Microsoft Patches Four Publicly-Known Vulnerabilities

Microsoft patched four Windows operating system bugs – all of which are already publicly known or have proof of concept exploits – as part of its June Patch Tuesday security bulletin. Each of the vulnerabilities are rated important and there are no reports of public exploitation for the flaws. Th...

Google Calendar Attacks Target Unwitting Mobile Users

UPDATE A sophisticated cyberattack is targeting Gmail users through fraudulent, unsolicited Google Calendar notifications. The campaign takes advantage of a common default feature for people using Gmail on their smartphone: Calendar invites automatically pop up on phones, prompting users to accep...

Near-Ubiquitous Microsoft RCE Bugs Affect All Versions of Windows

UPDATE Two Microsoft vulnerabilities, CVE-2019-1040 and CVE-2019-1019, would allow attackers to remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication WIA such as Exchange or ADFS. According to researchers at Preemp...

Linux Command-Line Editors Vulnerable to High-Severity Bug

A high-severity bug impacting two popular command-line text editing applications, Vim and Neovim, allow remote attackers to execute arbitrary OS commands. Security researcher Armin Razmjou warned that exploiting the bug is as easy as tricking a target into clicking on a specially crafted text fil...

Critical Adobe Flash, ColdFusion Vulnerabilities Patched

Adobe has issued fixes for critical flaws in Adobe Flash and ColdFusion that could lead to arbitrary code execution if exploited. Overall, Adobe patched 11 vulnerabilities across Adobe Flash, Adobe ColdFusion and Adobe Campaign – including five critical flaws – during its regularly-scheduled...

Troy Hunt Looks to Sell Have I Been Pwned

Citing overwhelming demands on his time, Troy Hunt is looking for a buyer for his site, Have I Been Pwned HIBP. HIBP offers a free service for consumers wanting to know if their user names and passwords have been compromised in a data breach; it also offers commercial services that include alerts...

Data Breach Exposes 100K U.S. Traveler Photos, License Plates

UPDATE The U.S. Customs and Border Protection said that a recent data breach exposed photos of the faces and license plates for more than 100,000 travelers driving in and out of the country. The department said Monday that the breach stemmed from an attack on a federal subcontractor. Customs and...

Mozilla Confirms Premium Firefox Browser With Security Features

Mozilla Corporation is launching a premium version of the Firefox browser that will tout improved security features such as virtual private network and secure cloud storage, according to CEO Chris Beard. In a Friday interview with German media publication T3N, Beard said that the premium service,...

WordPress Sites Worldwide Hit with 'Call-Girl' Search-Engine Pollution

A web spam campaign that targets Koreans is creating problems for site administrators all around the world. Hackers are compromising vulnerable Korean-language WordPress websites, but are also polluting search engine results for non-hacked sites globally. Researchers at Sucuri initially uncovered...

How to Model Risk in an Apex Predator Cyber-World

The threat-intelligence researchers at Alphabet’s Chronicle have borrowed the apex predator concept from ecology to describe today’s multi-organizational, multinational threat actors — the evolution of which could provoke an overhaul of risk analysis and management. However, it’s important to kee...

Microsoft Warns of Email Attacks Executing Code Using an Old Bug

Microsoft is warning of a fresh email campaign that distributes malicious RTF files boobytrapped with an exploit dating back to a 2017 vulnerability, CVE-2017-11882. The exploit allows attackers to automatically run malicious code without requiring user interaction. “The CVE-2017-11882...

VLC Player Gets Patched for Two High-Severity Bugs

Maintainers of the popular open-source VLC media player patched two high-severity bugs Friday. The flaws were an out-of-bound write vulnerability and a stack-buffer-overflow bug. Developers behind the software, VideoLAN, said the patches were two of 33 fixes being pushed out to the media player a...

Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover

Two critical severity bugs have been publicly disclosed that impact Amcrest HDSeries model IPM-721S cameras. Both vulnerabilities open the consumer-grade $50 Wi-Fi cameras to complete takeover by remote, unauthenticated attackers. Mandar Satam, senior security researcher at Synopsys, found the si...

