Archive for October, 2015

Last week, the Joomla team released an update to patch a serious vulnerability on Joomla 3.x. This vulnerability, an SQL injection (CVE-2015-7858), allows for an attacker to take over a vulnerable site with ease. We predicted that the attacks would start in the wild very soon, due to the popularity of the Joomla platform along with how easy the exploitation was. Continue reading

In early October, it was announced that a critical vulnerability had been found in the libutils library. The libutils library is part of Android OS; it implements various primitive elements that can be used by other applications. The least harmful result that exploiting this vulnerability could lead to is the software that uses the stagefright library and handles MP3/MP4 files crashing.

Continue reading

German Chancellor Angela Merkel may not be the only high-ranking leader from that country to be spied on by the National Security Agency. According to a report published over the weekend, German authorities are investigating whether the head of the German Federal Chancellery unit had his laptop infected with Regin, a highly sophisticated suite of malware programs that has been linked to the NSA and its British counterpart, the Government Communications Headquarters. Continue reading

Welcome to the August/September edition of Invincea’s threat report series, in which we reveal the key threat trends encountered and stopped in the wild by Invincea. This post provides insight into the latest malware and attack vectors that are evading security controls such as next-generation firewalls, network sandboxes, and anti-virus – based on Invincea’s uniquely broad view into the threat landscape. Continue reading

FAIRFAX, VA–(Marketwired – October 26, 2015) – Invincea, the leader in advanced endpoint threat protection, is notifying businesses and individuals that a major international cyber-crime operation previously believed to be shut down by law enforcement is once again actively operating and targeting French users. Invincea is releasing this advisory because the French campaign may portend the resurgence of a broader campaign that will likely target users in the US and other countries, as Dridex has done previously.

Continue reading

The modern Computer Network Defense (CND) staple of intelligence driven operations (PDF) is based on the observation that incidents are not singular events, but rather phased progressions. In this model, defenders benefit from a cohesive view of adversaries operating inside of a network (also referred to as viewing an adversary in the aggregate).  Continue reading