Hi folks! You may find below the latest news about global incidents, threats and attacks handpicked by our super XM Cyber team of experts.
ZDNet – Mysterious Iranian group is hacking into DNA sequencers
June 14
Web-based DNA sequencer applications are under attack from a mysterious hacker group using a still-unpatched zero-day to take control of targeted devices. The attacks have started two days ago, on June 12, and are still going on, according to Ankit Anubhav, a security researcher with NewSky Security, who shared his findings with ZDNet. [More]
TachawulTech – Palo Alto Networks discovers vulnerabilities in Adobe applications
June 13
Palo Alto Networks Unit 42 threat researchers have discovered vulnerabilities in Adobe applications such as Acrobat and Reader as well as Foxit Reader. The research found 28 new vulnerabilities addressed by the Adobe PSIRT as part of their May Adobe Security Bulletin APSB19-18 and five Foxit Reader vulnerabilities addressed by Foxit Software as part of their recent security update releases. [More]
ZDNet – Ransomware halts production for days at major airplane parts manufacturer
June 12
ASCO, one of the world’s largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium. Nearly 1,000 employees sent home for the entire week, on paid leave. [More]
Forbes – New Security Warning Issued For Google’s 1.5 Billion Gmail And Calendar Users
June 11
Google’s Gmail email service is used by upwards of 1.5 billion people. The Google Calendar app, meanwhile, has been downloaded more than a billion times from the Play Store. Security researchers have this week warned that threat actors are exploiting the popularity of both in order to target users with a credential-stealing attack. [More]
Bleeping Computer – Microsoft NTLM Flaws Expose All Windows Machines to RCE Attacks
June 11
Two critical vulnerabilities in Microsoft’s NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version. [More]
Preempt Security – Critical Vulnerabilities in NTLM Allow Remote Code Execution and Cloud Resources Compromise
June 11
On June 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1040 and CVE-2019-1019, two vulnerabilities discovered by Preempt researchers. The critical vulnerabilities consist of three logical flaws in NTLM (Microsoft’s proprietary authentication protocol). Preempt researchers were able to bypass all major NTLM protection mechanisms. [More]