Spammers Smuggle LokiBot Via URL Obfuscation Tactic
Researchers say that the campaign sidesteps end user detection and security solutions. Continue reading Spammers Smuggle LokiBot Via URL Obfuscation Tactic
Category Archives: TrustWave
Trustwave Fusion platform now also hosted on Amazon Web Services GovCloud
Trustwave announced the Trustwave Fusion platform is now also hosted on Amazon Web Services (AWS) GovCloud, providing U.S. government agencies and suppliers threat detection and response services to help address the constantly shifting threat landscape… Continue reading Trustwave Fusion platform now also hosted on Amazon Web Services GovCloud
Microsoft Teams Patch Bypass Allows RCE
An attacker can hide amidst legitimate traffic in the application’s update function. Continue reading Microsoft Teams Patch Bypass Allows RCE
ASUS Home Router Bugs Open Consumers to Snooping Attacks
The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router. Continue reading ASUS Home Router Bugs Open Consumers to Snooping Attacks
Chinese banks require clients to use tax programs laced with backdoors, report says
When a Chinese bank asked a new client to use a specific kind of tax software as a condition of doing business, the company didn’t know that the tax technology came with a backdoor that would give hackers a new way in, according to research from Trustwave. The Chinese bank had told the U.K.-based defense contractor that the Chinese government required firms to use that specific software tool to pay local taxes. However, findings published Tuesday by the security vendor Trustwave spotlight how the tax software’s developer has relied on a number of subcontractors to build software flaws into other software tools for years. The programs are required to be used through the Chinese government’s Chinese Golden Tax Project, a tax system launched in the 1990s meant to streamline tax administration, according to Trustwave. The security company did not identify the Chinese bank nor the U.K.-based defense contractor. The revelation that Beijing mandates […]
The post Chinese banks require clients to use tax programs laced with backdoors, report says appeared first on CyberScoop.
Continue reading Chinese banks require clients to use tax programs laced with backdoors, report says
Using Cisco Webex for your video conferencing needs? Go patch!
Cisco has released security updates for Cisco Webex Meetings and Cisco Webex Meetings Server that fix several remotely exploitable vulnerabilities, as well as one less severe one that could allow hackers to gain access to a target’s Webex account… Continue reading Using Cisco Webex for your video conferencing needs? Go patch!
Crooks Tap Google Firebase in Fresh Phishing Tactic
Cybercriminals are taking advantage of the Google name and the cloud to convince victims into handing over their login details. Continue reading Crooks Tap Google Firebase in Fresh Phishing Tactic
New infosec products of the week: April 24, 2020
Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture Trustwave Security Colony is based on thousands of hours of actual consulting projects helping organizations implement new information security programs a… Continue reading New infosec products of the week: April 24, 2020
Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture
Trustwave expanded the reach of its unique cybersecurity collaboration platform, which leverages sourced knowledge from a global community of organizations to help others solve pressing cybersecurity challenges, beyond its birthplace of Australia. Thro… Continue reading Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture
Hackers Update Age-Old Excel 4.0 Macro Attack
XLS files sent via emails appear password protected but aren’t, opening automatically to install malware from compromised macros, according to researchers. Continue reading Hackers Update Age-Old Excel 4.0 Macro Attack