Home / Enterprise Technical Security That Matters - March 12, 2021

Enterprise Technical Security That Matters - March 12, 2021

Posted by Omnistruct Marketing on Mar 14, 2021 10:36:09 AM

March Newsletter Graphic

SolarWinds just keeps getting worse: New strain of backdoor malware found in probe

The strain, identified as SUNSHUTTLE by FireEye, is a second-stage backdoor written in Go which uses HTTPS to communicate with a command-and-control server for data exfiltration, adding new code as needed. Someone based in the US, perhaps at an infected organization, uploaded the malware to a public malware repository in August last year for analysis, well before the cyber-spying campaign became public. By Iain Thomson I March 8, 2021

 

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. By Pierluigi Paganini I March 8, 2021

 

FluBot Android malware mimics FedEx, Chrome apps to steal user data

A Swiss cybersecurity company PRODAFT reported that newly discovered FluBot Android malware is impersonating an Android mobile banking application to draw fake webview on its target applications and steal users’ private information. By Deeba Ahmed I March 8, 2021

 

Apple Issues Patch for Remote Hacking Bug Affecting Billions of its Devices

Apple has released out-of-band patches for iOS, macOS, watchOS, and Safari web browser to address a security flaw that could allow attackers to run arbitrary code on devices via malicious web content. By Ravie Lakshmanan I March 8, 2021

 

SAP Patches Critical Flaws in MII, NetWeaver Products

SAP's March 2021 Security Patch Day updates include 9 new security notes, including two for critical vulnerabilities affecting the company's NetWeaver Application Server (AS) and Manufacturing Integration and Intelligence (MII) products. By Ionut Arghire I March 10, 2021

 

GitHub Informs Users of 'Potentially Serious' Authentication Bug

GitHub on Monday informed users that it had discovered what it described as an “extremely rare, but potentially serious” security bug related to how some authenticated sessions were handled. By Eduard Kovacs I March 09, 2021

 

9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware

Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial accounts of victims as well as full control of their devices. By Ravie Lakshmanan I March 9, 2021

 

Microsoft Issues Security Patches for 89 Flaws — IE 0-Day Under Active Attacks

Microsoft plugged as many as 89 security flaws as part of its monthly Patch Tuesday updates released today, including fixes for an actively exploited zero-day in Internet Explorer that could permit an attacker to run arbitrary code on target machines. By Ravie Lakshmanan I March 9, 2021

 

Microsoft Exchange attacks: Now Microsoft rushes out a patch for older versions of Exchange

Microsoft has released security updates for unsupported versions of Exchange email servers following widespread attacks exploiting four newly discovered security vulnerabilities. By Liam Tung | March 9, 2021

 

 
 

Get a Free Consultation Now!

Manage Your Newsletter Subscription!
 

Sincerely,

Omnistruct Marketing
866-683-8827
www.omnistruct.com


Omnistruct, 2740 Fulton Avenue #101-02, Sacramento, CA 95821, USA, (866) 683-8827

Unsubscribe                   Manage preferences

Topics: Omnistruct Newsletter