Mike Mimoso and Chris Brook discuss the news of the week, including the back and forth around whether or not TeamViewer was hacked, the fallout around the years-old MySpace and Tumblr breaches, and a 90K Windows zero day.
Tag Archives: TrustWave
Casino Sues Cyber Security Company Over Failure to Stop Hackers
IT security firm Trustwave has been sued by a Las Vegas-based casino operator for conducting an allegedly “woefully inadequate” investigation following a network breach of the casino operator’s system.
Affinity Gaming, an operator of 5 casinos in Nevada and 6 elsewhere in the United States, has questioned Trustwave’s investigation for failing to shut down breach that directly resulted in
Attackers Targeting Unpatched Joomla Sites Through SQL Injection Vulnerability
Attackers have been carrying out attacks on sites running old, unpatched versions of Joomla following the disclosure of a critical SQL injection vulnerability in the software last week
Joomla Update Patches Critical SQL Injection Vulnerability
Joomla released a new version of its CMS Thursday, 3,4,5, that addresses a critical SQL injection vulnerability that could have let attackers gain access to data in the backend of any site running the platform.
Updated Rig Exploit Kit Closing in on 1 Million Victims
A new version of the Rig Exploit Kit is fueling a malware campaign that has already claimed close to one million victims.
RubyGems Patches Serious Redirection Vulnerability
RubyGems maintainers patched a vulnerability, reported by Trustwave and OpenDNS, that allows RubyGem clients to be redirected to an attacker-controlled gem server.
Dridex Banking Trojan Spreading Via Macros in XML Files
A phishing campaign that spiked this week is pushing the Dridex banking Trojan via malicious macros embedded in XML file attachments.
DDoS Exploit Targets Open Source Rejetto HFS
An automated attack targeting users of the open source Rejetto webserver and file-sharing application tried to inject the IptabLes DDoS tool.
Spat Leads to Partial Leak of Rig Exploit Kit
A reseller of the Rig Exploit Kit has leaked some of the source code behind the pack after parting ways with the kit’s developer. Experts don’t expect a spike in Rig-based attacks.
Flash Zero Days Dominate Exploit Landscape
The recent Flash zero-day vulnerabilities and exploits have uncovered the relatively quiet Hanjuan exploit kit, and further exposed the dangers of malvertising.