Microsoft Windows Cyber Security Tool Suite Is Available
darkreading.com- Author: Robert Lemos - Date: April 2th, 2019
For many cybersecurity professionals, Kali Linux is the standard for offensive security penetration testing. But for security specialists who would want to use Windows as a platform to run penetration testing tools, there really isn’t a suite of tools that are available. This was the case until recently when security service firm FireEye released a collection of more than 140 open-source tools for Windows on March 28th. Named, Complete Mandiant Offensive Virtual Machine, or CommandoVM, the toolset aims for security researchers to have an accessible solution for Windows environment based pen testing (among other offensive operations).
iOS Permissions Place Too Much Information On Third Parties
darkreading.com- Author: Curtis Franklin Jr. - Date: April 4th, 2019
Some new research conducted by Wandera, a mobile security specialized vendor, shows how iOS can significantly compromise user privacy and security through its data-gathering permissions. The research itself took a look at over 30,000 apps that request user permissions for things such as location, camera, and photo library. From these apps, it was found that 51% request location when the app is in use, 55% request access to the camera, and 62% request access to the photo library. The main concern that arises from these requests is that we are left to wonder what App publishers are attempting to do with this information. Wandera Vice President, Michael Covington says, “[App publishers are] trying to build profiles on individual users that could yield more value to them as a development team or as a firm that made an investment in that application”.
Facebook Data On Third Part Server Gets Leaked
darkreading.com.com- Author: Robert Lemos - Date: April 4th, 2019
Third Parties that use Facebook’s Integrations to collect user information can sometimes be a large security liability due to the fact that Facebook does not have any ownership or control over the Third Party’s servers. In a recent example, an S3 Container owned by a Mexican media company exposed more than 540 million records of Facebook users’ comments and interests. While this might not seem like a significant issue when accessed by accident by a random user in the hands of a calculated organization (like Cambridge Analytica) it can be used to generate user profiles and create targeted campaigns to those people on Facebook.
A suite of Malware Services Found Hosted In a ‘Amazon-Style’ like Fulfillment Model
darkreading.com - Author: Jai Vijayan - Date: April 4th, 2019
This week it was discovered that an ‘Amazon-style’ fulfillment model was used to host and distribute a myriad of malware to cybercriminals. It is speculated that the Necurs Botnet created this type of service for its own personal uses to distribute the software. The servers which are collected in the US, are being used to distribute nasty things such as ransomware, banking Trojans, and other malware to targets within the country.
Man Steals 4ft Python From Pet Store By Putting Snake Into His Pants
newsweek.com - Date: March 28th, 2019
In a strange pet store video surveillance recording, a man is seen stealing a python by stashing the reptile in the most unlikely of places, inside his pants.
In the video we see a man pulling the poor 4-foot snake out of the safety of its tank and into his pant. Afterward, we see the man casually walking away.