Day: July 8, 2019

Meet the Great Duke of… DLL: Microsoft shines light on Astaroth, a devilishly sneaky strain of fileless malware

DLL or no DLL? Microsoft has lifted the lid on the inner-workings of a particularly nasty piece of fileless malware that aims to pilfer user data without needing to install software on the victim’s machine.… …read more Source:: Register

Researchers Poke Holes in Siemens Simatic S7 PLCs

Black Hat USA session will reveal how they reverse-engineered the proprietary cryptographic protocol to attack the popular programmable logic controller. …read more Source:: DarkReading

Android App Publishers Won’t Take ‘No’ for an Answer on Personal Data

Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission. …read more Source:: DarkReading

How Facebook Fought Fake News About Facebook

Facebook has built tools to track posts on Facebook and WhatsApp that talk about its executives, products, or moves Bloomberg reported on Monday. The company has been, for years, routinely using these tools to “snuff out” posts that it deems to offer untrue characterization of its services or people. From the report: Many companies monitor…

Email App Superhuman’s Superficial Privacy Fixes Do Not Prevent It From Spying on You

Mike Davidson: It took an article I almost didn’t publish and tens of thousands of people saying they were creeped out, but Superhuman admitted they were wrong and reduced the danger that their surveillance pixels introduce. Good on Rahul Vohra and team for that. I will say, however, that I’m a little surprised how quickly…

Chinese government has got it “spot on” when it comes to facial recognition says, the, er, UK Metropolitan Police

Thinks British public will be fine getting stopped and searched on faulty software’s say so The Chinese government has an unlikely supporter of its facial recognition program: the head of the UK’s Metropolitan Police union.… …read more Source:: TheRegister

GE Aviation Passwords, Source Code Exposed in Open Jenkins Server

A DNS misconfiguration resulted in an open Jenkins server being available to all. …read more Source:: Threatpost

Stranger Things 3 hid an obscure Easter egg, but someone finally found it – CNET

The Stranger Things writers tucked something special into episode 2 of season 3, and it was hard to spot. …read more Source:: CNet

Instagram will let you know if you’re about to post a hurtful comment – CNET

The Facebook-owned photo-sharing app started rolling out the AI-powered feature. …read more Source:: CNet

Microsoft Warns About Astaroth Malware Campaign

The Microsoft security team has issued a warning today about ongoing malware campaigns that are distributing the Astaroth malware using fileless and living-off-the-land techniques that make it harder for traditional antivirus solutions to spot the ongoing attacks. From a report: The attacks were detected by the team behind Windows Defender ATP, the commercial version of…