Tag Archive for: Undetected

Prevailion Omega exposes previously undetected malware blind spots in the cloud

/in


Prevailion launched Omega, a new cybersecurity capability for enterprises and governments that exposes and validates previously undetected active malware compromises – including ransomware – across cloud deployments and remote workforce assets.

“As a growing remote workforce has fueled investment in cloud infrastructure, threat actors are using the ‘black box’ nature of these SaaS deployments to stay hidden from modern security tools and to proliferate ransomware and other attacks,” said Karim Hijazi, CEO of Prevailion. “The current methodology for monitoring and securing cloud workflows and remote workers paints an incomplete picture that limits an organization’s ability to improve its overall security posture and reduce its risk.”

Prevailion’s Omega technology addresses this fundamental visibility challenge in the cloud by accurately detecting malware that evades other security solutions. For the first time, security teams can now see beyond the cloud or ISP to track malware infections that leverage dynamic and obfuscated IP addressing. This rapid detection can successfully prevent the encryption stage of a ransomware attack from taking place, in addition to other significant events like data theft, even after an organization’s assets have already been infected.

Prevailion’s existing solutions are already unique in their approach to infiltrating and monitoring the attacker’s command-and-control (C2 or CnC) servers and communications to covertly expose malware infections from the threat actor’s point-of-view. They also do not require any physical presence or access to an organization’s network when helping to evaluate its immediate risk of damage or loss based on existing blind spots.

This approach empowers security teams to understand active risks and threats to their environments that have gone undetected and it allows them to continuously improve their security posture against future threats. In addition, Prevailion’s solutions can monitor existing or potential supply chain partners for changes in their security posture and provide visibility into an organization’s potential risk of a security incident.

Omega collects critical…

Source…

Potent Firefox 0-day used to install undetected backdoors on Macs

/in
The fox animoji.

Enlarge / The fox animoji. (credit: Samuel Axon)

Hackers exploited a pair of potent zero-day vulnerabilities in Firefox to infect Mac users with a largely undetected backdoor, according to accounts pieced together from multiple people.

Mozilla released an update on Tuesday that fixed a code-execution vulnerability in a JavaScript programming method known as Array.pop. On Thursday, Mozilla issued a second patch fixing a privilege-escalation flaw that allowed code to break out of a security sandbox that Firefox uses to prevent untrusted content from interacting with sensitive parts of a computer operating system. Interestingly, a researcher at Google’s Project Zero had privately reported the code-execution flaw to Mozilla in mid April.

On Monday, as Mozilla was readying a fix for the array.pop flaw, unknown hackers deployed an attack that combined working exploits for both vulnerabilities. The hackers then used the attack against employees of Coinbase, according to Philip Martin, chief information security officer for the digital currency exchange.

Read 12 remaining paragraphs | Comments

Biz & IT – Ars Technica

Stegano Exploit Kit Hiding Within GIF-Based Browser Ads, Remained Largely Undetected for 2 Years: Report – NDTV

/in

NDTV

Stegano Exploit Kit Hiding Within GIF-Based Browser Ads, Remained Largely Undetected for 2 Years: Report
NDTV
Eset says Stegano Exploit Kit was targeting corporate sector and especially banking services for the last two years without being detected by the major networks. The two main culprit ads highlighted by Eset belong to "Broxu" screenshot app and
New Malware Hiding In Plain Sight For Users Of This BrowserKomando

all 2 news articles »

“exploit kit” – read more

Hopelessly broken wireless burglar alarm lets intruders go undetected

/in

Enlarge (credit: SimpliSafe.com)

A security system used in more than 200,000 homes has an unfixable flaw that allows tech-savvy burglars to disarm the alarm from as far away as a few hundred feet.

The wireless home security system from SimpliSafe is marketed as costing less than competing ones and being easier to install, since it doesn’t use wires for one component to communicate with another. But according to Andrew Zonenberg, a researcher with security firm IOActive, the system’s keypad uses the same personal identification number with no encryption each time it sends a message to the main base station. That opens the system to what’s known as a replay attack, in which an attacker records the authentication code sent by the valid keypad and then recycles it when sending rogue commands transmitted over the same radio frequency.

“Unfortunately, there is no easy workaround for the issue since the keypad happily sends unencrypted PINs out to anyone listening,” Zonenberg wrote in a blog post published Wednesday. “Normally, the vendor would fix the vulnerability in a new firmware version by adding cryptography to the protocol. However, this is not an option for the affected SimpliSafe products because the microcontrollers in currently shipped hardware are one-time programmable. This means that field upgrades of existing systems are not possible; all existing keypads and base stations will need to be replaced.”

Read 4 remaining paragraphs | Comments

Technology Lab – Ars Technica