<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 1/16/2020

SHARE

TopNews_ITSEC

U.N. Weathers Storm of Emotet-TrickBot Malware

The operators behind the notorious Emotet malware have taken aim at United Nations personnel in a targeted attack ultimately bent on delivering the TrickBot trojan. According to researchers at Confense, a concerted phishing campaign has been using emails purporting to be from the Permanent Mission of Norway, which maintains the Scandinavian country’s diplomatic presence in New York.

Malware_ITSEC

Emotet remains the dark market leader for delivery-as-a-service

The vast majority of nationally sponsored cybersecurity incidents take the form of espionage through data exfiltration, with frequent employment of remote access tool Plug-X, according to the annual threat report by eSentire. The report found that Emotet accounted for almost 20% of confirmed malware incidents, reinforcing its role in the black market as the preferred delivery tool. 

Breaches_ITSEC-1

Peekaboo Moments app left baby videos, photos, and 800,000 users’ email addresses exposed on the internet

The developer of a smartphone app has carelessly left a database accessible to anybody with an internet connection, leaving exposed a database of millions of records containing baby videos and photos, as well as the email addresses of users. Information dating back to March 2019 was uncovered in the 70 million log files left exposed in an unsecured Elasticsearch database administered by Bithouse Inc, the developers of the Peekaboo Moments app.

Exploits_ITSEC

Critical Windows 10 vulnerability used to Rickroll the NSA and Github

Less than a day after Microsoft disclosed one of the most critical Windows vulnerabilities ever, a security researcher has demonstrated how attackers can exploit it to cryptographically impersonate any website or server on the Internet. Researcher Saleem Rashid on Wednesday tweeted images of the video "Never Gonna Give You Up," by 1980s heart-throb Rick Astley, playing on Github.com and NSA.gov.


Vulnerabilities Found in VMware Tools, Workspace ONE SDK

VMware on Tuesday advised customers using VMware Tools version 10 for Windows to update their installations to version 11 due to a local privilege escalation vulnerability. According to the virtualization giant, the repair operation in VMware Tools 10.x.y is affected by a race condition that allows an attacker who has access to the guest virtual machine to escalate their privileges. The company says VMware Tools 11.0.0 is not affected as the problematic functionality does not exist in this version.