Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Larry Loeb

Content posted in October 2019
Chinese-Linked APT41 Can Read Your Texts
Larry Loeb  |  10/31/2019  | 
New malware family is designed to have the ability to monitor as well as save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft.
Xhelper Will Be Back Whether You Want It or Not
Larry Loeb  |  10/30/2019  | 
Researcher says that this Trojan dropper variant of the original Android malware has infected more than 45,000 Android devices over the last six months.
Endpoints Fail Predictably: Absolute
Larry Loeb  |  10/29/2019  | 
A security firm based in Vancouver, Canada, has issued a disturbing 2019 Endpoint Security Trends Report that finds security spending not worth the bucks.
MSFT Floats an ARC
Larry Loeb  |  10/29/2019  | 
As far back as 2015, the group responsible for Domain-based Message Authentication, Reporting & Conformance specification realized that one implementation was not going to solve the problem of email spoofing.
Beware the 'Raccoon Stealer' – It Ain't No Furry Friend
Larry Loeb  |  10/24/2019  | 
'Raccoon stealer' is one of the 2019's top ten most-mentioned pieces of malware in the underground economy.
Operational Technology Players Come Out of the Shadows
Larry Loeb  |  10/23/2019  | 
Operational technology (OT) has long been hiding in the factories and sites of industrial installations, but things are changing.
Two Threat Actors, One Targeted Threat
Larry Loeb  |  10/22/2019  | 
By combining, two threat actors leveraged their own specific areas of expertise into one highly efficient and private tool.
Cylance Discovers WAV Files Can Hide Malware
Larry Loeb  |  10/21/2019  | 
BlackBerry Cylance threat researchers Anuj Soni, Jordan Barth and Brian Marks recently discovered obfuscated malware code that was embedded within WAV audio files.
Unit 42 Finds the First Cryptojacking Docker Container
Larry Loeb  |  10/17/2019  | 
Palo Alto Network's Unit 42 has found the first cryptocurrency miner malware that spreads like a worm through the use of Docker containers.
Even RATs Need Marketing
Larry Loeb  |  10/16/2019  | 
Palo Alto Networks' Unit 42 researchers have discovered a new and previously undocumented Remote Access Tool (RAT).
Don't Get Burned by Your Sophos Firewall
Larry Loeb  |  10/15/2019  | 
Researcher finds Sophos firewalls can allow net-based RCE without authentication.
CISO No Longer the Last Word on Security – Radware
Larry Loeb  |  10/14/2019  | 
The rise of DevSecOps may be the reason that 70% of respondents to Radware's survey stated that the CISO was not the top influencer in deciding on security software policy.
New 'Reductor' Malware Intercepts Browser Traffic
Larry Loeb  |  10/11/2019  | 
Encrypted traffic from both Chrome and Firefox shown to be vulnerable.
UK Businesses Feel the Heat as Cyber Attacks Rise 243% Over the Summer
Larry Loeb  |  10/9/2019  | 
UK-based business ISP analyzed data from its customers and found that the number of cyber attacks its customers experienced had increased over last year's summer period by 243%.
UK Spy Agency Warns About VPN Hacking
Larry Loeb  |  10/8/2019  | 
Advanced persistent threat actors linked to the Chinese government are attacking enterprise VPN servers from Fortinet, Palo Alto Networks and Pulse Secure.
Cequence Finds Web Conferencing Vulnerability
Larry Loeb  |  10/7/2019  | 
Vulnerability could allow an attacker to list and view active meetings that are not protected.
FakeUpdates Is Back With New Capabilities
Larry Loeb  |  10/4/2019  | 
FireEye has written a blog about what they observed financially motivated threat actors were doing that focused on disrupting business processes by the mass deployment of ransomware throughout a victim's environment.
Masad Stealer Uses Telegram to Send Its Control Messages to Waiting Bots
Larry Loeb  |  10/2/2019  | 
Juniper Threat Labs has discovered a new Trojan-delivered spyware that uses Telegram to exfiltrate stolen information.
Torvalds Gives In, Linux Kernel Gets Locked Down Early
Larry Loeb  |  10/1/2019  | 
After years of efforts and rewrites, Linus Torvalds has signed off on a new optional feature for Linux that locks down the kernel much earlier in the boot process than was previously the case.


Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27660
PUBLISHED: 2020-11-30
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
CVE-2020-27659
PUBLISHED: 2020-11-30
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.
CVE-2020-29127
PUBLISHED: 2020-11-30
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid=&csppage=cgi_PgOverview&csplang=en is visit...
CVE-2020-25624
PUBLISHED: 2020-11-30
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
CVE-2020-29378
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password [email protected]#y$z%x6x7q8c9z) for the e...