Security News > 2020

Tim Keeler, CEO of Remediant, a security consultant and penetration tester, explained how Zoom became a target. The Windows version of Zoom "Tricked users into disclosing usernames and password hashes by clicking on links in a Zoom session chat window," which "Took advantage of the Universal Naming Convention path injection vulnerability in the Zoom Windows client."

Recent studies have shown that cybercriminals building phishing sites now use SSL as well, complicating efforts by enterprises to keep their employees safe. The Menlo Security research revealed that while 96.7% of all user-initiated web visits are being served over https, only 57.7% of the URL links in emails turn out to be https, which means that web proxies or firewall will be oblivious to the threats unless enterprises turn on SSL inspection.

Google this week released the April 2020 set of security patches for the Android operating system to address over 50 vulnerabilities, including four critical issues in the System component. "The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google notes in an advisory.

Domain experts called corp.com dangerous because years of testing showed whoever wields it would have access to an unending stream of passwords, email and other sensitive data from hundreds of thousands of Microsoft Windows PCs at major companies around the globe. In a written statement, Microsoft said it acquired the domain to protect its customers.

This means that if you accessed Twitter from a shared or public computer via Mozilla Firefox and took actions like downloading your Twitter data archive or sending or receiving media via Direct Message, this information may have been stored in the browser's cache even after you logged out of Twitter. We started Firefox with a totally empty cache, browsed to twitter.com, and then grabbed a copy of the files Firefox had chosen to keep for later in its cache directory.

A type of fraud targeting those in charge of performing legitimate funds transfers for a company, BEC scams aim to trick unsuspecting victims into sending money to the attackers. In BEC attacks, the victim typically receives an email apparently arriving from a company they normally conduct business with, requesting payments be made to a new account, or demanding a change in the standard payment operations.

Linux malware is real and Advanced Persistent Threat groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans the cybercriminals are using to get and maintain access to Linux servers.

SpyCloud researchers have also discovered that existing community threat intelligence feeds such as Google Safe Browsing, OpenPhish or ThreatsHub flag only a small percent of the domains as malicious. After gathering a list of of over 136,000 hostnames and fully qualified domain names with COVID-19 or coronavirus themes from a variety of open-source feeds, they "Parsed, deduplicated, and enriched the data with HTTP, additional DNS analysis, and WHOIS data that was manually collected" and found that many of the domains have active web content, but some merely display "Placeholder" content indicating they've been purchased and "Parked" at the registrar.

Two schoolchildren have sued Google, alleging that it's illegally collecting their voiceprints, faceprints and other personally identifiable information. In order to use those apps, the kids had to speak into the laptop's audio recording device so Google could record their voices, and they had to look into the laptop's camera so Google could scan their faces.

In March researchers reported that some apps pay a lot of attention to other apps installed on a device, which in theory could be used to gather data on a user's behaviour and inclinations. The study examined two issues - what proportion of apps exhibited secret behaviours and how these might be used or abused.