+971 4 254 1982
sales@securepoint.ae

Author: securepoint

A recent out-of-band patch from Microsoft resolves a vulnerability in how of Windows 10 and Server 2019 handle decompression in the file sharing protocol SMBv3. According to Microsoft, a successful exploit of this vulnerability by an attacker could enable remote code execution over a network using SMB. More specifically, an unauthenticated attacker could send a crafted message to a server and take over the server. The attacker...

Read More

Linux 4.13 won’t be delayed – Linus Torvalds   Linus Torvalds has released the latest Release Candidate development snapshot of the Linux 4.13 kernel series, Softpedia reported.   The release of RC5 coincided with Torvalds stating that the Linux 4.13 kernel series should not suffer any delays.   “As for the changes implemented in Linux kernel 4.13 RC5, we’re looking at the patch containing about 40% updated drivers, just under 40%...

Read More

Some experts worry that the dark web is becoming too commercial, making it easier than ever to hire hackers   Cyber-criminals are becoming more efficient and organized online. The dark web, a term that means the parts of the Internet that require specific software, configurations or authorization to access and often sell illegal goods and services, is evolving into a full-fledged business. This underground criminal-lead market now...

Read More

Cloud-based services have revolutionized cyber security. Repeatedly, cloud providers have demonstrated that their systems can outcompete onsite solutions in terms of effectiveness, efficiency, and security. Indeed, the cloud makes it possible to easily and safely outsource certain aspects of a company’s IT systems to a capable cloud provider. In addition, cloud-based services are less resource intensive for the client company and can therefore be an...

Read More

Fileless malware seems to be rearing its head. So how do you protect your organization against attacks that have no files to scan?   Executing attacks in memory rather than through executable files seems to be coming back strongly. Last year saw some visible attacks e.g. against several banks with this technique, which as such is nothing new, but has now made a comeback.   The term ‘fileless’ is...

Read More

The Necurs botnet has learned a new trick. Instead of spewing spam delivering Locky ransomware, the notorious botnet is now capable of launching DDoS attacks.   According to BitSight’s Anubis Labs, the malware was modified in September to include a module that adds DDoS capabilities and new proxy command-and-control communication functions. Necurs is the malware that makes up the botnet that goes by the same name and is currently...

Read More

Ransomware generated an estimated $200 million for attackers during the first quarter of 2016, and the researchers believe it’s only a matter of time before critical industrial systems are compromised and held for ransom. Cybersecurity have developed a new form of ransomware that was able to take over control of a simulated water treatment plant. After gaining access, the researchers were able to command programmable...

Read More

For now, it’s just a lab experiment, but the researchers behind the first industrial control system ransomware believe it’s just a matter of time before criminals take note.   Imagine a group of hackers was able to infect the tiny computers that control critical infrastructure, such as power plants or water treatment facilities, also known as Programmable Logic Controllers or PLCs. The hackers could then lock these...

Read More

Phishing is more than just the obvious scams you find in your spam folder. Reliable security solutions are a big help. They can certainly cut down on the classic “spam and scam” threats. And even if something does get through, surely everyone knows that poorly written emails asking for your bank account info or passwords are scams. Right?     If phishing were that simple, it would be extinct. But...

Read More

With less than two weeks to go until 2017, we’ve taken a look back at the past year in cyber security. In this post we discuss lessons learned from 2016, and what these developments mean for security professionals and the whole industry in 2017.   In short, what we’re seeing is that cyber security never stops. And it is exactly what makes cyber security so endlessly interesting and ruthlessly...

Read More