Security News > 2020 > March

Multiple zero-day vulnerabilities in digital video recorders for surveillance systems manufactured by Taiwan-based LILIN have been exploited by botnet operators to infect and co-opt vulnerable devices into a family of denial-of-service bots. The findings come from Chinese security firm Qihoo 360's Netlab team, who say different attack groups have been using LILIN DVR zero-day vulnerabilities to spread Chalubo, FBot, and Moobot botnets at least since August 30, 2019.

This design blunder can be abused by nearby miscreants to snatch snapshots of private data, such as web requests, messages, and passwords, over the air from devices as they are transmitted, if said data is not securely encrypted using an encapsulating protocol, such as HTTPS, DNS-over-HTTPS, a VPN, and SSH. Crucially, to pull this off, a hacker does not need to be on the same Wi-Fi network as the victim: just within radio range of a vulnerable phone, gateway, laptop, or whatever is being probed. "Among the devices vulnerable to this attack are the ones from Samsung, Apple, Xiaomi and other popular brands," Hexway told The Register.

"A Dissenting View on Covid-19 Response Considering that the great majority of Covid-19 infections don't require special medical treatment, and that we have a good picture of the small percentage of the population that is most vulnerable, the optimal strategy is to a. provide strong protections for the people known to be most likely to get acutely ill". "Bell curves are the dominant trait of outbreaks. A virus doesn't grow linearly or exponentially forever. It accelerates, plateaus, and then declines. Whether via environmental factors or our own efforts, viruses accelerate and quickly decline. This fact of nature is represented in Farr's law. CDC's recommendation of"bend the curve" or "flatten the curve" reflects this natural reality A low probability of catching COVID-19 The World Health Organization according to their report if you come in contact with someone who tests positive for COVID-19 you have a 1-5% chance of catching it as well.

While the HawkEye keylogger has been in continuous development since 2013, it did see an ownership change in December 2018 and has been particularly resurgent since then. "The current developer of the HawkEye Reborn keylogger/stealer is continuously adding support for different applications and software platforms to facilitate the theft of sensitive information and account credentials," researchers told Threatpost last year.

While the HawkEye keylogger has been in continuous development since 2013, it did see an ownership change in December 2018 and has been particularly resurgent since then. "The current developer of the HawkEye Reborn keylogger/stealer is continuously adding support for different applications and software platforms to facilitate the theft of sensitive information and account credentials," researchers told Threatpost last year.

UK-based financial technology company Finastra is investigating a cybersecurity incident that may involve a piece of ransomware infecting some of its systems. Finastra has not shared any details about the attack.

Over the course of two days, hacking teams ranging from Flourescence, RedRocket CTF and Synacktiv attempted to hack Adobe's Acrobat Reader and Apple's macOS and virtualization platforms such as Oracle VirtualBox. During one hacking attempt, the Fluoroacetate team of Amat Cama and Richard Zhu, targeted Adobe Reader and then Windows with a local privilege escalation attack.

Over the course of two days, hacking teams ranging from Flourescence, RedRocket CTF and Synacktiv attempted to hack Adobe's Acrobat Reader and Apple's macOS and virtualization platforms such as Oracle VirtualBox. During one hacking attempt, the Fluoroacetate team of Amat Cama and Richard Zhu, targeted Adobe Reader and then Windows with a local privilege escalation attack.

A new variant of the notorious Mirai malware has been delivered by cybercriminals to network-attached storage devices made by Zyxel through the exploitation of a recently patched vulnerability. Zyxel informed customers last month that some of its NAS devices and firewalls are affected by a critical vulnerability - tracked as CVE-2020-9054 - that can be exploited by a remote, unauthenticated attacker to execute arbitrary code on affected devices.

British police are saying coronavirus-related fraud reports have spiked by 400 per cent over the past six weeks as the COVID-19 illness continues its inexorable march through humanity. Although absolute numbers of reports are low, perhaps kept that way because the public now knows Action Fraud is largely useless, the National Fraud Intelligence Bureau said there were a total of 200 reports of coronavirus scams made to them since 1 February.