Enterprise Technical Security That Matters - September 24, 2021

Many companies struggle with all of the cybersecurity documentation, processes, and policies that can limit their business growth and REALLY stress them out. Omnistruct serves as an enterprise partner for the critical policies, processes, and documentation needed to make sure all of that data and revenue is well protected against cyber threats and that the company stays in compliance with all rules and regulations.

New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures

As many as 11 security vulnerabilities have been disclosed in Nagios network management systems, some of which could be chained to achieve pre-authenticated remote code execution with the highest privileges, as well as lead to credential theft and phishing attacks. By Ravie Lakshmanan I September 22, 2021 Read More

New Mac malware masquerades as iTerm2, Remote Desktop and other apps

iTerm2 is a legitimate replacement for the macOS Terminal app, offering some powerful features that Terminal does not. It is frequently used by power users. It is a favorite of security researchers because of the propensity for Mac malware to take control or detect usage of the Terminal app, which can interfere with attempts to reverse engineer malware. This makes iTerm2 an ideal app to trojanize to infect people who may have access to development system, research intelligence, etc. By Thomas Reed I September 21, 2021 Read More

Microsoft uncovers giant Phishing-as-a-Service operation

Microsoft’s security team said today that it uncovered a massive operation that provides phishing services to cybercrime gangs using a hosting-like infrastructure that the OS maker likened to a Phishing-as-a-Service (PHaaS) model. By Catalin Cimpanu I September 21, 2021 Read More