|
|
| PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities If you are using PHPMailer or SwiftMailer make sure you get the latest update, older versions have critical remote code executions vulnerabilities. In addition to the remote code execution problem attackers can potentially gain access to a webserver hosting a web app that is using a vulnerable version of PHPMailer or SwiftMailer. New variant of KillDisk wiper threatens industrial control networks with ransomware Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware. |
|
| Leet IoT Botnet Bursts on the Scene with Massive DDoS Attack A new internet of things (IoT) botnet has shown up that can rival the Mirai botnet. The attack was mitigated, but the analysis of the payload is concerning researchers. The data showed a mishmash of files from compromised IoT devices. Researchers expect more IoT botnets to be used in future DDoS attacks. |
|
| Criminals phish credit card numbers with ‘Twitter verification’ scam Twitter sponsored advertisements are being used to phish credit card numbers. If these Twitter ads are clicked a fake twitter verification page comes up. If the user completes the Twitter verification page another page comes up asking for a credit card number and security code. |
|
| Raising the Stakes: Serious Cyber Security Preparations for 2017 This article has a nice list of things to watch out for regarding cyber security in 2017. Here is a good article on how to build a culture of security in your organization. If you are into podcasts Threatpost does an interesting 2016 wrap up podcast. |