Findings from Link11's H1 2020 DDoS Report reveal a resurgence in DDoS attacks during the global COVID-19 related lockdowns. n April, May and June 2020, the number of attacks registered by Link11's Security Operations Center (LSOC) averaged 97% higher than the during the same period in 2019, peaking at a 108% increase in May 2020. Key findings from the annual report include: Multivector attacks on the rise / Growing number of reflection amplification vectors. READ MORE...
Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. Sophisticated skimming attacks like Magecart have incorporated favicons before and impacted well-known companies like Claire's, Tupperware, Smith & Wesson, Macy's, and British Airways. Being mere images, favicons give off the impression they are innocuous. But attackers find ways to abuse the associated metadata within these files for sinister purposes. READ MORE...
A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned. In June, KrebsOnSecurity was contacted by a cybersecurity researcher who discovered that a group of scammers was sharing highly detailed personal READ MORE...
Researchers found a way to bypass a patch Microsoft released to address a bug in the Windows printing services, which gives attackers a path to executing malicious code with elevated privileges. Tracked as CVE-2020-1048, the initial flaw received an initial fix in May and another one is coming with this month's rollout of security updates from Microsoft. Discovered and reported responsibly by Peleg Hadar and Tomer Bar of SafeBreach Labs, CVE-2020-1048 affects Windows Print Spooler. READ MORE...
Thanks to a pair of zero-day vulnerabilities in a popular ATM, hackers could be pilfering off customers' sensitive banking information or withdrawing hefty wads of cash, according to research from New York-based Red Balloon Security. If exploited properly, one of the vulnerabilities the researchers found in Nautilus Hyosung America ATMs would allow attackers to essentially empty the machines of cash, the researchers, Brenda So and Trey Keown, told CyberScoop. READ MORE...
Approaches based on questionnaires and self-evaluation are not always a good indicator of how well a user can mitigate social engineering threats. Researchers at Israel's Ben-Gurion University (BGU) have developed a framework for continuously evaluating the resilience of end users to phishing and similar social engineering attacks. Unlike other security awareness evaluation techniques that rely heavily on questionnaires and the self-reported behavior of users. READ MORE...
It may sound look intimidating, but with a few tweaks to tools and processes already in use, it's not hard to get a head start on improving security posture of the software supply chain. We all know the adage that a chain is only as strong as its weakest link, but it's easy to forget that this also applies to the software supply chain. Those who work with government or other highly regulated industries, or have customers that do, have likely been asked before about their software supply chain practices. READ MORE...
The intelligence agency warns of location tracking risks and offers tips for how to reduce the amount of data shared. The United States' National Security Agency (NSA) has published guidance on how to reduce the variety of risks that stem from having your location tracked when using smartphones, IoT devices, social media and mobile apps. Despite being geared towards military and intelligence personnel, the advice can be useful for anybody who's looking to limit their location exposure. READ MORE...
Several security vulnerabilities found in Qualcomm's Snapdragon chip Digital Signal Processor (DSP) chip could allow attackers to take control of almost 40% of all smartphones, spy on their users, and create un-removable malware capable of evading detection. DSPs are system-on-chip units are used for audio signal and digital image processing, and telecommunications, in consumer electronics including TVs and mobile devices. READ MORE...
Google Project Zero researcher Maddie Stone explains the importance of identifying flaws exploited in the wild and techniques used to do it. When a zero-day vulnerability is exploited in the wild, it's essential to identify the bug at the root of the attack. This "root cause analysis" informs researchers how an attack unfolded. "We care a lot about making it harder for people to exploit users using zero-days," said Google Project Zero researcher Maddie Stone in a Black Hat presentation on the topic. READ MORE...
In May 2020, Microsoft patched CVE-2020-1048, a privilege escalation vulnerability in the Windows Print Spooler service discovered by Peleg Hadar and Tomer Bar from SafeBreach Labs. A month later, the two researchers found a way to bypass the patch and re-exploit the vulnerability on the latest Windows version. Microsoft assigned this vulnerability a new identification number - CVE-2020-1337 - and will patch it on August 2020 Patch Tuesday. They've also discovered a DoS flaw affecting the same service, which won't be patched. READ MORE...