Search Results for “Danny Palmer”


July 19, 2019
Danny Palmer / ZDNet

Danny Palmer / ZDNet  
Chinese APT Group Ke3chang Is Targeting Diplomats and Government Offices in Europe, Central and South America With New Backdoor Okrum

An elusive advanced persistent threat (APT) group thought to be operating out of China and known as Ke3chang, but also known as Vixen Panda, Royal APT, Playful Dragon, and APT15, is using a previously unreported backdoor, dubbed Okrum, in a malware campaign targeting diplomats and government departments around the world, researchers at ESET report. The group is using an updated version of their Ketrican malware alongside the backdoor to target diplomatic bodies and other government institutions in countries across Europe and Central and South America. Okrum can provide itself will full administrator privileges and collects information about the infected machine, such as computer name, username, host IP address and what operating system is installed.

Related: Threatpost, BleepingComputer.com, We Live Security, The Register – Security, Infosecurity Magazine, Cyberscoop, SC Magazine

Tweets:@dannyjpalmer


August 13, 2019
Danny Palmer / ZDNet

Danny Palmer / ZDNet  
Flaws in Digital Cameras’ Standard Protocol Could Expose Devices to Ransomware Infections

It’s possible to exploit vulnerabilities in a standard protocol, Picture Transfer Protocol (PTP), digital cameras use to transfer digital files to spread ransomware to the devices, researchers at Check Point say. The vulnerabilities include including buffer flows enabling code execution, which could allow the camera to be taken over remotely via Wi-Fi using a malicious and silent firmware update. The firmware could enable ransomware to be deployed because the two share the same cryptographic processes.

Related: ibtimes.sg : Top News, TechNadu, NewsBytes App, HotHardware.com, The Loop, GBHackers On Security, SecurityWeek, The Next Web, Check Point


September 23, 2019
Danny Palmer / ZDNet

Danny Palmer / ZDNet  
Two Android Camera Apps With 1.5 Million Downloads Removed from Google Play Store for Serving Adware, Apps Also Capable of Listening to Microphones, Staying Persistent on Devices

Two malicious Android camera apps, Sun Pro Beauty Camera and Funny Sweet Beauty Selfie Camera, which had combined total downloads over 1.5 million, have been removed from the official Google Play Store for serving up adware, researchers at Wandera report. Although aimed at delivering adware, both apps had permissions that enabled them to record audio, allowing the app to use the microphone to listen in to anything said near the device at any time, as well as a number of permissions that allow the app to be persistent on the device.

May 9, 2019
Danny Palmer / ZDNet

Danny Palmer / ZDNet  
Dharma Ransomware Now Embeds Itself Inside Fake Antivirus Software Installation

Constantly evolving Dharma ransomware, which has been plaguing organizations since 2016, has added a new means of deploying itself by bundling inside a fake antivirus software installation, researchers at Trend Micro report.  Under the new technique, Dharma still uses phishing emails, but this time sends messages claiming to be from Microsoft saying the victim’s Windows PC is ‘at risk’ and ‘corrupted’ following ‘unusual behavior’, urging the user to ‘update and verify’ their antivirus by accessing a download link. If the user follows through, the ransomware downloads a payload and an old version of anti-virus software from cyber security company ESET.

June 1, 2019
Danny Palmer / ZDNet

Danny Palmer / ZDNet  
Over 2.3 Billion Business Files Found Exposed Online, Up 50% Year-over-Year, Medical Imaging File Exposures Doubled

Over 2.3 billion files exposed across SMB-enabled file shares, misconfigured network-attached storage (NAS) devices, File Transfer Protocol (FTP) and rsync servers, and Amazon S3 buckets were discovered by researchers at Digital Shadows. This figure marks a 750 million increase, or 50%, increase in data exposure compared with Digital Shadows’ Photon research team’s previous analysis of the issue early last year which found 1.5 billion files exposed. Among the files exposed were 4.7 million medical files with the majority being DICOM (DCM) medical imaging files with 4.4 million of these found to be exposed, double last year’s figures.

Related: TechRepublic, IT Pro, SC Magazine, Security Magazine, Infosecurity Magazine, Digital Shadows, We Live Security, CTOvision.com, Forbes, OODA Loop, SecurityWeek


July 3, 2019
Danny Palmer / ZDNet

Danny Palmer / ZDNet  
Satellite-Based Control Systems Are Vulnerable to Attacks That Could Potentially Wreak Havoc on Strategic Weapons Systems, Chatham House

NATO and its member countries need to urgently address the cybersecurity of space-based satellite control systems because they’re vulnerable to cyber attacks, that, if left unaddressed, could have severe consequences for global security, according to a new paper from think tank Chatham House. One means of attack the paper discusses is that of GPS digital spoofing, whereby an attacker intercepts and manipulates data to provide false information to troops and therefore allowing attackers to re-route movements of forces, potentially wreaking havoc on strategic weapons systems. The report also warns of old IT equipment, failure to update software with patches for removing known vulnerabilities, potential weaknesses in supply chains and other factors are leaving these satellite control systems at risk.