Forget BlueKeep: Beware the GoldBrute

While everyone’s talking about the BlueKeep Mega-Worm, this is not the main monster to fear, according to recent web attack activity. Rather, a researcher is warning that the GoldBrute botnet poses the greatest threat to Windows systems right now. In the past few days, GoldBrute named after the...

SandboxEscaper Debuts ByeBear Windows Patch Bypass

Guerrilla developer SandboxEscaper has disclosed a second bypass exploit for a patch that fixes a Windows local privilege-escalation LPE flaw — again without notifying Microsoft. The exploit, dubbed “ByeBear,” enables attackers to get past the patch to attack a permissions-overwrite,...

News Wrap: Infosecurity Europe Highlights and BlueKeep Anxiety

This week, the focus was on Infosecurity Europe, which took place in London and showcased a myriad of sessions, threat research and trends in the cybersecurity space. During the Threatpost news wrap for the week ended June 7, the team breaks down the top news from the show, as well as other...

Targeted Espionage-as-a-Service Takes Hold on the Dark Web

The cybercrime underground has become a service-driven, on-demand economy, including making available targeted corporate espionage services. According to an analysis, about 40 percent of Dark Web merchants offer spearphishing-as-a-service and targeted hacking services, aimed at infiltrating Fortu...

Troy Hunt: 'Messy' Password Problem Isn't Getting Better

LONDON, UK – The security world is facing a major issue that has led to widespread breaches, data exposure, and more – and it all stems from millions of insecure passwords used for everything from enterprise PCs to internet of things IoT devices. Poor password hygiene – including reusing password...

AMCA Healthcare Hack Widens Again, Reaching 20.1M Victims

The hack of the American Medical Collection Agency AMCA, a third-party bill collection vendor, continues to expand, now impacting 20.1 million patients across three laboratory services providers. In the wake of revelations that the personal data of 12 million patients from Quest Diagnostics had...

High-Severity Bug in Cisco Industrial Enterprise Tool Allows RCE

A high-severity bug has been found that allows remote attackers to hijack Cisco’s enterprise-class Industrial Network Director. The vulnerability was made public Wednesday along with a patch; there are no workarounds for the bug and a software patch is required, Cisco said. Cisco’s Industrial...

Streaming Video Fans Open to TV Hijacking

A suite of critical remote code-execution vulnerabilities in a streaming TV platform could expose entire databases of subscribers’ personal info and financial details – and could open the door to attackers hijacking the service, streaming any content they wish to customer screens. According to...

Help Keep Data and Systems Safe with Access Rights Manager (ARM)

Built to provision, deprovision, audit, and manage user access rights to data, files, and other systems, SolarWinds® Access Rights Manager ARM is designed to help security admins and IT pros protect their companies from potential risks like data loss and breaches. Visualize who has access to what...

IoT Security Regulation is on the Horizon

LONDON, UK – Internet of things IoT device security continues to worry the tech industry – however, experts believe that the right type of global regulation could be key for ensuring security standards. The question is when those regulatory efforts will be fleshed out. Ken Munro, with Pen Test...

Buggy Phishing Kits Allow Criminals to Cannibalize Their Own

They say it’s a dog-eat-dog world out there, but in cybercrime terms, perhaps it should be called a “phish-eat-phish” situation. Researchers recently discovered that several widely used phishing kits harbor vulnerabilities that can be exploited by other criminals to hijack operations – and...

440 Million Android Users Plagued By Extremely Obnoxious Pop-Ups

Over 440 million Android phones have been exposed to an obnoxious advertising plugin hidden within hundreds of popular applications available via Google Play, which ultimately can render phones almost unusable. Lookout Research discovered the plugin being bundled with 238 unique applications that...

Mozilla and Google Browsers Get Security, Anti-Tracking Boosts

Browsers Firefox and Chrome received updates this week, both adding security and privacy tools that help with password management and help block sites that track users. Mozilla’s Firefox browser introduced an “Enhanced Tracking Protection” feature that blocks over 1,000 third-party companies that...

