Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

United States Cyber Command warns of hackers abusing security flaw in Outlook


A warning by United States Cyber Command (USCC) on Twitter cautions of threat actors exploiting a security flaw in Outlook as they load malicious software onto government networks. Believed to enjoy state sponsorship the cyber-criminals are reportedly actively abusing the Outlook vulnerability of 2017 era, although long patched, for bypassing sandbox of the electronic mail client followed with executing malicious software on the host machines. Whilst authorities did not state the involved entity's name, certain evidences suggest a probable association with Iran.

It was during 2017 fall when researchers from SensePost privately reported the bug; however by 2018, APT33 also named Elfin a hacking group receiving Iran's backing weaponized it. The group is chiefly recognized as creating the Shamoon malicious program which would wipe away disks.

During late-December last year, the APT33 hackers reportedly infected web-servers with backdoors so they could later utilize them for thrusting the CVE-2017-11774 attack code onto end-users' inboxes.

According to Brandon Levene security researcher at Chronicle, the USCC posted 3 tools which as per assumption are utilized to manipulate as well as abuse web-servers. The tools separately have purposes a little different from each other; however, it's totally clear that the attackers have a capability for interchanging communication with web-servers which they may've hijacked. If about the CVE-2017-11774 vulnerability the observation made stands correct, it somehow tells the technique of Shamoon attackers in hijacking their targets, Levene notes. www.scmagazineuk.com posted this, July 3, 2019.

In its Twitter account the USCC issues alerts solely about nation-state threat actors and not hacker crews working with financial motives.

Moreover, 2 weeks back, the cyber-security organization CISA of Department of Homeland Security too issued one similar alert regarding threat actors from Iran increasing their activity, in particular, there being use of the Shamoon disk-erasing malware.

Furthermore, Levene draws attention to the first instance of USCC sharing about malware that's not from Russia on its Twitter A/C. In 2018 fall, the agency began posting about malware alerts onto VirusTotal along with making warnings on Twitter, recognizing the way as quicker in disseminating security alerts regarding still launched cyber assaults as well as notifying USA's private sector.

ยป SPAMfighter News - 7/15/2019

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next