Security News

Attackers are compromising email accounts from popular universities, including Purdue and Oxford, to launch attacks that get around DMARC and SPF. Cybercriminals are hijacking legitimate email accounts from more than a dozen universities - including Purdue University, University of Oxford in the U.K. and Stanford University - and using the accounts to bypass detection and trick victims into handing over their email credentials or installing malware. The highest number of phishing emails detected came from compromised Purdue University accounts, stolen in campaigns from Jan. to Sept. Behind Purdue University was Oxford, Hunter College and Worcester Polytechnic Institute.

A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. In a statement SonicWall said it "Was contacted by a third-party research team regarding issues related to SonicWall next-generation virtual firewall models." The spokesman went on to say that SonicWall's own engineers discovered even more vulns while reproducing Tripwire's findings, going on to develop patches for the whole lot.

Hackers needed roughly 24 hours to take over high-profile Twitter accounts in the July attack, a report from the New York Department of Financial Services reveals. A couple of weeks after the incident, Twitter revealed that hackers targeted some employees with phone phishing until gaining access to the account support tools they needed.

A cybersecurity enthusiast learned recently that Airbnb accounts can be easily hijacked by creating a new account on the home-rental service with a phone number that in the past belonged to another Airbnb customer. A SecurityWeek reader named Maya contacted us recently after her husband was accidentally signed into another user's account when trying to create an Airbnb account.

Which cybersecurity failures cost companies the most and which defenses have the highest ROI?Massachusetts Institute of Technology scientists have created a cryptographic platform that allows companies to securely share data on cyber attacks they suffered and the monetary cost of their cybersecurity failures without worrying about revealing sensitive information to their competitors or damaging their own reputation. Essential features of security automation for the AWS platformA common security problem in AWS is an open S3 storage bucket where data is publicly readable on the Internet.

In June 2020, the Japanese cryptocurrency exchange Coincheck reported that hackers gained access to its domain registrar provider and hijacked its coincheck.com domain name. The two incidents illustrate the growing threat of Domain Name System hijacking.

The latest variant of this trojan extracts email threads from Outlook, which it uses for phishing attacks, says Check Point Research. A new phishing campaign analyzed by threat intelligence provider Check Point reveals how the old Qbot trojan has been repurposed to phish people by capturing their email threads.

Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization. Some 18 of those CVE-listed security flaws are considered critical, meaning remote code execution is possible without user interaction.

Google has released a patch for CVE-2020-0096, a critical escalation of privilege vulnerability in Android that allows attackers to hijack apps on the victim's device and steal data. Dubbed StrandHogg 2.0 because its similar to the StrandHogg vulnerability exploited by hackers in late 2019, it affects all but the latest version of Android.

A critical privilege-escalation vulnerability affecting Android devices has been found that allows attackers to hijack any app on an infected phone - potentially exposing private SMS messages and photos, login credentials, GPS movements, phone conversations and more. The bug is dubbed the "StrandHogg 2.0" vulnerability by the Promon researchers who found it, due to its similarity to the original StrandHogg bug discovered last year.