News

A malicious campaign that waged 13 attacks against hundreds of well-known publishers has been identified and put down by The Media Trust.  Rather appropriately for the Halloween season, the malware was given the name GhostCat-3PC by researchers in the Trust's Digital Security & Operations (DSO) team.  GhostCat-3PC ran behind an ad that used advanced, obfuscated code and delivery patterns to evade detection by the traditional signature-based ad blockers used by many of the publishers. After a quick prowl...

Attackers are using an obfuscated version of Adwind Remote Access Trojan for stealing data, Netskope says. An unknown threat actor is targeting companies in the US petroleum industry with a sophisticated data-stealing remote access Trojan (RAT) that previously had been used in attacks against retail and hospitality organizations. Netskope says it observed a recent spike in alerts for the malware family — the Adwind RAT — among its customers operating within the petroleum industry. Source:...

Ten hospitals—three in Alabama and seven in Australia—have been hit with paralyzing ransomware attacks that are affecting their ability to take new patients, it was widely reported on Tuesday. All three hospitals that make up the DCH Health System in Alabama were closed to new patients on Tuesday as officials there coped with an attack that paralyzed the health network's computer system. The hospitals—DCH Regional Medical Center in Tuscaloosa, Northport Medical Center, and Fayette Medical...

Account data belonging to more than half of all Comodo Forums users has been stolen and is now traded online. The breach was possible by exploiting a vulnerability in the software that powers the forum. Comodo today published a security notice informing users that an intruder may have gained access to the forums database. "Very recently a new vulnerability in the vBulletin software, which is one of the most popular server applications for website comments including...

Security software and services company BlackBerry Limited has announced the launch BlackBerry Advanced Technology Development Labs (BlackBerry Labs), a new business unit operating at the forefront of research and development in the cybersecurity space. The Labs will be led by CTO Charles Eagan and will include a team of over 120 software developers, architects, researchers, product leads and security experts working to identify, explore and create new technologies to ensure BlackBerry is on the cutting edge of...

Motorists traveling through a Detroit suburb were stunned to see a pornographic video playing on an electronic billboard. Auburn Hills police say the video played on the billboard along Interstate 75 in Oakland County for about 30 minutes Saturday night before the images were removed. Many people called 911. Chuck McMahon says he saw the video and wondered if the billboard was advertising for a strip club. Source: News 18

n independent researcher who goes by the Twitter handle axi0mX has discovered and published an iOS jailbreak exploit that applies to hundreds of millions of devices and cannot be patched. Named checkm8, the exploit leverages a race condition vulnerability found in the bootrom, a read-only memory chip that contains the first code that initially loads whenever a user starts the system. This code cannot be altered, and so any flaw found within it is effectively permanent. Source: SC Magazine

The same attacker was reportedly behind the Collection #1 and Collection #2 data dumps earlier this year. A cybercriminal operating under the alias Gnosticplayers has broken into the Words with Friends database and gained access to 218 million player records, The Hacker News reports. The popular puzzle game is owned by Zynga, one of the biggest names in the social gaming market with other well-known offerings, including FarmVille, Mafia Wars, and Zynga Poker. Zynga issued...

Mitek (NASDAQ: MITK, www.miteksystems.com) has today announced that Ajax Amsterdam, one of Europe's premier football clubs, will be using Mitek's Mobile Verify® with Face Comparison solution to improve online experience and bolster security for fans.  Putting fan enjoyment and safety at the heart of everything they do, Ajax is committed to verifying the identities of ticket buyers. The hurdles, complying with GDPR while maintaining paper copies of fans' ID documents, was becoming an unachievable task.  The...

This week a zero-day vBulletin remote code execution vulnerability and exploit was publicly disclosed and is being used by bad actors to attack vBulletin forums. Cloudflare has now created a special rule that will prevent this exploit from working on vBulletin sites behind Cloudflare's service. Remote code execution vulnerabilities are the most critical as they allow attackers to execute commands, take over a site, install malware, or even distribute malware from a victim's computer and web site.  Since...