BlueKeep 'Mega-Worm' Looms as Fresh PoC Shows Full System Takeover

A researcher has created a proof-of-concept Metasploit module for the critical BlueKeep vulnerability, which successfully demonstrates how to achieve complete takeover of a target Windows machine. Reverse engineer Zǝɹosum0x0 tweeted about his success on Tuesday, noting that he plans to keep the...

Why Election Trust is Dwindling in a Post-Cambridge Analytica World

LONDON, UK – The 2018 Facebook-Cambridge Analytica incident opened the world’s eyes to how much private user data was being collected, shared and sold. But experts worry that future ramifications of this scandal go way beyond Facebook and have created distrust in the election process as a whole...

Infosecurity Europe: Easing the Clash Between IT and Industrial Worlds

LONDON, UK – Information technology and operational technology are like two sides of the same coin. Their objectives are the same, but too often they don’t see eye-to-eye when it comes to priorities, according to cybersecurity experts. Information technology IT teams are tasked with securing and...

Podcast: Behind-the-Scenes Look at Scattered Canary BEC Cybergang

LONDON, U.K. – At Infosecurity Europe, Threatpost caught up with Agari researchers to discuss their threat research unveiled at the show about a newly-unveiled business email compromise BEC cybergang. The cybercriminal group, which researchers called Scattered Canary, has been evolving for over 1...

Newly-Identified BEC Cybergang Targets U.S. Enterprise Victims

LONDON, U.K. – Researchers have identified a highly-sophisticated Nigerian business email compromise gang targeting U.S enterprises and government institutions. The cybercrime group, dubbed Scattered Canary, has evolved over the past 10 years from a one-man shop working Craigslist scams into a...

Is 'Sign in with Apple' Marketing Spin or Privacy Magic? Experts Weigh In

Apple’s “Sign in with Apple” feature promises to protect user privacy – and while many are looking at that claim as more of a marketing move than anything else, authentication experts say it has the potential to have an enormous impact on the data privacy ecosystem. The giant from Cupertino took...

Zero-Day No More: Windows Bug Gets a Fix

The local privilege-escalation LPE zero-day bug in Microsoft Task Scheduler, disclosed by SandboxEscaper on Twitter in late May by way of making public a fully functioning exploit, now has a micropatch. The interim fix, from 0patch, was issued Tuesday to address the vulnerability. The bug would...

Zebrocy: A Russian APT Specializing in Victim Profiling, Access

Zebrocy, the Russian speaking threat group that shares similarities and overlaps with both the Sofacy and BlackEnergy APTs, is once again roaming the wide plain of government, foreign-affairs and military targets. Researchers have spotted the group using a new first-stage malware dropper in recen...

AI Isn't Good Enough When Lives Are on the Line, Experts Warn

LONDON, UK – With the infosec community eyeing artificial intelligence as the next big frontier for cyber defense, experts here at Infosecurity Europe on Tuesday warned that several challenges in how AI processes and interprets data need to first be fleshed out before widespread adoption. AI, in...

A New Approach for Combating Insider Threats

LONDON, UK – As insider attacks continue to plague the enterprise the security community is doubling down on finding new solutions to mitigate against the age-old problem. An insider threat can encompass anything from a gullible employee falling for a spearphishing email, to unaware new hires...

Infosecurity Europe: Cryptojacking is Making a Comeback

LONDON, UK – With cryptocurrency prices skyrocketing, the threat of cryptomining malware, used to mine various types of cryptocurrencies, is continuing to worry the security industry. Case in point: Recently researchers uncovered the Nansh0u campaign, a cryptojacking campaign that mines an...

Tap 'n Ghost Attack Creatively Targets Android Devices

Researchers have created a novel proof-of-concept PoC attack named Tap ‘n Ghost, which targets Near Field Communication NFC-enabled Android smartphones. This allows an attacker to take control of a target phone simply by tricking the victim into placing their handset on a specially crafted surfac...

