Security News > 2020 > September

Cisco flagged threats like Kovter, Poweliks, Divergent and LemonDuck as the most common fileless malware. Another prevalent critical threat to endpoints in the first half was dual-use tools that are typically leveraged for both exploitation and post-exploitation tasks.

An unsecured database has exposed sensitive data for users of Microsoft's Bing search engine mobile application - including their location coordinates, search terms in clear text and more. While no personal information, like names, were exposed, researchers with Wizcase argued that enough data was available that it would be possible to link these search queries and locations to user identities - giving bad actors information ripe for blackmail attacks, phishing scams and more.

With only hours until the deadline for the directive, issued on Friday, to be executed, what is at stake is a "Vulnerability [that] poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action," according to the Cybersecurity and Infrastructure Security Agency. Microsoft released a patch for the vulnerability as part of its August 11, 2020 Patch Tuesday security updates.

The National Security Agency has published two cybersecurity information sheets with recommendations for National Security System and Department of Defense workers and system administrators on securing networks and responding to incidents during the work-from-home period. Recommended steps to mitigate the compromise, the NSA says, include rebooting and resetting routers, disabling their remote administration functionality and updating the firmware; disconnecting infected machines from the network, resetting passwords on a different device and running anti-malware software; and removing ransomware infections and restoring a previously backed-up good state.

A vulnerability in Firefox for Android paves the way for an attackers to launch websites on a victim's phone, with no user interaction. "Instead of providing the location of an XML file describing a UPnP device, an attacker can run a malicious SSDP server that responds with a specially crafted message pointing to an Android intent URI. Then, that intent will be invoked by the Firefox application itself."

Mozilla now offers a VPN service that protects Windows and mobile devices, and soon your Linux and macOS desktops. Mozilla has released their VPN service, which is currently available for Android, iOS, Windows, and will soon be available for Linux and macOS. The service offers fast network speeds, location selection, zero activity logs stored on Mozilla servers, is currently available in six countries, runs on a global network of servers powered by Mullvad, uses device-level encryption, has no bandwidth restrictions, makes use of 280+ servers in 30+ countries, and only costs you $4.99 per month for up to five devices.

Researchers have uncovered a threat group launching surveillance campaigns that target victims' personal device data, browser credentials and Telegram messaging application files. One notable tool in the group's arsenal is an Android malware that collects all two-factor authentication security codes sent to devices, sniffs out Telegram credentials and launches Google account phishing attacks.

Conservative backbencher David Davis has vowed to ask questions in Parliament over Uber's seemingly unregulated sharing of data with police and transport regulators as it battled to save its London private hire operator's licence. In November 2019, Uber was formally stripped of its licence after what Transport for London called a "Pattern of failures", including allowing random third parties to upload their mugshots to legitimate Uber driver accounts, bypassing background checks.

Starting Sunday, downloads of TikTok would have been cut off from any app store operating in the U.S. Users that already have the app installed would still be able to use it, without refreshes or updates, until Nov. 12, when a complete ban was set to go into effect. Shortly thereafter, the app fixed several severe security vulnerabilities, putting the app's security even more into the spotlight.

A vulnerability identified in Firefox for Android could have been exploited to remotely open arbitrary websites on a targeted user's phone without the need to click on links, install malicious applications, or conduct man-in-the-middle attacks. The flaw was discovered by researcher Chris Moberly in version 68 of Firefox for Android.