+1.813.321.0987

Off to an active start in 2019, cryptocurrency mining malware is topping lists once again. Read articles about this nuisance and several others in our industry article picks for the first of the year.

For more articles, check out our #onpatrol4malware blog.

malicious Microsoft Office documents

NSA to release its GHIDRA reverse engineering tool for free

Source: The Hacker News

The United States’ National Security Agency (NSA) is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. Read more.

malicious Microsoft Office documents

New tool automates phishing attacks that bypass 2FA

Source: ZDNet

A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA). Read more.

IOT

Report: GitHub hosts the most cryptocurrency mining malware of any site

Source: TNW

Popular online code repository GitHub was recognized to host more of the mining malware than any other site. Read more.

malicious Microsoft Office documents

ICEPick-3PC: A Sophisticated Adware That Collects Data En Masse

Source: ThreatPost

Named ICEPick‐3PC by the Media Trust, the malware is a sophisticated form of adware using rarely seen techniques, according to Mike Bittner, digital security and operations manager at the firm. Read more.

malicious Microsoft Office documents

New Systemd Privilege Escalation Flaws Affect Most Linux Distributions

Source: The Hacker News

Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. Read more.

malicious Microsoft Office documents

Z-WASP attack: hackers used Zero-Width spaces to bypass Office 365 protections

Source: Security Affairs

Phishers are using a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces and deliver malicious messages to recipients. Read more.

malicious Microsoft Office documents

Ransomware attack sends City of Del Rio back to the days of pen and paper

Source: ZDNet

Officials based at the City of Del Rio, in Texas, were forced to abandon electronic services and switch to pen and paper after a ransomware attack effectively closed down City Hall servers. Read more.