Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?
As the coronavirus pandemic continues to worsen, remote-collaboration platforms - now fixtures in many workers' "new normal" - are facing more scrutiny. Popular video-conferencing app Zoom may currently be in the cybersecurity hot seat, but other collaboration tools, such as Slack, Trello, WebEx and Microsoft Teams, are certainly not immune from cybercriminal attention. READ MORE...
Two critical Firefox vulnerabilities exploited by attackers, patch now!
Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers. No additional details about them have been provided and the bug entries in Mozilla's bug database are still unaccessible to the wider public. The bugs have been rated "critical", which means that chances are high they can lead to remote code execution. READ MORE...
Browser makers cite coronavirus, restore support for obsolete TLS 1.0 and 1.1 encryption
Google, Microsoft and Mozilla have each issued reprieves to Transport Layer Security (TLS) 1.0 and 1.1, aged encryption protocols that were to be bounced from browser support in March, because of the COVID-19 pandemic. By common agreement, Google's Chrome, Microsoft's Internet Explorer (IE) and Edge, and Mozilla's Firefox were to disable support for TLS 1.0 and 1.1 early in 2020. READ MORE...
Microsoft: Emotet Took Down a Network by Overheating All Computers
Microsoft says that an Emotet infection was able to take down an organization's entire network by maxing out CPUs on Windows devices and bringing its Internet connection down to a crawl after one employee was tricked to open a phishing email attachment. "After a phishing email delivered Emotet, a polymorphic virus that propagates via network shares and legacy protocols, the virus shut down the organization's core services," DART said. READ MORE...
Discord Turned Into an Account Stealer by Updated Malware
A new version of the popular AnarchyGrabber Discord malware has been released that modifies the Discord client files so that it can evade detection and steal user accounts every time someone logs into the chat service. AnarchyGrabber is a popular malware distributed on hacking forums and in YouTube videos that steals user tokens for a logged-in Discord user when the malware is executed. READ MORE...
Self-Propagating Malware Targets Thousands of Docker Ports Per Day
The Docker cloud containerization technology is under fire, with an organized, self-propagating cryptomining campaign targeting misconfigured open Docker Daemon API ports. Thousands of container-compromise attempts are being observed every day as part of the campaign, according to Gal Singer, a security researcher at AquaSec. The effort has been ongoing for months. However, since the beginning of the year, the number of daily attempts has far exceeded what was seen before, he said. READ MORE...
A researcher found zero-days in one city's software. Then he realized the problem could be bigger.
For Quentin Rhoads-Herrera, this was not a typical security test. A big municipal government in the U.S. had just handed him the source code for software the city uses to manage contracts and track infrastructure projects. He unpacked the code, sifted through it, and found more than a dozen previously undisclosed vulnerabilities, or zero-days, that a hacker could exploit to manipulate data or dump user passwords. But it was more than just a catalog of bugs. READ MORE...
Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days
Apple has rewarded a security researcher $75,000 for discovering a total of seven zero-days in the Safari browser. Using only three of these flaws, an intruder could build an attack chain and access the camera and microphone on iOS and macOS devices to spy on unsuspecting people. Ryan Pickren shared his discoveries with Apple in December 2019. The company patched the camera exploit in Safari 13.0.5, released on Jan. 28, the remaining zero-days were fixed in Safari 13.1, released on March 24. READ MORE...
Keys Used to Encrypt Zoom Meetings Sent to China: Researchers
A recent analysis of the Zoom video conferencing application revealed that the keys used to encrypt and decrypt meetings may be sent to servers in China, even if all participants are located in other countries. As a result of its increasing popularity caused by the COVID-19 coronavirus outbreak, Zoom has come under scrutiny from cybersecurity and privacy experts. The company has updated its privacy policy, patched some vulnerabilities, and has promised to take measures to address some of the concerns. READ MORE...
- ...in 1830, the Church of Christ, the original church of the Latter Day Saint movement (popularly known as Mormonism), is organized in the state of New York.
- ...in 1841, John Tyler is inaugurated as the 10th president, two days after the sudden death of President William Henry Harrison.
- ...in 1896, the first modern Olympic Games opens in Athens, Greece, over 1500 years after the original games were banned by Roman Emperor Theodosius I.
- ...in 1974, the Swedish pop group ABBA wins the Eurovision Song Contest with the song "Waterloo", launching them to international fame.
