Security Newsletter

20 Jun 2022

The Ghost of Internet Explorer Will Haunt the Web for Years

After years of decline and a final wind-down over the past 13 months, on Wednesday Microsoft confirmed the retirement of Internet Explorer, the company’s long-lived and increasingly notorious web browser. Launched in 1995, IE came preinstalled on Windows computers for almost two decades, and like Windows XP, Internet Explorer became a mainstay—to the point that when it was time for users to upgrade and move on, they often didn’t. And while last week’s milestone will push even more users off the historic browser, security researchers emphasize that IE and its many security vulnerabilities are far from gone.

Microsoft says it will still support IE’s underlying browser engine, known as “MSHTML,” and it has its eye on versions of Windows still “used in critical environments.” But Maddie Stone, a researcher for Google’s Project Zero vulnerability hunting team, points out that hackers are still exploiting IE vulnerabilities in real-world attacks.

 

‘Hermit’ Android spyware used in Syria, Kazakhstan and Italy

Organizations operating inside of Kazakhstan, Syria and Italy are using a powerful enterprise-grade spyware to break into people’s Android devices, according to a report released by cybersecurity firm Lookout.

Lookout researchers obtained a sample of what they call “Hermit” – a brand of surveillanceware they believe is developed by Italian spyware vendor RCS Lab S.p.A. and telecoms company Tykelab Srl.

In a report released on Thursday, the security company said the spyware is able to hide its capabilities in packages downloaded after it has been deployed, which the researchers said is generally done through SMS text messages.

 

More #News

 

#Breach Log

 

#Patch Time!

 

#Tech and #Tools

Kingred Group is growing, so does the Group Security team! We're looking for new talented professionals to come join us:

• Are you a developer with a strong security passion? Be part of our Cyber Security team

Kindred is one of the largest online gambling companies in the world with over 30 million customers. You can find all our open vacancies on our career page.

Summer break!

It's time for the Kindred Group Security team to take some holiday. The newsletter will be off for a few weeks but don't worry, we'll be back. See you soon for some awesome infosec news!

This content was created by Kindred Group Security. Please share if you enjoyed!

Kindred Group in brief

Kindred Group is one of the world’s leading online gambling operators with business across Europe, US and Australia, offering more than 30 million customers across 9 brands a great form of entertainment in a safe, fair and sustainable environment. The company, which employs about 2,000 people, is listed on Nasdaq Stockholm Large Cap and is a member of the European Gaming and Betting Association (EGBA) and founding member of IBIA (Sports Betting Integrity Association). Kindred Group is audited and certified by eCOGRA for compliance with the 2014 EU Recommendation on Consumer Protection and Responsible Gambling (2014/478/EU). Read more on www.kindredgroup.com.