Security News
Such attacks are possible because Zoom for Windows supports remote UNC paths that convert potentially insecure URIs into hyperlinks when received via chat messages to a recipient in a personal or group chat. Hacking Zoom to Steal Windows Passwords Remotely Confirmed by researcher Matthew Hickey and demonstrated by Mohamed Baset, the first attack scenario involves the SMBRelay technique that exploits the fact that Windows automatically exposes a user's login username and NTLM password hashes to a remote SMB server when attempting to connect and download a file hosted on it.
Google has awarded its inaugural annual top prize for the Google Cloud Platform, for vulnerabilities found in the Google Cloud Shell. The find - a container escape that leads to host root access and the ability to use privileged containers - has earned $100,000 for Dutch researcher Wouter ter Maat.
US-based telecom giant T-Mobile has suffered yet another data breach incident that recently exposed personal and accounts information of both its employees and customers to unknown hackers. What happened? In a breach notification posted on its website, T-Mobile today said its cybersecurity team recently discovered a sophisticated cyberattack against the email accounts of some of its employees that resulted in unauthorized access to the sensitive information contained in it, including details for its customers and other employees.
The percentage of companies admitting to suffering a mobile-related compromise has grown despite a higher percentage of organizations deciding not to sacrifice the security of mobile and IoT devices to meet business targets, Verizon has revealed in its third annual Mobile Security Index report, which is based on a survey of 876 professionals responsible for the buying, managing and security of mobile and IoT devices, as well as input from security and management companies such as Lookout, VMWare and Wandera. The report also shows that attackers hit businesses big and small, and operating in diverse industries, and that those that had sacrificed mobile security in the past year were 2x as likely to suffer a compromise.
Unisys announced that the company is offering $10,000 to participants who can capture data and credentials protected by the Unisys Stealth cybersecurity solution at RSA Conference 2020 in San Francisco. The "Unisys Stealth Capture the Flag" contest will take place on February 26 at the Moscone Center in San Francisco.
Over 20,000 web servers have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion researchers have discovered. They are taking advantage of the widespread use of the WordPress content management system, an increased demand for premium themes and victims' lack of security awareness to get them to unknowingly compromise their own web servers.
Researchers have demonstrated an ability to compromise an IoT smart bulb, and then use malware from the internet-connected bulb to infiltrate the rest of a network - regardless of whether that is a home or office. In 2016, earlier researchers were able to compromise Philips Hue lightbulbs with malicious firmware, and then propagate to other adjacent lightbulbs.
Citrix has released a new set of patches for the recently disclosed CVE-2019-19781 vulnerability and partnered with FireEye for a tool that tells users if their systems have been compromised via the security flaw. The vulnerability, disclosed in December 2019, impacts Citrix Application Delivery Controller and Gateway, and two older versions of SD-WAN WANOP. Following the public release of PoC exploits earlier this month, attackers started targeting vulnerable deployments - there are tens of thousands of vulnerable systems out there.
Citrix Systems and FireEye announced the launch of a new tool for detection of compromise in connection with the previously announced CVE-2019-19781 vulnerability, which affects certain versions of Citrix Application Delivery Controller, Citrix Gateway, and two older versions of Citrix SD-WAN WANOP. This tool is freely accessible in both the Citrix and FireEye GitHub repositories. The free tool is designed to allow customers to run it locally against their Citrix instances and receive a rapid assessment of potential indications of compromise in their systems based on known attacks and exploits.
Portland, Oregon-based children's clothing maker Hanna Andersson has quietly disclosed a breach to affected customers. According to the breach notification letter, the "Incident potentially involved information submitted during the final purchase process on our website, www.hannaandersson.com, including name, shipping address, billing address, payment card number, CVV code, and expiration date." These details are often known on the dark web as 'fullz'; that is, the data contains all the information necessary for a criminal to make fraudulent purchases via the internet.