BlazeGuard | Cybersecurity Newsroom

28 Nov

Microsoft Office Bug Remains Top Malware Delivery Vector

CVE-2017-11882 has been attackers' favorite malware delivery mechanism throughout the second and third quarters of 2019. The third quarter of 2019 brought the rise of keylogger Agent Tesla, the decline of phishing-delivered ransomware-as-a-service (RaaS), and attackers' continued preference for exploiting the CVE-2017-11882 Microsoft Office vulnerability to deliver phishing campaigns. Emotet began to surge toward the end of last quarter, according to Cofense's Q3 2019 Malware Trends Report,...

27 Nov

Widespread exploitation of vulnerable systems via Emotet malware

in Cyber Security, Cybersecurity

Comments

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is investigating a widespread malware campaign known as Emotet. Emotet is a Trojan virus delivered via emails sent with malicious attachments. Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge. Email users should always exercise...

17 Nov

New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices

in Cyber Security, Cybersecurity

Comments

The recent controversies surrounding the WhatsApp hacking haven't yet settled, and the world's most popular messaging platform could be in the choppy waters once again. The Hacker News has learned that last month WhatsApp quietly patched yet another critical vulnerability in its app that could have allowed attackers to remotely compromise targeted devices and potentially steal secured chat messages and files stored on them. The vulnerability — tracked...

23 Oct

Compliance mandates, cybersecurity best practices dominate 2019 security priorities

in Cyber Security, Cybersecurity

Comments

The security landscape is never static. Smarter cybercriminals, evolving malware, more regulations and higher financial and national security stakes force organizations and their security teams to constantly adjust priorities. The IDG 2019 Security Priorities Study, released at the end of July 2019, helps to define how those priorities are changing for the next 12 months. The study is based on a survey of 528 security professionals...

23 Oct

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

in Cyber Security, Cybersecurity

Comments

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue affects reverse proxy cache systems like Varnish and some widely-used Content Distribution Networks (CDNs) services, including Amazon CloudFront, Cloudflare, Fastly,...

23 Oct

About 50% of Apps Are Accruing Unaddressed Vulnerabilities

in Cyber Security, Cybersecurity

Comments

In rush to fix newly discovered security issues, developers are neglecting to address older ones, Veracode study finds. The latest edition of Veracode's annual "State of Software Security" study released this week shows that many enterprise organizations are at increased breach risk because of aging, unaddressed application security flaws. Veracode recently analyzed data from application security tests on more than 85,000 applications and found that, on average,...

Newsroom (Archive)

Microsoft Office Bug Remains Top Malware Delivery Vector

Widespread exploitation of vulnerable systems via Emotet malware

New WhatsApp Bug Could Have Let Hackers Secretly Install Spyware On Your Devices

Compliance mandates, cybersecurity best practices dominate 2019 security priorities

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

About 50% of Apps Are Accruing Unaddressed Vulnerabilities

Navigation

Connect with us on social