WWDC 2019: Apple Takes Aim at Facebook on Privacy

Apple took a swipe at Facebook at its Worldwide Developers’ Conference WWDC on Monday, unveiling fresh privacy features for the upcoming version of its iOS operating system for iPhone and iPad iOS 13. Most notably, it took the wraps off of an authentication mechanism that will allow users to sign...

Smart-TV Bug Allows Rogue Broadcasts

An unpatched vulnerability in smart TVs would allow attackers on the same Wi-Fi network to hijack the TV set to broadcast their own content – including, potentially, fake emergency broadcast messages. Discovered by security researcher Dhiraj Mishra, the flaw CVE-2019-12477 is found in the SUPRA...

GandCrab Ransomware Shutters Its Operations

The GandCrab ransomware group is shutting down, according to posts on the Dark Web. Researchers David Montenegro and Damian spotted the announcements over the weekend. Start of GandCrab Ransomware : 28-1-2018 .. 🦀🦀🦀 Close of GandCrab Ransomware : 1-6-2019 .. ☠️☠️☠️@RajSamani @ValthekOn @JohnFokker...

MacOS Zero Day Allows Trusted Apps to Run Malicious Code

A researcher has revealed a zero-day flaw in Apple’s Mojave operating system tied to the way the OS verifies apps. The bug allows attackers to sneak past macOS security measures and run whitelisted apps that have been manipulated to run malicious code. macOS researcher Patrick Wardle revealed the...

5G Security Challenges: A Vendor's POV

How are vendors preparing themselves for the onslaught of 5G networks from a security standpoint? When it comes to 5G there are a slew of use cases being utilized at the bleeding edge – from smart factories to IoT – but these are also opening up security risks. At the GSMA Mobile 360 Security for...

Gen Z Interns and Social Media: A Perfect Security Storm

Researchers are warning of a new security Achilles’ heel for enterprises, and it may not be what they expect. That threat is interns. According to researchers, interns are unwittingly posting confidential and valuable company insights via social media that pose a security risk to the companies th...

Researcher Exploits Microsoft's Notepad to 'Pop a Shell'

A memory corruption bug in the Microsoft’s Windows Notepad application can be used to open remote shell access – typically a first step for attackers infiltrating a system. The bug was found by Tavis Ormandy, a bug hunter with Google’s Project Zero team. In a tweet he indicated that the bug was...

5G Networks Spark Concerns For Enterprise Risks

THE HAGUE, Netherlands – The rise of 5G networks – and subsequent security risks – was the centerpiece issue discussed during the GSMA’s Mobile360 conference on 5G security this past week. While researchers warn that 5G security issues could literally be a matter of life or death for certain...

Nvidia Fixes High-Severity Flaws in GeForce Experience for Gamers

Nvidia, which makes gaming-friendly graphics processing units GPUs, has patched two high-severity flaws in its GeForce Experience software, which could allow denial of service, information disclosure and privilege escalation on impacted systems. GeForce Experience is software for gamers utilizing...

New Linux Malware ‘HiddenWasp’ Borrows from Mirai, Azazel

A new strain of malware targeting Linux systems has been identified by researchers. The malware, dubbed HiddenWasp, is believed to be used as part of a second-stage attack against already-compromised systems and is composed of a rootkit, trojan and deployment script. “The ratio of Linux threats h...

AI, the Mandatory Element of 5G Mobile Security

THE HAGUE, Netherlands – Artificial intelligence will be a requirement for securing carrier 5G networks – which is shaping up to be a technology juggernaut that presents unique challenges unlike any ever seen in the world of telecom until now. That was the assessment at the GSMA Mobile 360 Securi...

POS Malware Found at 102 Checkers Restaurant Locations

The popular Checkers and Rally’s drive-through restaurant chain was attacked by Point of Sale POS malware impacting 15 percent of its stores across the U.S. Checkers is one of the largest drive-through restaurants in the U.S., operating in 28 states and headquartered in Tampa, Florida. The securi...