Highlights and Updates

Spear phishing campaigns—they’re sharper than you think

Tuesday, 3rd December 2019

Even yourmost security-savvy users may have difficulty identifying honed spear phishingcampaigns. Unlike traditional phishing campaigns that are blasted to a largeemail list in hopes that just one person will bite, advanced spear phishingcampaigns are highly targeted and personal. They are so targeted, in fact, thatwe sometimes refer to them as “laser” phishing. And because these attacks areso focused, even tech-savvy executives and other senior managers have beenduped into handing over money and sensitive files by a well-targeted email.That’s how good they are. Read More


New Unpatched Strandhogg Android Vulnerability Actively Exploited in the Wild

Tuesday, 3rd December 2019

Cybersecurityresearchers have discovered a new unpatched vulnerability in the Androidoperating system that dozens of malicious mobile apps are already exploiting inthe wild to steal users' banking and other login credentials and spy on theiractivities.

Dubbed Strandhogg, thevulnerability resides in the multitasking feature of Android that can beexploited by a malicious app installed on a device to masquerade as any otherapp on it, including any privileged system app.

In other words, when a user taps the icon of alegitimate app, the malware exploiting the Strandhogg vulnerability canintercept and hijack this task to display a fake interface to the user insteadof launching the legitimate application. 
Read More

Dexphot Malware Hijacked 80K+ Devices to Mine Cryptocurrency

Friday, 29th November 2019

A cryptomining malware has infected at least 80k devicesand uses various tactics to evade detection. Microsoft is warning of malware,Dexphot, that has infected more than 80,000 machines, sucking up their CPUpower in order to mine cryptocurrency.

Researchers first discoveredDexphot in October 2018 and saw its activity peak during July. They said thatthe malware has a complex attack chain and also uses various methods to outwitdetection efforts, including an obfuscated script designed to check for antivirusproducts, and regularly-scheduled malware updatesRead More

Linux Webmin Servers Under Attack by Roboto P2P Botnet

Friday, 22nd November 2019

A newly-discovered peer-to-peer (P2P) botnet has beenfound targeting a remote code execution vulnerability in Linux Webmin servers.Vulnerable Linux Webmin serversare under active attack by a newly-discovered peer-to-peer (P2P) botnet, dubbedRoboto by researchers.

The botnet is targeting a remotecode-execution vulnerability (CVE-2019-15107) in Webmin, a web-based system configurationtool for Linux servers. CVE-2019-15107 was previously patched on Aug. 17 andcan be mitigated by updating to Webmin 1.930, said researchers with NetLab 360.

Read More

International Telecommunication Union (ITU) is organizing the Fifth ITU-ALERT - Applied learning for Emergency Response Teams (ALERT) international cyber drill for Africa Region, from 18th – 21st November 2019, Kampala Uganda

Monday, 18th November 2019

International Telecommunication Union (ITU)is organizing the Fifth ITU-ALERT - Applied learning for Emergency ResponseTeams (ALERT) international cyber drill for Africa Region, from 18th – 21stNovember 2019 that will be held in Kampala, Uganda, at the kind invitation ofUganda Communications Commission.

This event will be organized by theTelecommunication Development Bureau (BDT) of the InternationalTelecommunication Union (ITU), and hosted by Uganda Communications commission. Read More

Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks

Wednesday, 13th November 2019
The popular e-commerce platform Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability.

Microsoft Patches IE Zero-Day Among 74 Vulnerabilities

Wednesday, 13th November 2019

The November Patch Tuesday update fixed 13 critical flaws, including a zero-day bug in Internet Explorer.

Patch Tuesday is back once again, bringing with it 74 security fixes, 61 of which are classified as Important and 13 as Critical, including one Internet Explorer bug under active attack.

Microsoft today released fixes for CVEs across Windows, Internet Explorer, Microsoft Edge, Office and Office 365, ChakraCore, Exchange Server, Open Source Software, and Visual Studio.

Google Releases Security Updates for Chrome

Thursday, 31st October 2019

Google has released Chromeversion 78.0.3904.87 for Windows, Mac, and Linux. This version addressesvulnerabilities that an attacker could exploit to take control of an affectedsystem. One of these vulnerabilities (CVE-2019-13720) was detected in exploitsin the wild.

We encourage users andadministrators to review the Chrome Release and apply the necessary updates.

 

Apple Releases Security Updates

Tuesday, 29th October 2019

Apple has released securityupdates to address vulnerabilities in multiple products. An attacker couldexploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and InfrastructureSecurity Agency (CISA) encourages users and administrators to review the Applesecurity pages for the following products and apply the necessary updates:

  • iTunes 12.10.2 for Windows
  • iCloud for Windows 11.0
  • iCloud for Windows 7.15
  • macOS Catalina 10.15.1 formacOS Catalina 10.15, Security Update 2019-001, and Security Update 2019-006
  • watchOS 6.1 for Apple Watch
  • watchOS 5.3.3
  • Safari 13.0.3
  • iOS 13.2 and iPadOS 13.2
  • iOS 12.4.3

Samba Releases Security Updates

Tuesday, 29th October 2019

The Samba Team has released security updates toaddress vulnerabilities in multiple versions of Samba. An attacker couldexploit some of these vulnerabilities to obtain sensitive information.

We encourage users and administrators toreview the Samba Security Announcements for CVE-2019-10218, CVE-2019-14833, andCVE-2019-14847 and apply the necessary updates and workarounds.