IT Security Newsletter

IT Security Newsletter - 2/27/2020

Written by Cadre | Thu, Feb 27, 2020

Flaw in billions of Wi-Fi devices left communications open to eavesdropping

Billions of devices-many of them already patched-are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference. The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom. The affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, Raspberry Pi 3's, and Wi-Fi routers from Asus and Huawei. READ MORE...

Iranian APT Targets Govs With New Malware

A never before seen credential-stealing malware, dubbed ForeLord, has been uncovered in recent spear phishing emails. Researchers have attributed the campaign to a known Iranian advanced persistence threat (APT) group. The emails distributing ForeLord were uncovered as part of a campaign, running between mid-2019 and mid-January 2020. READ MORE...

Sodinokibi Ransomware May Tip NASDAQ on Attacks to Hurt Stock Prices

The operators of the Sodinokibi Ransomware (REvil) have started urging affiliates to copy their victim's data before encrypting computers so it can be used as leverage on a new data leak site that is being launched soon. The Sodinokibi Ransomware ransomware operation is a Ransomware-as-a-Service where the operators manage the payment portal and development of the ransomware and third-party 'affiliates' distribute the ransomware. READ MORE...

Hackers Scanning for Vulnerable Microsoft Exchange Servers, Patch Now!

Attackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable to the CVE-2020-0688 remote code execution vulnerability patched by Microsoft two weeks ago. All Exchange Server versions up to the last released patch are exposed to potential attacks following these ongoing scans, including those currently out of support even though Microsoft's security advisory doesn't explicitly list them. READ MORE...

HackerOne rewards bughunter who found critical security hole in HackerOne

Vulnerability-reporting platform HackerOne has come clean about a critical security flaw on its own website that could be used to expose the email addresses of users. A researcher going by the name of "msdian7" revealed how an attacker could exploit the site's project invite feature to uncover the email addresses of other users as detailed on the site itself. READ MORE...

Zyxel 0day Affects its Firewall Products, Too

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products. READ MORE...

Unpatched Security Flaws Open Connected Vacuum to Takeover

Researchers have discovered several high-severity vulnerabilities in a connected vacuum cleaner. The security holes could give remote attackers the capability to launch an array of attacks - from a denial of service (DoS) attack that renders the vacuum unusable, to viewing private home footage through the vacuum's embedded camera. READ MORE...