A Quarter of Phishing Emails Bypass Office 365 Anti-Phishing Defenses
Apr12

A Quarter of Phishing Emails Bypass Office 365 Anti-Phishing Defenses

Microsoft Office 365 default anti-phishing defenses are bypassed by a quarter of all phishing emails, according to new research from cybersecurity firm Avanan. Avanan conducted a study of 52 million emails which had been assessed by Office 365 Exchange Online Protection (EOP). 25% of phishing emails were determined to be non-malicious and were delivered to inboxes. In addition, a further 5.3% of emails were delivered as they had been...

Read More
Cryptocurrency Mining Malware Still Dominates the Malware Threat Landscape
Apr11

Cryptocurrency Mining Malware Still Dominates the Malware Threat Landscape

The latest Global Threat Index report from Check Point shows cryptocurrency mining malware continues to be the biggest malware threat, even with the demise of Coinminer. Coinminer has topped the list of the most prevalent malware since December 2017. Coinminer is no longer active, but its code is still present on many websites and could be reactivated at any point.  In its place, is another cryptocurrency mining malware variant –...

Read More
The Baldr Information Stealer: A Dangerous New Malware Threat
Apr11

The Baldr Information Stealer: A Dangerous New Malware Threat

A new information stealer has been detected which could become a long-term threat. The Baldr information stealer is not especially sophisticated and lacks persistence, but it can exfiltrate data quickly once downloaded in a ‘smash and grab’ attack. The Baldr information stealer will not survive a reboot and is incapable of spreading to other devices, but for most threat actors that will not pose any problems. Once downloaded, Baldr...

Read More
Adobe Patches 24 Critical RCE Vulnerabilities
Apr10

Adobe Patches 24 Critical RCE Vulnerabilities

Adobe has patched 43 vulnerabilities on April 2019 Patch Tuesday. 24 of the vulnerabilities have been rated critical and are remote code execution vulnerabilities. They are present in Acrobat Reader, Adobe Shockwave Player, and Adobe Flash. The remainder of the vulnerabilities have been rated Important or moderate and affect Adobe Flash Player, Shockwave Player, Dreamweaver, Adobe XD CC, Adobe Experience Manager Forms, InDesign, and...

Read More
April 2019 Patch Tuesday: Microsoft Fixes 74 Vulnerabilities
Apr10

April 2019 Patch Tuesday: Microsoft Fixes 74 Vulnerabilities

Microsoft has released fixes for 74 vulnerabilities on April 2019 Patch Tuesday, two of which are being actively exploited in the wild. The two zero-day Windows vulnerabilities that are being actively exploited are CVE-2019-0803 and CVE-2019-0859. Both of these are elevation of privilege vulnerabilities and are due to how the Win32k component handles objects in the memory. If exploited, an attacker could execute malicious code in...

Read More