Month: July 2019

Malwarebytes present their quarterly look at the latest and greatest in exploit kits: Exploit kits: summer 2019 review

Organizations are increasingly turning to containers even though they are not as confident in the security of those containers, according to a new survey.

Source: Container Security Is Falling Behind Container Deployments

Flaws that allow attackers to bypass the payment limits on Visa contactless cards have been discovered by researchers Leigh-Anne Galloway and Tim Yunusov at Positive Technologies. The attack was tested with five major UK banks, successfully bypassing the UK contactless verification limit of £30 on all tested Visa cards, irrespective of the card terminal.

Source: Flaws allow attackers to bypass payment limits on Visa contactless cards

Wow! A little grounding from the Register, who respond the hysterical headlines about small plane hacking:

PASSENGERS IN PERIL? CRISIS IN THE SKIES? No – but neat ways to frig with your own aircraft An investigation into the computer security of small airplanes, the results of which were made public this week, will be sure to generate some flashy headlines.

Source: Hack a small airplane? Yes, we CAN (bus) – once we physically break into one, get at its wiring, plug in evil kit…

Google’s cybersecurity researchers have finally disclosed details and proof-of-concept exploits for 4 out of 5 security vulnerabilities that could allow remote attackers to target Apple iOS devices just by sending a maliciously-crafted message over iMessage.

Source: Google Researchers Disclose PoCs for 4 Remotely Exploitable iOS Flaws

This sounds scary:

Vulnerabilities in VxWorks’ TCP stack could allow an attacker to execute random code, launch a DoS attack, or use the vulnerable system to attack other devices.

Source: Series of Zero-Day Vulnerabilities Could Endanger 200 Million Devices

Another week, another massive data breach. Capital One, the fifth-largest U.S. credit-card issuer and banking institution, has recently suffered a data breach exposing the personal information of more than 100 million credit card applicants in the United States and 6 million in Canada.

Source: Capital One Data Breach Affects 106 Million Customers; Hacker Arrested

Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 19 and July 26. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioural characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Read more: Threat Roundup for July 19 to July 26

RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.

RandIP – Network Mapper Features:

• HTTP and HTTPS enumeration
• Python enumeration exploits
• SSH enumeration exploits
• Logger and error-code handler
• SSH and Telnet Timeouts to prevent blocking
• SSH Enumerations work in tandem.

Source: RandIP – Network Mapper To Find Servers

FireEye publishes the first part of a series about analysing Windows 10 to uncover the inner workings of malware families using tools like Volatility and Rekall.

Source: Finding Evil in Windows 10 Compressed Memory, Part One: Volatility and Rekall Tools