Admin
Group Blog Home
Group Blog Home

Recent Posts
1  2 
Four Malicious Google Chrome Extensions Affect 500K Users 
The ICEBRG Security Research team discovered four malicious Google Chrome extensions during a routine investigation of anomalous traffic. More than 500,000 users, including workstations in major businesses around the world, have been affected.

The team was analyzing an unusual spike in outbound traffic from a workstation at a European VPS provider. Upon further investigation of the traffic, researchers found four malicious extensions available in Google's Chrome Web Store: Change HTTP Request Header, Nyoogle - Custom Logo for Google, Lite Bookmarks, and Stickies - Chrome's Post-it Notes.

This finding highlights the threat of browser extensions, which are available in most major web browsers and an oft-overlooked attack vector. Threat actors know employees usually trust, and have control over, downloading these extensions. Using this knowledge, they can execute code via seemingly legitimate applications to gain a foothold into organizations.

Read more details here.
Posted by melson  On Jan 22, 2018 at 10:44 AM
  
Ransomware Campaign Impacts Hospitals, a Municipality, and an ICS Company 
The NJCCIC is aware of a ransomware campaign that has already impacted two hospitals, one municipality, and an ICS company within the US.

According to multiple open-source reports, the perpetrator(s) behind this campaign are targeting victims with a new version of MSIL/Samas.A/Samsam ransomware (hereafter referred to as SamSam). This version of SamSam appends .weapologize to the names of encrypted files and drops a ransom note named 0000-SORRY-FOR-FILES.html on infected systems. When SamSam ransomware first emerged, campaigns would target vulnerable servers running outdated versions of JBoss using JexBoss, an open-source JBoss testing/exploitation tool.

However, one Bleeping Computer article suggests that the perpetrator(s) behind this campaign may now be distributing SamSam via Remote Desktop Protocol (RDP) compromise. This article also reports that the online ransomware identification service, ID Ransomware, has received at least 17 submissions of SamSam-related files so far in January 2018, suggesting this campaign is currently and actively targeting victims.

Known victims of this campaign include Hancock Health Hospital in Greenfield, Indiana, Adams Memorial Hospital in Decatur, Indiana, and the city of Farmington in New Mexico.
Posted by melson  On Jan 22, 2018 at 10:26 AM
  
More menu improvements in Google Docs and Slides 
To add a line or page break in Docs:
  • Before: Insert > Page break or Column break
  • After: Insert > Break > Page break or Column break

To add Alt text to a shape in Docs or Slides:

  • Before: Select shape > Format > Alt text. This option will be removed from the menu.
  • After: Right click on shape > Alt text. This is the new way to add alt text to a shape.

To change a shape in Slides:

  • Before: Select shape > Format > Change shape. This option will be removed from the menu.
  • After: Right click on shape > Change shape. This is the new way to change a shape.

The HTML view in Slides is being removed from the menu.

  • Before: View > HTML
  • After: Ctrl+Alt+Shift+P

Posted by melson  On Jan 19, 2018 at 8:58 AM
  
1  2