Malwarebytes present their quarterly look at the latest and greatest in exploit kits: Exploit kits: summer 2019 review
Organizations are increasingly turning to containers even though they are not as confident in the security of those containers, according to a new survey.
Flaws that allow attackers to bypass the payment limits on Visa contactless cards have been discovered by researchers Leigh-Anne Galloway and Tim Yunusov at Positive Technologies. The attack was tested with five major UK banks, successfully bypassing the UK contactless verification limit of £30 on all tested Visa cards, irrespective of the card terminal.
Wow! A little grounding from the Register, who respond the hysterical headlines about small plane hacking:
PASSENGERS IN PERIL? CRISIS IN THE SKIES? No – but neat ways to frig with your own aircraft An investigation into the computer security of small airplanes, the results of which were made public this week, will be sure to generate some flashy headlines.
Google’s cybersecurity researchers have finally disclosed details and proof-of-concept exploits for 4 out of 5 security vulnerabilities that could allow remote attackers to target Apple iOS devices just by sending a maliciously-crafted message over iMessage.
This sounds scary:
Vulnerabilities in VxWorks’ TCP stack could allow an attacker to execute random code, launch a DoS attack, or use the vulnerable system to attack other devices.
Another week, another massive data breach. Capital One, the fifth-largest U.S. credit-card issuer and banking institution, has recently suffered a data breach exposing the personal information of more than 100 million credit card applicants in the United States and 6 million in Canada.
Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 19 and July 26. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioural characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.
Read more: Threat Roundup for July 19 to July 26
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
RandIP – Network Mapper Features:
- HTTP and HTTPS enumeration
- Python enumeration exploits
- SSH enumeration exploits
- Logger and error-code handler
- SSH and Telnet Timeouts to prevent blocking
- SSH Enumerations work in tandem.
FireEye publishes the first part of a series about analysing Windows 10 to uncover the inner workings of malware families using tools like Volatility and Rekall.