Security News

After Adobe, the technology giant Microsoft today—on June 2019 Patch Tuesday—also released its monthly batch of software security updates for various supported versions of Windows operating systems and other Microsoft products.

This month’s security updates include patches for a total of 88 vulnerabilities, 21 are rated Critical, 66 are Important, and one is rated Moderate in severity.

The June 2019 updates include patches Windows OS, Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, Microsoft Exchange Server, and Azure.

Four of the security vulnerabilities, all rated important and could allow attackers to escalate privileges, patched by the tech giant this month were disclosed publicly, of which none were found exploited in the wild.
Read more »

Telegram, one of the most popular encrypted messaging app, briefly went offline yesterday for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers.

Telegram founder Pavel Durov later revealed that the attack was mainly coming from the IP addresses located in China, suggesting the Chinese government could be behind it to sabotage Hong Kong protesters. Since last week, millions of people in Hong Kong are fighting their political leaders over the proposed amendments to an extradition law that would allow a person arrested in Hong Kong to face trial elsewhere, including in mainland China.

Many people see it as a fundamental threat to the territory’s civic freedoms and the rule of law.

Read more »

Are you using Komodo’s Agama Wallet to store your KMD and BTC cryptocurrencies? Were your funds also un-authorisedly transferred overnight to a new address? If yes, don’t worry, it’s probably safe, and if you are lucky, you will get your funds back.

Komodo, a cryptocurrency project and developer of Agama wallet, adopted a surprisingly unique way to protect its customers’ funds.

The company hacked its customers and unauthorisedly transferred nearly 8 million KMD and 96 Bitcoins from their cryptocurrency wallets to a new address owned by the company.

Why? To secure funds of its customers from hackers.

This may sound weird, but it’s true.

Komodo recently learned about a malicious open source, third-party JavaScript library that the company was using in its Agama Wallet app.
Read more »

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back to September 2018 the Pacha Group has deployed undetected crypto-mining malware to infiltrate Linux servers and mine cryptocurrency without user permissions.

One of the more notable observations discerned by Intezer researchers was the remarkably aggressive behavior exhibited by the Pacha Group’s crypto-mining malware, named Linux.GreedyAntd, which was using a large number of techniques to disable or eliminate other miners on the servers.

Intezer researchers have discovered that the Pacha Group is now targeting cloud-based infrastructures, while identifying new, undetected variants of Linux.GreedyAntd which share significant amounts of code with previous variants. Like previous versions, the malware being used is mainly focused on cryptomining, this time with some updated operational mechanisms.

Read more »

Elastic, the company behind the most widely used enterprise search engine ElasticSearch and the Elastic Stack, today announced that it has decided to make core security features of the Elastic Stack free and accessible to all users.

ELK Stack or Elastic Stack is a collection of three powerful open source projects—Elasticsearch, Logstash, and Kibana—that many large and small companies are using to format, search, analyze, and visualize a large amount of data in real time.

In recent months, we have seen how thousands of instances of insecure, poorly configured Elasticsearch and Kibana servers had left millions of users sensitive data exposed on the Internet.

Since the free version of Elastic Stack by default does not have any authentication or authorization mechanism, many developers and administrators fail to properly implement important security features manually.
Read more »