securityXspace: a blog about cyber-philosophy.

Enlarge / Iran’s hacking groups are scaling up, hitting Saudi companies and other organizations, according to a Recorded Future report. (credit: Getty Images ) A new report from the threat research firm Recorded Future finds that activity from APT33—the Iranian “threat group” previously tied to the Shamoon wiper attack and other Iranian cyber-espionage and destructive…

Key Takeaways: – A new UDP reflection/amplification DDoS vector is observed in the wild. – The surprising nature of the abusable reflectors/amplifiers. – Recommended DDoS Defense and Best Current Practices (BCPs) for ARMS. Source: A Call to ARMS: Apple Remote Management Service UDP Reflection/Amplification DDoS Attacks

Elastic, the company behind Elasticsearch and the Elastic Stack, announced the arrival of Elastic SIEM. The initial launch of Elastic SIEM introduces a new set of data integrations for security use cases, and a new dedicated app in Kibana that lets security practitioners investigate and triage common host and network security workflows in a more…

Maintainers of the world’s most popular open source media player, VLC, has issued the biggest single set of security fixes in the program’s history. Source: VLC media player gets biggest security update ever

Exploitpedia.org :

The Prince of Darkness is now wreaking havoc on computers running Windows. Like other ransomware, hackers gain control of computers and servers and won’t release them until a ransom is paid. Experts discovered the new malicious ransomware, dubbed LooCipher, as services in various cities have been paralyzed by other ransomware programs. Source: Alert! New malicious…

Security experts warn of a new piece of the Silex malware that is bricking thousands of IoT devices, and the situation could rapidly go worse. Akamai researcher Larry Cashdollar discovered a new piece of the Silex malware that is bricking thousands of devices, over 2,000 devices have been bricked in a few hours and the…

AWS Security Hub gives customers a central place to manage security and compliance across an AWS environment. It aggregates, organizes, and prioritizes security alerts – called findings – from AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, and from a large and growing list of AWS Partner Network (APN) solutions. Source: AWS…

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 14 and June 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are…

by Moony Li and Lilang Wu (Threats Analysts) We discovered a double free vulnerability (assigned as CVE-2019-8635 ) in macOS. The vulnerability is caused by a memory corruption flaw in the AMD component. If successfully exploited, an attacker can implement privilege escalation and execute malicious code on the system with root privileges. Source: CVE-2019-8635: Double…