IT Security Newsletter

IT Security Newsletter - 4/14/2020

Written by Cadre | Tue, Apr 14, 2020

Over 500,000 Zoom accounts sold on hacker forums, the dark web

Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers. READ MORE...

SCUF Gaming Exposes Data on 1.1 Million Customers

Video game peripherals maker SCUF Gaming recently exposed to the web a database containing information on more than 1.1 million users. The database appears to have been exposed to the Internet for 48 hours before being secured on April 3, but that was enough for a third-party to discover and access it, and also place a note there, claiming that the information was stolen. The database was indexed by search engine BinaryEdge on April 2, and was discovered by Comparitech's Bob Diachenko on April 3. READ MORE...

Hackers file fake tax returns in scheme to steal IRS refunds

It may be open season for coronavirus scammers, but tax frauds aren't letting up, either. Attackers tried obtaining large tax refunds by posing as clients of Weber and Company, the California-based accounting firm revealed last week. The scammers apparently accessed clients' personal data - including, perhaps, Social Security numbers and bank account information - and used that to file fraudulent returns, Weber and Company said in a notification to California's attorney general. READ MORE...

VMware plugs critical flaw in vCenter Server, patch ASAP!

VMware has fixed a critical vulnerability (CVE-2020-3952) affecting vCenter Server, which can be exploited to extract highly sensitive information that could be used to compromise vCenter Server or other services which depend on the VMware Directory Service (vmdir) for authentication. VMware vSphere is VMware's cloud computing virtualization platform. vCenter Server is server management software for controlling VMware vSphere environments. READ MORE...

Dell Releases Security Tool to Defend PCs from BIOS Attacks

Dell last week released a new security tool to protect PCs against cyberattacks targeting the BIOS. The SafeBIOS Events & Indicators of Attack (IoA) detects changes in BIOS configuration. As more employees transition to home offices, cybercriminals are shifting their attack strategies to compromise endpoints and get to critical data, Dell explains in a blog post on the news. The company anticipates attackers will target the BIOS, a system built deep into the core of PCs. READ MORE...

Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain

Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account. In the background, meanwhile, the attacker initiates a fraudulent money transfer from the compromised account. READ MORE...

So how do the coronavirus smartphone tracking apps actually work and should you download one to help?

In an effort to fend off the coronavirus while getting economies restarted, the world has hit on the same idea: a smartphone app that alerts people if they have been close to someone who has the virus. It may be the only effective solution to mass lockdowns, the virus is spreading "too fast to be contained by manual contact tracing, but could be controlled if this process was faster, more efficient and happened at scale," researchers from the University of Oxford have concluded in a new paper. READ MORE...

TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds

A security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to a user's TikTok feed and swap it out with hacker-generated content. Researchers created a proof-of-concept (PoC) hack using a technique called a man-in-the-middle (MiTM) attack against devices running the TikTok app. Video planted in user feeds appear to be legitimate content. READ MORE...

  • ...in 1818, Webster's American Dictionary of the English Language is printed for the first time.
  • ...in 1865, former Confederate spy and assassin John Wilkes Booth fatally shoots President Abraham Lincoln at Ford's Theatre.
  • ...in 1894, Thomas Edison's Kinetoscope first appears in a New York City amusement arcade, making it the first commercial movie theater.
  • ...in 1912, just before midnight in the North Atlantic, the RMS Titanic fails to divert its course from an iceberg, ruptures its hull, and begins to sink.