Opportunistic hackers are increasingly seeking to dupe
victims using websites or applications purporting to provide information
or services pertaining to coronavirus.
Cybersecurity threat researchers, DomainTools, have identified that the website coronavirusapp.site facilitates the installation of a new ransomware called “CovidLock.”
The website prompts its visitors to install an Android application that purportedly tracks updates regarding the spread of COVID-19, claiming to notify users when an individual infected with coronavirus is in their vicinity using heatmap visuals.
For the past couple of days BU has been targeted through spear phishing emails. Users should be alert on any emails coming from student accounts with a subject related to academic activities (projects, guest lecturers, etc.)
Following this statement from tvlicensing.co.uk, customers who used their services to pay for their tv licensing fees between 29 August until around 3.20pm on 5 September 2018 may have their details compromised. The company reports that this was due to a technical update and during that period the transactions were not as secure as intended.
Researchers at Check Point Software Technologies say they have discovered a dangerous weakness in the WhatsApp messaging app that gives threat actors a way to manipulate content in private and group conversations on the platform without raising any red flags.
The security vendor this week published a report demonstrating how an adversary could exploit the issue to change the identity of a message sender, alter the text of message replies, and send private messages spoofed as a public message to individual participants in a group.
More information here
Researchers found critical vulnerabilities in PGP and S/MIME Tools, immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email.
If you are one of the users of the email encryption tools Pretty Good Privacy and S/MIME there is an important warning for you.
A group of European security expert has discovered a set of critical vulnerabilities in PGP and S/Mime encryption tools that could reveal your encrypted emails in plain text, also the ones you sent in the past.
More information here
We recently uncovered what may be the largest security flaw in Office 365 since the service was created. Unlike similar attacks that could be learned and blocked, using this vulnerability hackers can completely bypass all of Microsoft’s security, including its advanced services – ATP, Safelinks, etc.
The name baseStriker refers to the method hackers use to take advantage of this vulnerability: splitting and disguising a malicious link using a tag called the <base> URL tag.
So far we have only seen hackers using this vulnerability to send phishing attacks, but but it is also capable of distributing ransomware, malware and other malicious content
More information here.
Twitter recently discovered that due to a flaw the users’ passwords were stored in a log file unencrypted. All twitter users are urged to change their passwords. More information can be found on twitter’s blog.