Security News > 2020 > September

The rather concerning design flaw in Microsoft's netlogon protocol is being exploited in the wild by miscreants, the Windows giant's security team has warned. Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon.

Across its six membership levels, the FiRa Consortium has recently added 21 new members, each bringing expertise in support of expanding the use of UWB technology to establish an interoperable UWB-enabled ecosystem. Fabien Courtiade, OEM Key Partners Director, Thales and new FiRa Consortium Board member, says, "Thales as a group is delighted to join the FiRa Consortium to contribute to the development of the UWB ecosystem and foster the adoption of unprecedented accurate user experiences such as indoor and vehicle positioning, information transfer or digital key."

A federal agency has suffered a successful espionage-related cyberattack that led to a backdoor and multistage malware being dropped on its network. "The cyber-threat actor had valid access credentials for multiple users' Microsoft Office 365 accounts and domain administrator accounts," according to CISA. "First, the threat actor logged into a user's O365 account from Internet Protocol address 91.219.236[.]166 and then browsed pages on a SharePoint site and downloaded a file. The cyber-threat actor connected multiple times by Transmission Control Protocol from IP address 185.86.151[.]223 to the victim organization's virtual private network server."

Cisco Systems released a barrage of patches, Thursday, aimed at fixing bugs in the networking giant's ubiquitous IOS operating system. Twenty-nine of the Cisco bugs are rated high severity, with 13 rated medium in severity.

Sadly what works for legitimate businesses almost always works for cybercriminals too, so there are plenty of crooks still using SMSes for phishing - an attack that's wryly known as smishing. Your phone's operating system will happily recognise when the text in an SMS looks like a URL and automatically make it clickable for you.

Penetration testing tool Cobalt Strike is increasingly being used by black hats in non-simulated attacks as traces show up in scenarios from ransomware infections to state-backed APT threats, says Cisco Talos. Claiming that the tool "Accounted for 66 per cent of all ransomware attacks Cisco Talos Incident Response responded to this quarter," the threat intel firm reckons that both criminal hackers and pentesting security analysts' red teams alike are making great use of Cobalt Strike, especially for its ability to deploy listeners on targeted networks.

A mobile phishing campaign is spreading via text messages purporting to come from an Apple chatbot - and offering "Free trials" of iPhone 12. Clicking the link triggers an interaction - via multiple texts - with a supposed "Apple chatbot."

Microsoft warned on Wednesday that malicious hackers are exploiting a particularly dangerous flaw in Windows Server systems that could be used to give attackers the keys to the kingdom inside a vulnerable corporate network. "We have observed attacks where public exploits have been incorporated into attacker playbooks," Microsoft said.

Infosec boffins at the University of Kent have developed a "Comprehensive playbook" for companies who, having suffered a computer security breach, want to know how to shrug off the public consequences and pretend everything's fine. In a new paper titled "A framework for effective corporate communication after cyber security incidents," Kent's Dr Jason Nurse, along with Richard Knight of the University of Warwick, devised a framework for companies figuring out how to publicly respond to data security breaches and similar incidents where servers are hacked and customer records end up in the hands of criminals.

A vulnerability in Instagram allowed an attacker to take over an Instagram account and turn the victim's phone into a spying tool by simply sending a malicious image by any media exchange platform. Check Point Research decided to examine Instagram because of its size and popularity.