Security News












        Avast, NordVPN Breaches Tied to Phantom User Accounts. Antivirus and security giant Avast and virtual
        private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions
        that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that
        granted remote access to internal systems with little more than a password.
                Source:  https://krebsonsecurity.com/2019/10/avast-nordvpn-breaches-tied-to-phantom-user-
                accounts/



        UC Browser Exposed Millions Of Users To MiTM Attacks via Third-Party APK Download. Once again, the UC
        browser has made it into the news. This time, researchers found them to be exposing millions of users to the
        risk of cyber attack. Specifically, they found the UC browser enabling downloads of APK’s from non-SSL third-
        party sites, thus potentially exposing users to MiTM attacks at the very least.

                Source:  https://latesthackingnews.com/2019/10/21/uc-browser-exposed-millions-of-users-to-mitm-
                attacks-via-third-party-apk-download/



        Remote Code Execution Vulnerability Found In Trend Micro Anti-Threat Toolkit (ATTK). The Anti-Threat
        Toolkit (ATTK) by Trend Micro is a dedicated tool for fending off malware infections. However, like any other
        antimalware, this tool is also prone to security flaws. Recently, a researcher has found a vulnerability in Trend
        Micro ATTK that allows remote code execution.

                Source:  https://latesthackingnews.com/2019/10/23/remote-code-execution-vulnerability-found-in-
                trend-micro-anti-threat-toolkit-attk/



        Magecart group linked to Dridex banking Trojan, Carbanak. An active Magecart scheme has ties to Dridex
        phishing campaigns and the Carbanak group, indicating that skimmer scripts may be a prelude to more
        traditional malware use, researchers say. On Tuesday, cybersecurity researchers from Malwarebytes said one
        of the Magecart groups that are currently active, assigned the name Magecart Group 5, appears to have
        connections to the Carbanak Advanced Persistence Threat (APT) gang.

                Source: https://www.zdnet.com/article/magecart-group-linked-to-dridex-banking-trojan-carbanak/




















                                                    www.accumepartners.com
                                                                                                                     5