Elastic SIEM: Speed, scale, and analytical power drive your security operations and threat hunting

Elastic, the company behind Elasticsearch and the Elastic Stack, announced the arrival of Elastic SIEM. The initial launch of Elastic SIEM introduces a new set of data integrations for security use cases, and a new dedicated app in Kibana that lets security practitioners investigate and triage common host and network security workflows in a more streamlined way.

Source: Elastic SIEM: Speed, scale, and analytical power drive your security operations and threat hunting

Advertisements

VLC media player gets biggest security update ever

Maintainers of the world’s most popular open source media player, VLC, has issued the biggest single set of security fixes in the program’s history.

Source: VLC media player gets biggest security update ever

Alert! New malicious ransomware that’s evil is spreading

The Prince of Darkness is now wreaking havoc on computers running Windows. Like other ransomware, hackers gain control of computers and servers and won’t release them until a ransom is paid. Experts discovered the new malicious ransomware, dubbed LooCipher, as services in various cities have been paralyzed by other ransomware programs.

Source: Alert! New malicious ransomware that’s evil is spreading

Silex malware bricks thousands of IoT devices in a few hours

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Akamai researcher Larry Cashdollar discovered a new piece of the Silex malware that is bricking thousands of devices, over 2,000 devices have been bricked in a few hours and the expert is continuing to see new infections.

Source: Silex malware bricks thousands of IoT devices in a few hours

AWS Security Hub aggregates security alerts and conducts continuous compliance checks

AWS Security Hub gives customers a central place to manage security and compliance across an AWS environment. It aggregates, organizes, and prioritizes security alerts – called findings – from AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, and from a large and growing list of AWS Partner Network (APN) solutions.

Source: AWS Security Hub aggregates security alerts and conducts continuous compliance checks

Threat Roundup for June 14 to June 21

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 14 and June 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

Source: Threat Roundup for June 14 to June 21

CVE-2019-8635: Double Free Vulnerability in Apple macOS Lets Attackers Escalate System Privileges and Execute Arbitrary Code

by Moony Li and Lilang Wu (Threats Analysts) We discovered a double free vulnerability (assigned as CVE-2019-8635 ) in macOS. The vulnerability is caused by a memory corruption flaw in the AMD component. If successfully exploited, an attacker can implement privilege escalation and execute malicious code on the system with root privileges.

Source: CVE-2019-8635: Double Free Vulnerability in Apple macOS Lets Attackers Escalate System Privileges and Execute Arbitrary Code

Security Flaw in Pre-Installed Dell Support Software Affects Million of Computers

Dell’s SupportAssist utility that comes pre-installed on millions of Dell laptops and PCs contains a security vulnerability that could allow malicious software or rogue logged-in users to escalate their privileges to administrator-level and access sensitive information.

Source: Security Flaw in Pre-Installed Dell Support Software Affects Million of Computers