Security News

New malformed URL phishing technique can make attacks harder to spot
2021-02-19 18:46

Email security company GreatHorn is warning of a new form of phishing attack that makes malicious messages more likely to get through filters and harder for the average person to detect by sight. Email scanning programs, GreatHorn said in a blog post, aren't configured to detect these kinds of attacks because they don't fit known bad criteria.

Brave privacy bug exposes Tor onion URLs to your DNS provider
2021-02-19 16:37

Brave Browser is fixing a privacy issue that leaks the Tor onion URL addresses you visit to your locally configured DNS server, exposing the dark web websites you visit. To access Tor onion URLs, Brave added a 'Private Window with Tor' mode that acts as a proxy to the Tor network.

New phishing attack uses Morse code to hide malicious URLs
2021-02-07 15:40

A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment. Samuel Morse and Alfred Vail invented morse code as a way of transmitting messages across telegraph wire.

Knock, knock. Who's there? NAT. Nat who? A NAT URL-borne killer
2021-01-27 20:26

Ben Seri and Gregory Vishnepolsky, threat researchers at Armis, have found a way to expand upon the NAT Slipstream attack disclosed last year by Samy Kamkar, CSO of Openpath Security. The original NAT Slipstream potentially allowed a miscreant to access any TCP/UDP service tied to a victim's machine by bypassing the victim's NAT and firewall defenses.

Google Chrome to block JavaScript redirects on web page URL clicks
2020-11-09 14:37

Google Chrome is getting a new feature that increases security when clicking on web page links that open URLs in a new window or tab. This attribute has a known security issue that allows the newly opened page to utilize javascript to redirect the original page to a different URL. This redirected URL can be anything the threat actor wants, including phishing pages or pages that automatically download malicious files.

Microsoft shares list of URLs required by Microsoft Defender ATP
2020-10-28 13:59

Microsoft has released a spreadsheet containing the full list of URLs that Microsoft Defender ATP must reach to function correctly. When Microsoft Defender ATP is installed on endpoints, its sensor will detect malicious threats and behaviors and send them via HTTP to the Microsoft Defender ATP cloud service.

Spammers Smuggle LokiBot Via URL Obfuscation Tactic
2020-10-01 16:16

Spammers have started using a tricky URL obfuscation technique that sidesteps detection - and ultimately infects victims with the LokiBot trojan. When the PowerPoint file is opened, the document attempts to access a URL via a Windows binary, and this leads to various malware being installed onto the system.

Southern Water customers could view others' personal data by tweaking URL parameters
2020-08-28 11:40

Southern Water - British supplier of the liquid of life - botched its internal Sharepoint implementation so badly that a customer was able to view other people's account details. Reg reader Chris H discovered that the way Southern Water had set up Sharepoint to host customer information as a "Your account" style section of their website exposed URLs that could be tweaked to view other people's account information.

Google to Run Experiment in Fight Against URL Spoofing in Chrome
2020-08-13 18:43

Google announced on Wednesday that it's preparing to run an experiment in Chrome 86 as part of its fight against URL spoofing. Research conducted recently by Google and the University of Illinois at Urbana-Champaign showed that 60 percent of users were tricked when a URL path contained a misleading brand name.

Zoom's Vanity URLs Could Have Been Abused for Phishing Attacks
2020-07-17 08:25

An issue related to the Zoom feature that allows for the customization of meeting URLs could have been exploited for phishing attacks, Check Point reveals. The recently identified security issue, Check Point says, is related to the Zoom Vanity URL, a custom URL that organizations are required to use when looking to enable single sign-on.