Security News
Multiple zero-day vulnerabilities were actively being exploited in CCTV security cameras manufactured by Taiwan-based LILIN, researchers found. The company, an IP video solution provider, was being targeted by hackers hijacking the company's DVR hardware.
This design blunder can be abused by nearby miscreants to snatch snapshots of private data, such as web requests, messages, and passwords, over the air from devices as they are transmitted, if said data is not securely encrypted using an encapsulating protocol, such as HTTPS, DNS-over-HTTPS, a VPN, and SSH. Crucially, to pull this off, a hacker does not need to be on the same Wi-Fi network as the victim: just within radio range of a vulnerable phone, gateway, laptop, or whatever is being probed. "Among the devices vulnerable to this attack are the ones from Samsung, Apple, Xiaomi and other popular brands," Hexway told The Register.
We've already covered a variety of COVID-19-themed scams, phishing attempts, hoaxes and malware delivery campaigns, but new and inventive approaches are popping up daily. "BEC attacks are often delivered in stages. The first email sent is typically innocuous, meaning that they do not contain the attacker's end goal. The attackers craft plausible scenarios in hopes the recipient will reply. Once they're on the hook, the attacker will send their true ask.," the researchers explained.
WordPress and Apache Struts vulnerabilities were the most-targeted by cybercriminals in web and application frameworks in 2019 - while input-validation bugs edged out cross-site scripting as the most-weaponized weakness type. The firm found that WordPress and Apache Struts alone accounted for a combined 57 percent of exploited framework bugs during the year.
A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol connection exposed to the Internet. "From add-ons for stealing OpenSSH and OpenVPN sensitive data, to modules that perform SIM-swapping attacks to take control of a user's telephone number, and even disabling Windows built-in security mechanisms before downloading its main modules, TrickBot is a jack-of-all-trades."
A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol connection exposed to the Internet. "From add-ons for stealing OpenSSH and OpenVPN sensitive data, to modules that perform SIM-swapping attacks to take control of a user's telephone number, and even disabling Windows built-in security mechanisms before downloading its main modules, TrickBot is a jack-of-all-trades."
The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found. A new type of ransomware known as CovidLock encrypts key data on an Android device and denies access to the victims unless they pay up, according to the threat intelligence firm DomainTools.
The Mirai botnet is known for targeting Internet of Things devices and conducting massive DDoS attacks, as described by cyberthreat researcher Check Point Research. A look at the top cyber threats for February by Check Point Research highlights the latest developments in popular malware strains and vulnerabilities.
The extraordinary trial of a former CIA sysadmin accusing of leaking top-secret hacking tools to WikiLeaks has ended in a mistrial. Some of those motions will ask for information from the prosecution that was kept from her during the trial, most controversially the case of "Michael," a co-worker of Schulte who was put on administrative leave by the CIA when evidence emerged linking him to the theft of the Vault 7 hacking tools.
Google has updated Chrome for Linux, Mac, and Windows to address three security vulnerabilities - and exploit code for one of them is already public, so get patching. Interestingly enough, at the time, this public source-code tweak was spotted and studied by Exodus Intelligence researchers István Kurucsai and Vignesh Rao, who hoped to see whether it's still practical to identify security bug fixes among code changes in the Chromium source tree and develop an exploit before the patch sees an official release, a practice known as patch-gapping.