Ειδοποιήσεις

A vulnerability affecting components used in millions of critical connected devices in the automotive, energy, telecom, and medical sector could let hackers hijack the device or access the internal network.

In some cases, the flaw is remotely exploitable over 3G. Researchers found it in the Cinterion EHS8 M2M module from Thales (formerly from Gemalto, acquired by Thales in 2019) but the vendor also confirmed it in BGS5, EHS5/6/8, PDS5/6/8, ELS61, ELS81, PLS62.

Over 30,000 companies use products from Thales, which connects more than 3 billion things worldwide every year.

Read more »

The IcedID banking Trojan has recently been updated with additional evasion techniques, including a password-protected attachment, keyword obfuscation and Dynamic Link Library file that acts as a second-stage downloader, according to Juniper Threat Labs.

The threat actors behind the campaign, first spotted in July, research their target before an attack to identify a handful of customer names, Juniper’s new report states. Using a known name helps the hackers to entice the victim to open a phishing email that contains the Trojan, Paul Kimayong, a security researcher with Juniper Threat Labs, notes.

“This makes the phish that much more likely to succeed, given the sender and the recipient have an established business relationship,” Kimayong says.

First observed in September 2017 by IBM X-Force researchers, IcedID steals financial data using malicious code injected into a web browser. The Trojan has been used more frequently since the COVID-19 pandemic started

Read more »

Citrix released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management (CEM), also known as XenMobile, a product made for enterprises to help companies manage and secure their employees’ mobile devices remotely.

Citrix Endpoint Management offers businesses mobile device management (MDM) and mobile application management (MAM) capabilities. It allows companies to control which apps their employees can install while ensuring updates and security settings are applied to keep business information protected.

According to Citrix, there are a total of 5 vulnerabilities that affect on-premise instances of XenMobile servers used in enterprises to manage all apps, devices, or platforms from one central location.
Read more »

New variants of Agent Tesla remote access Trojan now come with modules dedicated to stealing credentials from applications including popular web browsers, VPN software, as well as FTP and email clients.

Agent Tesla is a commercially available .Net-based infostealer with both remote access Trojan (RAT) and with keylogging capabilities active since at least 2014.

Read more »

A security researcher discovered vulnerabilities in an automation system for smart homes and buildings that allowed taking over accounts belonging to other users and control associated devices.

In a presentation on Saturday at the IoT Village during the DEF CON hacker conference, Barak Sternberg shows how some weak spots in the HDL automation system could have been leveraged by attackers to fully compromise it.

Read more »