Network Security News Weekly | May 21, 2018 | Ingalls Information Security
Scroll To Top

Network Security News Weekly - May 21, 2018
May 21, 2018

Current cybersecurity news to keep you informed.
IT Services | Government | Financial | Healthcare | Non-Profit

Articles of interest from the past week:

Uninstall or Disable PGP Tools, Security Researchers Warn
Vulnerable mail clients include the iOS mail app, native mail clients on Android, Outlook and IBM Notes running on Windows systems, Thunderbird on Linux, as well as online Exchange, according to the researchers. And affected webmail providers include FastMail, Gmail, GMX, Hushmail, iCloud Mail, Mail.ru, Mailbox.org, Mailfence, Outlook.com, ProtonMail, Yahoo Mail, and Zoho Mail. (By: , Bank Info Security)

This malware is harvesting saved credentials in Chrome, Firefox browsers
Vega Stealer is a variant of August Stealer. Written in .NET, August Stealer locates and steals credentials, sensitive documents, and cryptocurrency wallet details from infected machines. The new malware has a subset of the same functionality but has also been upgraded with an arsenal of expanded features, including a new network communication protocol and Firefox stealing functionality. (By: , Zero Day)

Nigelthorn malware infected over 100,000 systems abusing Chrome extensions
A new strain of malware, dubbed Nigelthorn malware because it abuses a Google Chrome extension called Nigelify, has already infected over 100,000 systems in 100 countries, most of them in the Philippines, Venezuela, and Ecuador (Over 75%). The new malware family is capable of credential theft, cryptomining, click fraud, and other malicious activities. (By: , Security Affairs)

PANDA Banker malware used in several campaigns aimed at banks, cryptocurrency exchanges and social media
In May, experts monitored three different Panda Banker campaigns each focused on different countries. One of them, tracked as botnet “2.6.8,” had targets in 8 industries in North America, most of the targets (78%) are US financial organizations. This campaign is also targeting major social media platforms like Facebook and Instagram, as well as messaging apps like Skype, and entertainment platforms like Youtube. Additionally, Panda is targeting Microsoft.com, bing.com, and msn.com. (By: , Security Affairs)

Risky business: Are mobile employees compromising business info?
While many businesses are increasingly investing in digital security strategies in light of heightened cyber-attacks, physical data is often overlooked. The paper trail of sensitive information that employees generate when traveling is not always considered to be as risky as devices containing digital data. As a result, many businesses do not have a physical information security plan in place to prevent and protect from the threat of employee negligence – especially while traveling. (By: , Help Net Security)

iOS users are 18x more likely to be phished than to download malware
With more than 57% of all Internet traffic coming from mobile devices, it’s no surprise that attackers have turned their attention to mobile employees and the wide range of communications apps and sites they use. With a 170% increase of SMS phishing and a 102% increase in social app phishing from 2017 to 2018, it’s clear that dedicated mobile phishing attacks are now the technique of choice for malicious actors. (By: , Help Net Security)

Compliance Complexity: The (Avoidable) Risks of Not Playing by the Rules
Data security and privacy regulations make up an expanding landscape made up of a long, overlapping, and often confusing alphabet soup of laws and standards like HIPAA, SOX, FCRA, GLBA, PCI DSS, GDPR, PIPEDA, and others. Security and risk management decision makers must understand the nature of these laws and set security strategies accordingly or suffer the consequences of falling short of their demands. It's not an easy task, but it is a manageable one when broken into its parts. (By: , Dark Reading)

< BACK


Contact Us

If you are concerned about a potential breach or if you are currently experiencing a breach and require immediate assistance, contact our 24x7x365 Emergency Hotline:

Or fill out our contact form:

CONTACT US >


Our Goal

We are committed to preventing and responding to data security breaches. We have the most dedicated and qualified analysts in the cyber industry and can identify areas that you should focus on to enhance your level of security and awareness.


Sign Up For Netsec News Weekly

Ingalls Information Security