Firewall Hardening Checklist This checklist should be used to audit a firewall. This checklist does not provide vendor specific security considerations but rather attempts to provide a generic listing of security considerations to be used when auditing a firewall.Only technical aspects of security are addressed in this checklist. Manual elements like physical protection for the firewall server is not considered. ...
Read More »Author Archives: firewallsadmin
Click Rates in Phishing Simulations = Major Cybersecurity Risks
A recent study found that healthcare organizations are most susceptible to phishing attempts, with employees clicking one in seven simulated emails sent. The research report, Assessment of Employee Susceptibility to Phishing Attacks at U.S. Healthcare Facilities, reveals current click rates in phishing simulations at U.S. healthcare organizations indicate a major cybersecurity risk. Under simulation, a large number of employees clicked on ...
Read More »Ransomware attack hits Cleveland Airport crippling email services and information screens
A ransomware attack hit Cleveland Hopkins International Airport disabling information screens displaying in-airport flight arrivals, departures and baggage claims. The City of Cleveland calls this attack as an isolated technical issue that has impacted a limited number of systems. What is the issue – On April 22, 2019, a ransomware attack hit Cleveland Hopkins Internation Airport disabling information screens that display ...
Read More »New Emotet trojan variant uses different POST-infection traffic to infect users
The malware variant is tracked as Trojan.W97M.POWLOAD and spreads via phishing emails. The email contains a malicious ZIP file, which if opened, results in the download of the malware. A new variant of Emotet trojan that leverages a new POST-infection traffic technique has been discovered recently. The malware variant is tracked as Trojan.W97M.POWLOAD and spreads via phishing emails. How does ...
Read More »New SMBdoor malware include characteristics of Double Pulsar and DarkPulsar exploit kits
The malware has been created with a purpose to help academicians in their research. The source code of the malware is neither weaponized for cybercrime nor released on GitHub. Two leaked NSA exploit kits have been used to create a malware named SMBdoor. The malware’s characteristics are similar to that of DoublePulsar and DarkPulsar. What’s the matter – SMBdoor is ...
Read More »Context-aware phishing campaign delivers Qbot trojan
A context-aware phishing email that includes a link to an online document is sent to the target. The phishing emails are disguised as delivery emails which are replies to existing email threads. What is the issue – A phishing campaign disguised as delivery emails which are replies to existing email threads, delivers the Qbot trojan. The big picture JASK SpecOps security ...
Read More »Drive-by download attack leveraged to deliver LoadPCBanker trojan through Google Sites
The malware is used against victims who speak Portuguese or English. The attack begins with victims receiving phishing emails about a hotel reservation or confirmation. Cybercriminals are deploying a banking trojan using the file cabinet template built into the Google Sites platform. The malware, dubbed as LoadPCBanker, is used against victims who speak Portuguese or English. How is the trojan ...
Read More »DNSpionage campaign drops new .NET-based Karkoff malware to infect victims’ systems
The malware is delivered via an Excel document that contains malicious macros. The spear phishing messages are sent to the specific targets chosen by the threat actor group. Researchers at Cisco Talos detected a DNSpionage malware campaign in late 2018. It is believed that the same threat actor group has changed its tactics over time to improve the efficacy of ...
Read More »Source code of Carbanak backdoor trojan was available on VirusTotal for almost 2 years
FireEye researchers detected two RAR archives uploaded on the VirusTotal malware scanning portal that contained Carbanak’s source code, builders, and other tools. Carbanak source code was 20MB in size and consisted of 755 files, 39 binaries, and over 100,000 lines of code. Security researchers from FireEye have uncovered the source code of the ‘Carbanak’ backdoor trojan that has been available ...
Read More »‘Wi-Fi Finder’ app exposes 2 million network passwords due to an unprotected database
The security lapse allowed anyone to access the database and steal other customers’ Wi-Fi network passwords. It is believed that tens of thousands of exposed Wi-Fi passwords are for networks in the US. ‘Wi-Fi Finder’, a popular hotspot finder app, has exposed nearly 2 million network passwords due to an unprotected database. The security lapse allowed anyone to sneak into ...
Read More »