Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’

By: Jindrich Karasek and Augusto Remillano II

Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — levelled against Elasticsearch servers.

Source: Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’

Advertisements

Lancaster Uni data breach hits at least 12,500 wannabe students

Must have been the cyber security course’s day off Lancaster University – which offers a GCHQ-accredited degree in security – has been struck by a “sophisticated and malicious phishing attack” that resulted in the leak of around 12,500 wannabe students’ personal data.…

Source: Lancaster Uni data breach hits at least 12,500 wannabe students

Building Resilience to Foreign Interference, Misinformation Activities

Original release date: July 22, 2019 As part of the effort to #Protect2020 , the Cybersecurity and Infrastructure Security Agency (CISA) is working with national partners to build resilience to foreign interferences, particularly information activities (e.g., disinformation, misinformation).

Source: Building Resilience to Foreign Interference, Misinformation Activities

Why Rust for safe systems programming – MSRC

This is the second part of a blog post from the Microsoft Security Response Center. It examines the classes of vulnerabilities introduced in modern systems programming languages, like C/C++, and makes the case for replacing them with the Rust programming language.

Read the full article: Why Rust for safe systems programming

Chances of destructive BlueKeep exploit rise with new explainer posted online

Enlarge (credit: One of the slides posted to Github ) A security researcher has published a detailed guide that shows how to execute malicious code on Windows computers still vulnerable to the critical BlueKeep vulnerability. The move significantly lowers the bar for writing exploits that wreak the kinds of destructive attacks not seen since the WannaCry and NotPetya attacks of 2017, researchers said.

Source: Chances of destructive BlueKeep exploit rise with new explainer posted online

Threat Roundup for July 12 to July 19

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 12 and July 19. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Source: Threat Roundup for July 12 to July 19