Category: Alerts and warnings

From avanan.com

We recently uncovered what may be the largest security flaw in Office 365 since the service was created. Unlike similar attacks that could be learned and blocked, using this vulnerability hackers can completely bypass all of Microsoft’s security, including its advanced services – ATP, Safelinks, etc.

The name baseStriker refers to the method hackers use to take advantage of this vulnerability: splitting and disguising a malicious link using a tag called the <base> URL tag.

So far we have only seen hackers using this vulnerability to send phishing attacks, but but it is also capable of distributing ransomware, malware and other malicious content

More information here.

Twitter recently discovered that due to a flaw the users’ passwords were stored in a log file unencrypted. All  twitter users are urged to change their passwords. More information can be found on twitter’s blog.

from www.scmagazineuk.com

If the visitor clicks anywhere on the page, then according to Cable, “LinkedIn interprets this as the AutoFill button being pressed, and sends the information via postMessage to the malicious site”. A vulnerability in LinkedIn’s Autofill feature allowed malicious actors to harvest personal information of LinkedIn users by inserting autofill iframes over websites that were whitelisted by LinkedIn, a security researcher has revealed.According to researcher Jack Cable who described the exploit in a detailed blog post, once a malicious actor lures a victim to visit a malicious website which is controlled by the former, the visitor is then greeted by a “LinkedIn AutoFill button iframe” which is styled so it takes up the entire page and is invisible to the user.

More information here

From macrumors.com

There appears to be a serious bug in macOS High Sierra that enables the root superuser on a Mac with a blank password and no security check.
The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username “root” with no password. This works when attempting to access an administrator’s account on an unlocked Mac, and it also provides access at the login screen of a locked Mac.

Full article here.

From inforisktoday.com

Want to stop the latest cybercrime bogeyman? Then for the umpteenth time, put in place well-known and proven strategies for repelling online attacks.

That’s one takeaway from a recent threat report issued by Britain’s National Cyber Security Center. Based on open source reporting, the alert calls out a trio of attack campaigns: phishing emails that pretend to be speeding tickets but which instead deliver malware; attackers using stolen or fraudulently obtained digital certificates to “sign” malware; and the cybercrime-extortion group known as the “The Dark Overlord,” which continues to hack into organizations’ websites, hold data for ransom and cause chaos.

Full article here.

From thehackernews.com

Cybercriminals are known to take advantage of everything that’s popular among people in order to spread malware, and Google’s official Play Store has always proved no less than an excellent place for hackers to get their job done.

Yesterday some users spotted a fake version of the most popular WhatsApp messaging app for Android on the official Google Play Store that has already tricked more than one million users into downloading it.
Dubbed Update WhatsApp Messenger, came from an app developer who pretended to be the actual WhatsApp service with the developer title “WhatsApp Inc.”—the same title the actual WhatsApp messenger uses on Google Play.

Full article here.