securityXspace: a blog about cyber-philosophy.

Within days of Congress repealing online privacy protections , Verizon has announced new plans to install software on customers’ devices to track what apps customers have downloaded. With this spyware, Verizon will be able to sell ads to you across the Internet based on things like which bank you use and whether you’ve downloaded a…

Washington Times Hillary Clinton, campaign staff targeted by Russian hackers during election: Researcher Washington Times Russia’s military intelligence agency, GRU, targeted at least 109 Clinton campaign staffers during a month-long hacking spree waged prior to last year’s presidential election, in addition to Mrs. Source: Hillary Clinton, campaign staff targeted by Russian hackers during election: Researcher

Microsoft Internet Information Services (IIS) 6.0 sports a zero-day vulnerability (CVE-2017-7269) that was exploited in the wild last summer and is likely also being exploited by threat actors at this very moment. It is a buffer overflow flaw in a function in the WebDAV service in IIS 6.0 in Microsoft Windows Server 2003 R2, and…

The source code for a new banking Trojan dubbed Nuclear Bot was leaked online, experts speculate a rapid diffusion of the threat in the wild. The source code for a new banking Trojan, dubbed Nuclear Bot, is available for sale in the cyber criminal underground .The Nuclear Bot banking Trojan first appeared in the cybercrime…

A new Mirai variant was discovered in the wild, being used to launch a 54-hour DDoS attack against a US college. Although researchers over at Incapsula spotted the attack as it happened, they’re only just reporting on it. It seems that the attack started on February 28 and ran for 54 hours straight,…. Source: New…

Microsoft Internet Information Services (IIS) 6.0 is vulnerable to a zero-day Buffer Overflow vulnerability ( CVE-2017-7269 ) due to an improper validation of an ‘IF’ header in a PROPFIND request. A remote attacker could exploit this vulnerability in the IIS WebDAV Component with a crafted request using PROPFIND method. Source: IIS 6.0 Vulnerability Leads to…

Researchers find booming underground market for stolen and fake email credentials from the 300 largest universities in the US. Source: Millions of Stolen US University Email Credentials for Sale on the Dark Web

A security researcher has disclosed critical issues in the processes and third-party API used by Symantec certificate resellers to deliver and manage Symantec SSL certificates. The flaw, discovered by Chris Byrne, an information security consultant and instructor for Cloud Harmonics, could allow an unauthenticated attacker to retrieve other persons’ SSL certificates, including public and Source:…

A malicious bot called GiftGhostBot is seeking to compromise gift cards purchased and activated by consumers across nearly 1,000 websites. David Bisson reports. Source: GiftGhostBot – the malicious bot attempting to compromise gift cards across 1,000 websites

Mandiant has observed Russian nation-state attackers APT29 employing domain fronting techniques for stealthy backdoor access to victim environments for at least two years. There has been considerable discussion about domain fronting following the release of a paper detailing these techniques . Source: APT29 Domain Fronting With TOR