Our selection of recent infosec articles from around the web. Remote access Trojans abound and new TP-Link router vulnerabilities (should) serve as a reminder for all of us to check our own equipment.
For more articles, check out our #onpatrol4malware blog.
Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
Source: Cisco Talos
Cisco Talos is disclosing multiple vulnerabilities in the TP-Link TL-R600VPN router. TP-Link produces a number of different types of small and home office (SOHO) routers. Talos discovered several bugs in this particular router model that could lead to remote code execution. Read more.
Phishing attacks: Why is email still such an easy target for hackers?
Source: ZDNet
Email is incredibly useful, which is why we all still use it. But chief among its downsides (along with getting caught in a group-cc’d message hell) is that email remains one of the most common routes for hackers to attack businesses. Read more.
This remote access trojan just popped up on malware’s most wanted list
Source: ZDNet
While cryptomining malware currently reigns supreme as the most prolific form of malicious software distributed by cyber criminals, a remote access trojan has entered the top ten most prolific malware threats for the first time — and it’s a particularly dangerous family. Read more.
New Modular tRat Remote Access Trojan Surfaced During September
Source: Softpedia
TA new Delphi-based modular Remote Access Trojan dubbed tRat was spotted by Proofpoint’s research team while being distributed during September and October 2018 spam campaigns by the TA505 threat group. Read more.
Container Malware: Miners Go Docker Hunting In The Cloud
Source: Juniper Networks
The advent of microservices has led to us witnessing containers take the cloud by storm. But, this boom in the container-cloud relationship is exposing security issues that are inviting malware into the party as well. Read more.
6 security concerns to consider when automating your business
Source: Malwarebytes
Automation is an increasingly-enticing option for businesses, especially when those in operations are in a perpetual cycle of “too much to do and not enough time to do it.” Read more.