Security News

A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices. "Malware could steal cookie files of any website from other apps in the same way and achieve similar results."

A researcher has earned $55,000 from Facebook for reporting a serious vulnerability that could have been exploited by hackers to steal access tokens and hijack accounts. India-based researcher Amol Baikar discovered in December that the "Login with Facebook" feature, which allows users to log in to other websites with their Facebook account, was affected by a vulnerability.

In its 2020 Global Threat Report, CrowdStrike found that bad actors are disabling endpoint protection and compromising WordPress sites to steal data and credentials. CrowdStrike's eport includes a threat landscape overview, ransomware threat assessment, e-crime trends and activity, and an update on intrusions from Iran, North Korea, China, Russia and other countries.

A vulnerability in the Realtek HD Audio Driver package could be abused to execute arbitrary payloads with elevated privileges on a vulnerable machine, SafeBreach Labs has discovered. Tracked as CVE-2019-19705, the vulnerability could be leveraged to evade defenses and achieve persistence by loading an arbitrary, unsigned DLL into a signed process.

Honeywell's Maxpro VMS and NVR, network video recorders and video management systems deployed in commercial, manufacturing and energy facilities around the world, sport critical vulnerabilities that may allow attackers to take control of them. Patches available for the Honeywell Maxpro vulnerabilities.

SIM hijacking - or SIM swapping - is an attack where a fraudster contacts your cell phone provider and convinces them to switch your account to a phone that they control. Sometimes this involves people inside the phone companies.

There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks. Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.

A vulnerability in Broadcom's cable modem firmware can open unknown millions of broadband modems by various manufacturers to attackers, a group of Danish researchers has warned. CVE-2019-19494, also dubbed Cable Haunt, is present in the spectrum analyzer, a standard component of Broadcom chips that identifies potential problems with the connection through the modem's coaxial cable.

A vulnerability in Broadcom's cable modem firmware has left as many as 200 million home broadband gateways in Europe, and potentially more worldwide, at risk of remote hijackings. The end result, the team says, is that crooks can remotely take over vulnerable Broadcom-based cable modems without netizens or ISPs realizing; the victim simply has to surf to a dodgy website, or similar.

Your quick summary of infosec news beyond everything else we've reported Roundup Here's your Register security roundup of infosec news about stuff that's unfit for production but fit for print.…