Saturday, November 23, 2024
CybersecurityNewsOperating Systems

Norton Password Manager Breach, Polygot Files Bypass Malware Checks, and Avast Releases New Decryptor

Norton Password Manager Breach

by Artie Kaye

Subscribers to Norton LifeLock were notified of a breach this past week. The credential stuffing attacks were first noticed on December 12. There is belief that personal data was obtained, including information related to the password manager. Changing the master password as well as any managed by the service would be prudent. Two-factor authentication can also be helpful in the prevention of a brute force attack like this.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


Polyglot Files Can Bypass Malware Checks

by Artie Kaye

A polyglot file can be read as at least two different file types. Some file types have identifying information at the start or the end of the file. Certain malware is taking advantage of this to propagate. Using JAR combined with MSI or CAB files fills this need, as the MSI and CAB files store their information at the beginning of the file, while JAR is stored towards the end. 

Currently, anti-malware software will scan only the sections of the file defined for a particular file type, ignoring other sections that could contain the malware installer. The best step forward will be for the protection software developers to scan files for markers of any file type, regardless of the file type presented. 

To protect yourself, verify any files you are uncertain of, and contact your IT support if you need assistance.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


Microsoft Exchange Server 2013 End of Support

by Artie Kaye

An end of service from Microsoft is approaching as Exchange Server 2013’s extended support will terminate on April 11, 2023. This means no more security updates or patched bugs after that date. The company encourages upgrading to Exchange 2019 or migrating to their cloud-based Exchange Online. 

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)


BianLian Decryptor from Avast

by Artie Kaye

Cyber security company Avast has released a free decryptor for the BianLian ransomware. (Not to be confused with the same name banking malware targeting Android.) It has built a database of many of the encryption keys used by the ransomware, and is being updated as more become available. To learn more about the tool, please follow the links below.

Third-Party references:

Click the links below to learn more details. (Opens in a new tab/window.)