Organizations Hit in Supply-Chain Attacks

New global survey by CrowdStrike shows the average cost of a software supply chain attack is $1.1 million.Less than 40% of organizations in the US, UK, and Singapore have vetted all of their external suppliers in the past 12 months, according to a new surve...

Ream More


Calisto macOS Backdoor Remained Undetected for Two Years

A recently discovered backdoor targeting macOS systems remained undetected for at least two years, according to security firm Kaspersky Lab.
Dubbed Calisto, the malware was first uploaded to VirusTotal in 2016, likely the same year it was created, but it r...

Ream More


Hide ‘N Seek Botnet Targets Smart Homes

The infamous Hide ‘N Seek botnet is now targeting vulnerabilities in home automation solutions, network security firm Fortinet says.
First observed in January this year, the botnet originally targeted home routers and IP cameras, and had a decentralized, p...

Ream More


Apache OpenWhisk Flaws Allowed Attackers to Overwrite Code in IBM Cloud

Researchers discovered that two vulnerabilities in the Apache OpenWhisk serverless cloud platform could have allowed malicious actors to overwrite and execute arbitrary code.
Apache OpenWhisk is an open source platform designed to execute code in response ...

Ream More



Hacking campaign combines attacks to target government, finance, and energy

Video: Cyberwar: Nation-state cyber attacks threaten every company A newly-uncovered cyber espionage operation is combining known exploits with custom-built malware in a campaign that has targeted hundreds of organisations, particularly those in the ...

Ream More



Shipping Giant COSCO Hit by Ransomware

Chinese state-owned shipping and logistics company COSCO was reportedly hit by a piece of ransomware that disrupted some of its systems in the United States.
COSCO, one of the world’s largest shipping companies, described the incident as a “local network b...

Ream More


Microsoft Uncovers Multi-Tier Supply Chain Attack

Microsoft has shared details of a new attack that attempted to spread crypto-mining malware to a large number of users by compromising the software supplying partner of an application developer.
The multi-tier attack relied on compromising the shared infra...

Ream More


Remote Spectre Attack Allows Data Theft Over Network

A team of researchers from the Graz University of Technology in Austria has demonstrated that Spectre attacks can be launched remotely without the need to execute code on the targeted machine.
The researchers, some of which were also involved in the discov...

Ream More


Stay updated with our blog posts

Enter your email address and you'll be notified about our new posts

  • This field is for validation purposes and should be left unchanged.
© 2018 BRINQA | Legal | Terms