Security News > 2020

A vulnerability in Avast's anti-tracking solution could allow malicious actors to perform man-in-the-middle attacks on HTTPS traffic, a security researcher has discovered. The security flaw, which impacts both Avast and AVG AntiTrack, as they share underlying code, resides in the manner in which the software filters HTTPS traffic.

The FBI claimed to have found an "Encrypted container" with child abuse imagery files tucked beneath three layers of password protection on Schulte's PC. The FBI accused Schulte of maintaining lousy security, saying that each layer was unlocked using passwords Schulte previously used on one of his cellphones. The mistrial is embarrassing: prosecutors spent years pulling the case together, and they devoted four weeks of testimony in an effort to portray Schulte as a vindictive and disgruntled employee who put US security at risk by leaking information on how the CIA spied on foreign adversaries.

Microsoft is working on patches for a critical remote code execution vulnerability in Server Message Block 3.0 that exposes systems to "Wormable" attacks. According to Microsoft, the vulnerability is related to the way SMB 3.1.1 handles certain requests and it can be exploited by an unauthenticated attacker to execute arbitrary code on SMB servers and clients.

"To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server. To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it." Unlike the Microsoft Windows SMB Server flaws used by the EternalBlue and EternalRomance exploits, which were leveraged for the 2017 WannaCry and NotPetya outbreaks, CVE-2020-0796 only affects SMBv3 and does not affect Windows 7 and Windows Server 2008 R2 systems.

It sounds almost impossible to stop, but not according to the makers of the Brave browser, which is using its latest developer build to test a new defence against fingerprinting: confusing fingerprinting collection algorithms by randomising some of the data they collect. Although fingerprinting has a lot of possible APIs and network IDs to utilise, Brave's concept is that it is only necessary to disrupt a few to confuse surveillance.

The second story is from a post I saw on LinkedIn a few weeks ago that reinforced the essential role human intelligence plays in data analysis and decision making. To gain a deeper understanding of your adversaries, you need a platform to aggregate these millions of global threat data points and translate them into a uniform format for analysis and action.

The European Network of Transmission System Operators for Electricity revealed this week that malicious actors breached its corporate network. TSOs are responsible for the transmission of electric power across the main high-voltage networks, and ENTSO-E works with them on the implementation of energy policies and achieving Europe's energy and climate policy objectives.

A critical crown court IT system and thousands of laptops used by the UK's Ministry of Justice run on Microsoft's obsolete and unsupported Windows XP operating system, The Register can reveal. As recently as March 2019, the ministry was paying hundreds of thousands of pounds for a VPN to support 2,000 Windows XP laptop users - news that comes as the department admits that a critical court IT system is also running on XP boxen.

Google has seemingly stopped claiming an identifier it uses internally to track experimental features and variations in its Chrome browser contains no personally identifiable information. In February, Arnaud Granal, a software developer who works on a Chromium-based browser called Kiwi, claimed the X-client-data header, which Chrome sends to Google when a Google webpage has been requested, represents a unique identifier that can be used to track people across the web.

82% of women in cybersecurity jobs agree the industry has a gender bias problem. A significant gender gap exists in cybersecurity, with women occupying less than a quarter of the roles.