Security News > 2020 > November

According to findings published by Check Point Research, the threat actors - believed to be located in the Palestinian Gaza Strip - have targeted Sangoma PBX, an open-sourced user interface that's used to manage and control Asterisk VoIP phone systems, particularly the Session Initiation Protocol servers. "One of the more complex and interesting ways is abusing the servers to make outgoing phone calls, which are also used to generate profits. Making calls is a legitimate feature, therefore it's hard to detect when a server has been exploited."

Security vendor Sophos has suggested Chinese purveyors of advanced persistent threats are behind a recent wave of attacks on non-governmental organisations and other commercial entities in Myanmar. The attack, which Sophos has given the charming moniker "KilllSomeOne", is a DLL side-loading attack that tricks Windows executables into loading a malicious DLL instead of a real one.

Cybersecurity company Cynet recognizes the tremendous value of deception technology. So much so that they built deception technology natively into their XDR platform.

According to Gartner, SASE is delivered from cloud Points of Presence, that provide various security and optimization capabilities to users. If your business is built on selling cheap boxes that try to pack all SASE capabilities, you are not addressing the true architectural problems SASE is trying to solve.

Confluera announced its partnership with 3SG Plus as part of the new Confluera 2020 Reseller Program. 3SG Plus is the second partner to join the Confluera 2020 Reseller Program, which is underpinned by Confluera's state-of-the-art technology to build strong detection and response capabilities into their offerings.

Entersekt announced the appointment of Nicolas Huss to its board of directors. Prior to Ingenico, Huss headed Visa Europe, during which time it was bought by Visa Inc., to which executive committee he was subsequently appointed.

Two senior eBay executives who have refused to join their colleagues and plead guilty to charges of cyberstalking have been hit with a string of fresh charges. James Baugh, 45, was eBay senior director of safety and security, and David Harville, 48, was its director of global resiliency when they were arrested back in June, along with four other eBay employees accused of stalking and intimidating a married couple who published a newsletter for the ecommerce industry that was critical of eBay.

Based on crude messages, such as "KilllSomeOne", used in attack code strings, coupled with advanced deployment and targeting techniques, they say the APT has a split personality. "The messages hidden in their samples [malware] are on the level of script kiddies. On the other hand, the targeting and deployment is that of a serious APT group," wrote Gabor Szappanos, author of a Sophos technical brief, posted Wednesday, outlining what is known about the APT. Szappanos wrote that the gang relies primarily on a cyberattack technique known as DLL side-loading.

A database linked to GrowDiaries, an online community of cannabis growers, has exposed more than a million users' email addresses, passwords, IP address records and posts. GrowDiaries is a robust online community of cannabis growing enthusiasts from around the world, where they can share tips, tricks and pictures of their progress.

More than 200 Google Forms impersonate top brands - including Microsoft OneDrive, Office 365, and Wells Fargo - to steal victims' credentials. Researchers are warning of phishing attacks that leverage Google Forms as a landing page to collect victims' credentials.