Mark Hughes, president of Security, DXC
Stay up to date on the latest threats, vulnerabilities and nation-state activities.
Stay up to date on the latest threats, vulnerabilities and nation-state activities.
Mark Hughes, president of Security, DXC
THREAT UPDATE
THREAT UPDATE
By the numbers
THREAT UPDATE
In this month’s edition of DXC Security Snapshot, Deborah Caldwell, global alliances lead, Security Sales at DXC, and Kevin Whartenby, global lead, Cyber Threat Intelligence at DXC, discuss the difference between the deep web and dark web, and the threats that lie beneath the surface.
VULNERABILITY
THREAT UPDATE
THREAT UPDATE
Opatch has released an unofficial patch for an actively exploited security flaw in Microsoft Windows that lets files signed with malformed signatures bypass Mark-of-the-Web (MotW) protection.
Cranefly espionage hackers that target employees dealing with corporate transactions have now been linked to a new backdoor called Danfuan. The previously unseen malware executes received C# code.
The Raspberry Robin worm, which spreads to Windows systems through USB drives, is becoming an access-as-a-service malware for deploying other payloads to thousands of endpoints.
Medibank, one of the largest Australian private health insurance providers, disclosed that an October 26th breach exposed all of its customer data, including health claims and personal information.
The U.S. has charged a 26-year-old Ukrainian national with participating in a Raccoon Stealer malware-as-a-service (MaaS) operation that has helped steal 50 million unique credentials globally.
The U.S. Federal Trade Commission (FTC) has sued education technology company Chegg for exposing the sensitive information of millions of students in four data breaches in three years.
Threat actors used credentials stolen in a phishing attack to steal 130 code repositories from one of Dropbox’s GitHub accounts with information about employees, customers, sales leads and vendors.
The U.S. has charged a 34-year-old UK national for operating The Real Deal, which sold hacking tools and stolen login credentials, including for U.S. agencies, Twitter and LinkedIn.