Category: News

From hackread.com

The phishing scam targets victims by claiming that their Zoom account has been suspended.

Microsoft enamors 44 million daily active users due to the global pandemic. Not only this but in the last month, daily users have jumped a whopping 70 percent and have gone up to 75 million active users. Whereas, Zoom on its run to ensue transparency, claims ‘300 million daily Zoom meeting participants worldwide’.

The pandemic has shifted organizational dynamics to digital platforms. Social distancing has led to an uber need to integrate tools with office teams using cloud applications.

Read more…

From scmagazine.com

Security researchers found flaws in a smart tracker that was aimed at the elderly, especially those with dementia or other cognitive issues.In research released late this week, Pen Test Partners found flaws in source code that the manufacturer posted publicly. Most of the watches use SETracker as a backend, an app owned by the Chinese company 3G Electronics based in Shenzhen City.

Read more…

From bleepingcomputer.com

It has been a pretty quiet week with few alleged attacks against corporate victims and mostly new variants of existing ransomware released.

The most interesting news is the Conti ransomware that appears to share the same code as Ryuk and could possibly be its successor. Ryuk has significantly decreased in activity over the past couple of months, while Conti has seen an increase.

Read more…

From welivesecurity.com

ESET has analyzed the operations of Evilnum, the APT group behind the Evilnum malware previously seen in attacks against financial technology companies. While said malware has been seen in the wild since at least 2018 and documented previously, little has been published about the group behind it and how it operates.

In this article we connect the dots and disclose a detailed picture of Evilnum’s activities. The group’s targets remain fintech companies, but its toolset and infrastructure have evolved and now consist of a mix of custom, homemade malware combined with tools purchased from Golden Chickens, a Malware-as-a-Service (MaaS) provider whose infamous customers include FIN6 and Cobalt Group.

Read more…

From securityaffairs.co

This week Citrix has addressed 11 vulnerabilities affecting the ADC, Gateway, and SD-WAN WANOP networking products. The vulnerabilities could be exploited by attackers for local privilege escalation, to trigger a DoS condition, to bypass authorization, to get code injection, and to launch XSS attacks.

Some of the addressed flaws could be exploited only if the attackers have access to the targeted system and request user interaction, or other conditions must be verified. For this reason, Citrix believes the flaws are less likely to be exploited.

Citrix CISO, Fermin J. Serna, explained that, at least for the CTX276688, there are five important points to understand:

Read more…

From malware.news

We discovered a new Mirai variant (detected as  IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 routers which we have not observed exploited by past Mirai variants.

This discovery is a new addition to the Mirai variants that appeared in the past few months, that include SORA, UNSTABLE, and Mukashi. The case, however, showcases the ever-expanding arsenal of vulnerabilities new Mirai variants are equipped with by their developers.

Read more…

From cybersecurity.att.com

AT&T Cybersecurity along with three members of the Telco Security Alliance (TSA) published a new report today, “COVID-19 Insight from the Telco Security Alliance.” The report provides insight into some of the threat groups (as well as analysis of their campaigns) that are taking advantage of the global pandemic while nations and organizations are vulnerable.

Read more…