Security News

Researchers have discovered a sophisticated new phishing campaign that uses recognized brand names to bypass security filters as well as to trick victims into giving up Microsoft Office 365 credentials to gain access to corporate networks. A new report from Check Point Software first observed the attacks-the majority of which targeted European companies, with others seen in Asia and the Middle East-in April, when they discovered emails sent to victims titled "Office 365 Voice Mail.".

In a report released Wednesday, Palo Alto Networks' Unit 42 sheds new light onto attacks against the popular open-source virtualization software VirtualBox that used the AcidBox malware. The Turla Group malware, researchers said, also targeted a second DSE vulnerability tied to a signed VirtualBox driver using what would later be identified as AcidBox malware.

As far as we can see, the first wave of Intel processors that will include these new protections are the not-quite-out-yet CPUs known by the nickname "Tiger Lake", so if you're a programmer you can't actually start tinkering with the CET features just yet. Errors in using memory are one of the leading causes of software bugs that lead to security holes, known in the trade as vulnerabilities.

Known as Control Flow Enforcement Technology, or CET, the protections are designed to prevent miscreants from exploiting certain programming bugs to execute malicious code that infects systems with malware, steals data, spies on victims, and so on. There are various mitigations in place on modern systems, such as Data Execution Prevention, that stop hackers from injecting and executing malicious code into a program when a victim opens a specially crafted document or connects to a remote service.

Organizations are creating the perfect storm by not implementing security basicsEuropean organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according to Thales. Average cost of DNS attacks hovering around $924,00079% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. PoC RCE exploit for SMBGhost Windows flaw releasedA security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.

The eggheads at MIT produced a report [PDF] detailing their probing of OmniBallot, a web-based ballot-issuing and voting system made by Democracy Live for US state elections - and warned the software doesn't do enough to ensure the integrity of its technology. The report does note that OmniBallot has been used primarily for voters with disabilities, or voters who cannot vote in person such as those stationed overseas in the military.

According to Vice, the FBI had tried to hack into Hernandez's computer but failed, as the approach they used "Was not tailored for Tails." Hernandez then proceeded to mock the FBI in subsequent messages, two Facebook employees told Vice. Facebook had tasked a dedicated employee to unmasking Hernandez, developed an automated system to flag recently created accounts that messaged minors, and made catching Hernandez a priority for its security teams, according to Vice.

The release of a fully functional proof-of-concept exploit for a critical, wormable remote code-execution vulnerability in Windows could spark a wave of cyberattacks, the feds have warned. Microsoft patched the bug tracked as CVE-2020-0796 back in March; also known as SMBGhost or CoronaBlue, it affects Windows 10 and Windows Server 2019.

A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.

The price of some iOS exploits has dropped recently and at least one exploit acquisition company is no longer buying certain types of vulnerabilities. It also announced that prices for iOS exploit chains that require some user interaction and don't provide persistence will likely drop in the near future.