Internal Threats












        Lazarus group goes back to the Apple orchard with new macOS Trojan. The Lazarus group, which has been
        named as one of North Korea's state-sponsored hacking teams, has been found to be using new tactics to
        infect macOS machines. n-memory infections, also known as fileless malware, operate entirely within the host
        machine's volatile RAM. This allows the software nasty to avoid setting off any antivirus systems that monitor
        files in storage or otherwise don't regularly scan all of system memory for threats The malware sample found
        by Dinesh_Devadoss was dissected this week by Mac security guru Patrick Wardle, who says that the attack is
        a new spin on the classic Lazarus group tactic for slipping its malware onto the machines of unsuspecting
        users; by not installing any files during the secondary stage of the attack where the actual malicious activity
        occurs.
                Source: https://www.theregister.co.uk/2019/12/05/lazarus_group_macos_malware/



        Attackers Continue to Exploit Outlook Home Page Flaw. A 2-year-old vulnerability in Microsoft Outlook
        continues to cause headaches for companies, as attackers are able to use a specific feature of the program to
        execute code and persist on previously infected systems, according to an advisory published by cybersecurity
        services firm FireEye. The attack, which uses the Microsoft Outlook Security Feature Bypass Vulnerability
        (CVE-2017-11774) patched in October 2017, abuses the Outlook Home Page feature that allows a customized
        view to be shown for any e-mail folder. When exploited, the vulnerability allows code to run whenever an
        Outlook client homepage is opened. While the issue was patched, and the vast majority of companies have
        the update, attackers have been able to circumvent the fix to gain persistence on already-compromised
        systems, says Matthew McWhirt, senior manager at FireEye.
                Source:  https://www.darkreading.com/vulnerabilities---threats/attackers-can-circumvent-outlook-
                homepage-flaw/d/d-id/1336513



        Ransomware attacks are an ever-present and growing risk for small businesses, government. The so-called
        ransomware attack that shut down a Milwaukee company last month shows the ever-present risk that now
        threatens all organizations. Small businesses that have less sophisticated systems to protect their computer
        networks from being hacked can be particularly vulnerable, according to cybersecurity experts. But every
        business or organization — large corporations, health systems, universities — is at risk. The FBI estimates that
        several thousand ransomware attacks occur each day. “Cyber hacking has become a business,” Kaczmarek
        said. People don't even have to be technical experts to become cybercriminals: They can buy kits that provide
        the needed software. “There are very low barriers of entry to the marketplace,” Kaczmarek said.
                Source: https://news.yahoo.com/ransomware-attacks-ever-present-growing-145821948.html














                                                    www.accumepartners.com
                                                                                                                    13