Security News

The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results. Malware campaigns relying on Gootloader's mechanism have been spotted last year delivering REvil ransomware to targets in Germany.

With the 2020 election looming, security is a hot topic. In the business hall, we saw vendors with new offerings to extend the corporate network and security into a user's home.

The first entirely virtual edition of the Black Hat cybersecurity conference took place last week and researchers from tens of organizations presented the results of their work from the past year. The Kr00k vulnerability, which allows attackers to decrypt wireless communications, only affects Wi-Fi chips from Broadcom and Cypress, but ESET researchers discovered recently that similar vulnerabilities also exist in chips made by MedaTek and Qualcomm.

Social media used as a cudgel for nation-states to sway opinion is a cybersecurity threat CISOs can't ignore - and need to understand better and mitigate against. During a keynote address at Black Hat on Thursday entitled "Hacking Public Opinion," she said threat actors are fine-tuning these attacks.

Researchers say the flaws, detailed at Black Hat USA on Thursday, potentially impacted over 2 million Mercedes-Benz connected cars before they were fixed. "We reported the flaws to Mercedez-Benz, we found about 19 vulnerabilities," said Minrui Yan, head of the Sky-Go Team with 360 Group, presenting with Jiahao Li, researcher with 360 Group, at Black Hat.

Satellite internet communications are susceptible to eavesdropping and signal interception by far-flung attackers located in a different continent or country from their victims. When a satellite ISP makes an internet connection for a customer, it beams that customer's signals up to a satellite in geostationary orbit within a narrow communications channel; that signal is then sent back down to a terrestrial receiving hub and routed to the internet.

A new "Zero-click" MacOS exploit chain could allow attackers to deliver malware to MacOS users using a Microsoft Office document with macros. The exploit chain, revealed by Patrick Wardle, principal security researcher with Jamf, at Black Hat USA 2020, runs macros without an alert or prompt from the Microsoft Office application that prompts explicit user approval - meaning that when a user opens the document, the macro is automatically executed.

Researchers are warning that a new class of botnets could be marshaled and used to manipulate energy markets via zombie armies of power-hungry connected devices such as air conditioners, heaters, dryers and digital thermostats. Researchers with the Georgia Institute of Technology laid out the scenario in a Black Hat 2020 virtual session Wednesday.

A stack of Linux backdoor malware used for espionage, compiled dynamically and customizable to specific targets, is being used as a shared resource by five different Chinese-language APT groups, according to researchers. Finally, the sixth item is the Linux XOR DDoS botnet, which is the largest known Linux botnet, first coming to notice in 2015.

Voting machine-maker Election Systems & Software has formally announced a vulnerability disclosure policy, Wednesday, during a Black Hat USA 2020 session. The adoption of safe-harbor language marks a drastic turnaround from how the voting-machine vendor has interacted with the research community in previous years.