At a glance.
- New Agent Tesla variant is out.
- Lost credentials and crypto wallet hacks.
- Tension between DevSecOps and AI.
- Cybersecurity jobs seem to be getting tougher (say the people who are doing them).
- Fancy Bear makes an attempt on Ukrainian energy infrastructure.
- A look at NoName057(16).
A new Agent Tesla variant is out.
Fortinet describes a new variant of the Agent Tesla remote access Trojan that’s being distributed via malicious Excel documents. The attackers exploit the long-patched CVE-2017-11882/CVE-2018-0802 vulnerabilities in Excel to execute the malware. Fortinet notes, “Despite fixes for CVE-2017-11882/CVE-2018-0802 being released by Microsoft in November 2017 and January 2018, this vulnerability remains popular amongst threat actors, suggesting there are still unpatched devices in the wild, even after over five years. We are observing and mitigating 3000 attacks per day, at the IPS level. The number of observed vulnerable devices is around 1300 per day.”