Weekly Security Summary Around The World

October 22, 2017 Arrunadayy Koul 1 comment

Do not have time to read full article and want this article in PDF format in your email.

Enter your Email Address

The story of this week is about the Krack vulnerability which was discovered by security researchers and potentially impacting almost every Wi-Fi enabled device.

Here are some of the other cyber security stories of the week that you’ll find in this weekly roundup:

1. Adobe Patches Flash Zero Day Exploited by Black Oasis APT

Adobe released a Flash Player update addressing a zero-day vulnerability that has been exploited by a little-known Middle Eastern APT group, Black Oasis. This vulnerability, CVE-2017-11292, was initially discovered by researchers at Kaspersky Lab, who saw the payload and exploit used against a customer’s network.

2Almost Half of Non-IT and Data Pros Don’t Understand Blockchain

According to a recent survey, more than 40 per cent of non-IT/data senior executives admit to not fully understanding blockchain technology, while over half of businesses sampled are planning blockchain initiatives.

3. KRACK Vulnerability: What You Need To Know

Earlier this week, security researchers announced a newly discovered vulnerability called KRACK, which affects several common security protocols for Wi-Fi, including WPA (Wireless Protected Access) and WPA2. It’s a critical vulnerability that it potentially affects billions of devices, many of which are hard to patch and will remain vulnerable for a long time.

4ATM Malware Available Online for Only $5,000

Researchers have discovered malware crafted to compromise ATMs available for sale on the Dark Web at a high price. Anyone can buy such malware for only $5000 through darknet markets.

5US-CERT Study Predicts Machine Learning, Transport Systems to Become Security Risks

The Carnegie-Mellon University’s Software Engineering Institute has nominated transport systems, machine learning, and smart robots as needing better cyber-security risk and threat analysis. This is part of the Emerging Technology Domains Risk Survey, a project it has handled for the US Department of Homeland Security’s US-CERT since 2015.

6. Oracle Fixes 20 Remotely Exploitable Java SE Vulns

In its patch availability announcement, Oracle released security patches to their systems for another 252 vulnerabilities across products including Oracle Database Server and Java SE.

7Millions Download Botnet-Building Malware From Google Play

Researchers have discovered a new batch of malicious apps on Google Play, some of which have been downloaded and installed on some 2.6 million devices.

8.Questions About the Massive South African “Master Deeds” Data Breach Answered

The cyber security expert, Troy Hunt, discovered 27GB file called “masterdeeds.sql” which was a MySQL database backup files containing a wide range of sensitive information about South African citizens such as: ID numbers, personal income, age, employment history, company directorships, occupation, employer and other personal data. Troy explains on his blog everything he knows about this massive data breach.

9.New Locky Ransomware Strain

There is a new Locky ransomware strain out there that goes by the .asasin extension and is collecting information on users’ computer operating system and IP address.

10.University of Kansas Student Used Keylogger to Change Grades

University of Kansas was victim of a data breach after an engineering student used a keylogger to change his failing grades to straight A’s, after stealing their login credentials to the grading platform.

If you liked this post, you might enjoy our newsletter. Receive new articles directly in your inbox:

Yes I agree to receive emails from Defenx Solution

Subscribe our Youtube Channel

1 Comment on “Weekly Security Summary Around The World

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.