Month: June 2019

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 21 and June 28. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Source: Threat Roundup for June 21 to June 28

The digital forensics company Cellebrite now claims it can unlock any iPhone. I dithered before blogging this, not wanting to give the company more publicity. But I decided that everyone who wants to know already knows, and that Apple already knows.

Source: Cellebrite Claims It Can Unlock Any iPhone

The misinformation operations campaign used fake social media accounts across multiple platforms, at times impersonating real individuals who were politically active in western countries

Source: Russian-based misinformation campaign sends fake news from spoofed accounts

Recently we became aware of new domains used by an old malware campaign known as ‘fake jquery’, previously documented by web security firm Sucuri. Thousands of compromised websites are injected with a reference to an external JavaScript called jquery.js.

Source: Fake jquery campaign leads to malvertising and ad fraud schemes

… Are … are we the baddies? Hackers from the Five Eyes intelligence agencies have been accused of breaking into systems at Yandex, dubbed Russia’s Google.…

Source: While we were raging about Putin’s meddling and Kremlin hackers, Five Eyes were pwning Yandex, Russia’s Google

Alphabet’s enterprise cybersecurity division will become part of the Google security portfolio.

Source: Chronicle Folds into Google

Researchers have identified security hole in Microsoft Office’s Excel spreadsheet program that allows an attacker to trigger a malware attack on remote systems.

Source: New Microsoft Excel Attack Vector Surfaces

A weakness has been found in the Excel software, which allows hackers to drop and execute malware, making every user vulnerable

Source: Every Excel user vulnerable by default as new flaw found

Chrome OS version 75, which Google released on Wednesday in the stable channel, adds more mitigations for recently disclosed Microarchitectural Data Sampling (MDS) vulnerabilities affecting most Intel processors made in the last decade. read more

Source: Chrome OS 75 Adds More Mitigations for Intel MDS Flaws

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a legitimate remote administration tool for IT experts and companies to manage their devices with

Source: Exclusive: German Police Raid OmniRAT Developer and Seize Digital Assets