Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Larry Loeb

Content posted in October 2019
Chinese-Linked APT41 Can Read Your Texts
Larry Loeb  |  10/31/2019  | 
New malware family is designed to have the ability to monitor as well as save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft.
Xhelper Will Be Back Whether You Want It or Not
Larry Loeb  |  10/30/2019  | 
Researcher says that this Trojan dropper variant of the original Android malware has infected more than 45,000 Android devices over the last six months.
Endpoints Fail Predictably: Absolute
Larry Loeb  |  10/29/2019  | 
A security firm based in Vancouver, Canada, has issued a disturbing 2019 Endpoint Security Trends Report that finds security spending not worth the bucks.
MSFT Floats an ARC
Larry Loeb  |  10/29/2019  | 
As far back as 2015, the group responsible for Domain-based Message Authentication, Reporting & Conformance specification realized that one implementation was not going to solve the problem of email spoofing.
Beware the 'Raccoon Stealer' – It Ain't No Furry Friend
Larry Loeb  |  10/24/2019  | 
'Raccoon stealer' is one of the 2019's top ten most-mentioned pieces of malware in the underground economy.
Operational Technology Players Come Out of the Shadows
Larry Loeb  |  10/23/2019  | 
Operational technology (OT) has long been hiding in the factories and sites of industrial installations, but things are changing.
Two Threat Actors, One Targeted Threat
Larry Loeb  |  10/22/2019  | 
By combining, two threat actors leveraged their own specific areas of expertise into one highly efficient and private tool.
Cylance Discovers WAV Files Can Hide Malware
Larry Loeb  |  10/21/2019  | 
BlackBerry Cylance threat researchers Anuj Soni, Jordan Barth and Brian Marks recently discovered obfuscated malware code that was embedded within WAV audio files.
Unit 42 Finds the First Cryptojacking Docker Container
Larry Loeb  |  10/17/2019  | 
Palo Alto Network's Unit 42 has found the first cryptocurrency miner malware that spreads like a worm through the use of Docker containers.
Even RATs Need Marketing
Larry Loeb  |  10/16/2019  | 
Palo Alto Networks' Unit 42 researchers have discovered a new and previously undocumented Remote Access Tool (RAT).
Don't Get Burned by Your Sophos Firewall
Larry Loeb  |  10/15/2019  | 
Researcher finds Sophos firewalls can allow net-based RCE without authentication.
CISO No Longer the Last Word on Security – Radware
Larry Loeb  |  10/14/2019  | 
The rise of DevSecOps may be the reason that 70% of respondents to Radware's survey stated that the CISO was not the top influencer in deciding on security software policy.
New 'Reductor' Malware Intercepts Browser Traffic
Larry Loeb  |  10/11/2019  | 
Encrypted traffic from both Chrome and Firefox shown to be vulnerable.
UK Businesses Feel the Heat as Cyber Attacks Rise 243% Over the Summer
Larry Loeb  |  10/9/2019  | 
UK-based business ISP analyzed data from its customers and found that the number of cyber attacks its customers experienced had increased over last year's summer period by 243%.
UK Spy Agency Warns About VPN Hacking
Larry Loeb  |  10/8/2019  | 
Advanced persistent threat actors linked to the Chinese government are attacking enterprise VPN servers from Fortinet, Palo Alto Networks and Pulse Secure.
Cequence Finds Web Conferencing Vulnerability
Larry Loeb  |  10/7/2019  | 
Vulnerability could allow an attacker to list and view active meetings that are not protected.
FakeUpdates Is Back With New Capabilities
Larry Loeb  |  10/4/2019  | 
FireEye has written a blog about what they observed financially motivated threat actors were doing that focused on disrupting business processes by the mass deployment of ransomware throughout a victim's environment.
Masad Stealer Uses Telegram to Send Its Control Messages to Waiting Bots
Larry Loeb  |  10/2/2019  | 
Juniper Threat Labs has discovered a new Trojan-delivered spyware that uses Telegram to exfiltrate stolen information.
Torvalds Gives In, Linux Kernel Gets Locked Down Early
Larry Loeb  |  10/1/2019  | 
After years of efforts and rewrites, Linus Torvalds has signed off on a new optional feature for Linux that locks down the kernel much earlier in the boot process than was previously the case.


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
CVE-2021-31660
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.