Security News > 2020 > October

Cybercriminals are chaining Microsoft's Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns. The advisory details how attackers are chaining together various vulnerabilities and exploits - including using VPN vulnerabilities to gain initial access and then Zerologon as a post-exploitation method - to compromise government networks.

The streaming box allows arbitrary code execution as root, paving the way to pilfering social-media tokens, passwords, messaging history and more. A critical bug in the Hindotech HK1 TV Box would allow root-privilege escalation thanks to improper access control.

Based on a survey, a report released Tuesday by security provider Keeper Security looks at the types of threats aimed at organizations with remote workers and offers advice on how to better protect your workforce. Around 22% of them had remote workers; now around 58% of them maintain a remote workforce.

Adobe has patched a critical arbitrary code execution vulnerability in Flash Player. "Successful exploitation could lead to an exploitable crash, potentially resulting in arbitrary code execution in the context of the current user," Adobe explained in its advisory.

Moving to secure paperless communications is certainly a start. If these problems sound familiar, you'll want to join us for some answers on October 14 at 9am PDT, when The Register's Tim Phillips will be joined by Jacob Ginsberg, senior director of market intelligence at Echoworx, for a webcast on secure paperless communications.

"We disrupted TrickBot through a court order we obtained, as well as technical action we executed in partnership with telecommunications providers around the world," wrote Tom Burt, corporate vice president, Customer Security & Trust, at Microsoft, in a Monday posting. "Its operators could provide their customers access to infected machines and offer them a delivery mechanism for many forms of malware, including ransomware. Beyond infecting end user computers, TrickBot has also infected a number of Internet of Things devices, such as routers, which has extended TrickBot's reach into households and organizations."

Microsoft says that Windows 10 and Windows Server users will be blocked from installing incorrectly formatted third-party drivers after deploying this month's cumulative updates. Starting with the October 2020 updates, Windows requires DER-encoded PKCS#7 content to be valid and correctly embedded in catalog files.

Online infrastructure security solutions provider Cyberpion on Tuesday emerged from stealth mode after raising $8.25 million in seed funding. Aiming to help organizations gain visibility into and secure their online ecosystem, the Tel Aviv, Israel-based cybersecurity startup provides security teams with a platform that they can leverage to identify and neutralize the risks posed by vulnerabilities in their online assets.

Prizes for bad actors can be access to stolen data and tools to make hacks easier, according to new research from Trend Micro. Cybercriminals have put their own spin on passing time with online rap battles, poker tournaments, poem contests, and In-person sport tournaments.

Acronis has released patches for its True Image, Cyber Backup, and Cyber Protect products to address vulnerabilities that could lead to elevation of privileges. Tracked as CVE-2020-10138, the first of the bugs affects Acronis Cyber Backup 12.5 and Cyber Protect 15 and resides in a privileged service that uses "An OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:jenkins agent."