Cyber Security News for 14Apr2020

  1. “On March 25, 2020, FireEye published a research blog regarding a global attack campaign operated by an espionage motivated adversary group known as APT41. This attack campaign was thought to have operated between January 20 and March 11, specifically targeting Citrix, Cisco, and Zoho network appliances via exploitation of recently disclosed vulnerabilities. Based on WildFire and AutoFocus data available to Unit 42, we were able to obtain samples of the payload targeting Citrix appliances, which were executables compiled to run on FreeBSD.” https://unit42.paloaltonetworks.com/apt41-using-new-speculoos-backdoor-to-target-organizations-globally/
  2. “After disabling FTP support in Google Chrome 81, Google has decided to reenable it again to prevent outages and difficulties in accessing information during the Coronavirus pandemic.” https://www.bleepingcomputer.com/news/google/google-reenables-ftp-support-in-chrome-due-to-pandemic/
  3. “While there is an official white paper [3] describing the encryption of WhatsApp, there is no detailed overview of how its protocols work or how the security features are implemented. Consequently, there is no foundation for serious security related analysis.” https://www.andreafortuna.org/2020/04/07/security-analysis-of-whatsapp-calls/
  4. “How opting out of surveillance is practically useless, and suggests to use data obfuscation as a better alternative.” https://www.andreafortuna.org/2020/04/14/privacy-by-obfuscation/
  5. “Cybersecurity is incredibly important for us humans and the security of our companies. Climate change and cyber threats to security are two critical issues that have a lot in common.” https://www.threathunting.se/2020/04/14/the-link-between-cyber-security-and-climate-change/
  6. “Zoom has emerged as a leading teleconferencing provider during the COVID-19 pandemic. While it continues to be favored worldwide, the VTC platform has received flaks for being prone to hacking attacks and having some security issues.” https://www.blackhatethicalhacking.com/news/how-are-cybercriminals-capitalizing-on-zooms-popularity/
  7. “COVID-19 has put reality on hold for everyone for the time being, and that includes security teams. Both Microsoft and Google have postponed a change that would have forced better application security by shutting down an insecure access protocol called Basic Authentication.” https://nakedsecurity.sophos.com/2020/04/14/microsoft-and-google-delay-online-authentication-change/
  8. “On Wednesday, Agence France-Presse (AFP) reported that the internet domain-name overseers at ICANN – that’s the Internet Corporation for Assigned Names and Numbers – had taken the unusual step of sending a letter to the hundreds of domain name registrars around the globe that are accredited by ICANN to issue new website domain names.” https://nakedsecurity.sophos.com/2020/04/14/icann-asks-registrars-to-crack-down-on-scam-coronavirus-websites/
  9. TikTok Vulnerability Enables Hackers to Show Users Fake Videos” https://www.mysk.blog/2020/04/13/tiktok-vulnerability-enables-hackers-to-show-users-fake-videos/
  10. “The new research, published by Palo Alto Networks and shared with The Hacker News, confirmed that “the threat actors who profit from cybercrime will go to any extent, including targeting organizations that are in the front lines and responding to the pandemic on a daily basis.”” https://thehackernews.com/2020/04/ransomware-hospitals-coronavirus.html
  11. “Researchers say home office networks are 3.5 times more likely than corporate networks to be infected by malware. That statistic comes into sharp focus as the coronavirus pandemic forces companies to shift to a work-from-home workforce.” https://threatpost.com/malware-risks-triple-for-remote-workers/154735/
  12. “VMware has fixed a critical vulnerability in its latest security update. The critical information-disclosure bug exists in the vCenter Server virtual infrastructure management platform.” https://www.threathunting.se/2020/04/14/vmware-patched-critical-flaw-vcenter-server/
  13. “Everyone knows what happened to John Podesta in 2016. Hillary Clinton’s campaign manager clicked on a phishing email, and as far as we know, it was the first time a cyberattack shaped a presidential election.” https://www.cyberscoop.com/presidential-campaigns-phishing-attack-joe-biden-donald-trump-cofense-op-ed/
  14. Quidd, an online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019.” https://securityaffairs.co/wordpress/101555/data-breach/quidd-dump-dark-web.html
  15. “Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS.” https://thehackernews.com/2020/04/dell-bios-protection.html
  16. “With governments closing down workplaces all over the world, telecommuting presents not just online administrative and capacity challenges for organizations, but also security challenges. As highlighted in a recent article by Andy Greenberg from Wired, when more and more employees are asked to VPN into corporate networks from home, this creates not only clogged networks but attack opportunities for the unscrupulous.” https://threatpost.com/waterfall-safe-remote-access-to-critical-infrastructure-networks-in-a-time-of-global-crisis/154420/
  17. “Microsoft has delayed the end of support dates for Windows 10 version 1709/1809 and older software and services to reduce the stress already being felt by organizations during the Coronavirus pandemic.” https://www.bleepingcomputer.com/news/microsoft/microsoft-delays-end-of-support-for-older-windows-software-versions/
  18. “Attackers are using a Brazilian hacking tool against Spanish banks” https://www.cyberscoop.com/attackers-using-brazilian-hacking-tool-spanish-banks/
  19. “Patch Tuesday (April 2020 Updates) are now rolling out to all supported versions of Windows 10. The cumulative update with security fixes is rolling out to PCs with November 2019 Update, May 2019 Update and October 2018 Update.” https://www.bleepingcomputer.com/news/microsoft/windows-10-cumulative-updates-kb4549951-and-kb4549949-released/
  20. “Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a 1580 BTC ransom ($10.9M or €9.9M).” https://www.bleepingcomputer.com/news/security/ragnarlocker-ransomware-hits-edp-energy-giant-asks-for-10m/
  21. “With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low.” https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2020-patch-tuesday-fixes-3-zero-days-15-critical-flaws/
  22. “Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-based multimedia framework on most versions of Microsoft Windows that assists with many audio and video operations. An attacker must convince the user to open a specially crafted QuickTime file to trigger this vulnerability. https://blog.talosintelligence.com/2020/04/vuln-spotlight-microsoft-media-foundation-april-2020.html
  23. “Adobe released security patches for vulnerabilities in its ColdFusion, After Effects and Digital Editions applications. If exploited, the flaws could enable attackers to view sensitive data, gain escalated privileges, and launch denial-of-service attacks. Each of the bugs were rated important-severity, based on CVSS rankings, marking an extremely low-volume month for Adobe bug fixes.” https://threatpost.com/adobe-fixes-important-flaws-in-coldfusion-after-effects-and-digital-editions/154780/
  24. “Intel addressed nine security vulnerabilities with the April 2020 Platform Update, all of them being high and medium severity security flaws impacting multiple software products, firmware, and platforms.” https://www.bleepingcomputer.com/news/security/intel-april-platform-update-fixes-high-severity-security-issues/

#security #cybersecurity #itsecurity #privacy #speculoos #ftp #whatsapp #aoom #covid-19 #tiktok #vmware #quidd #ragnarlocker #microsoft #adobe #zeroday #intel