IT Security Newsletter - 3/10/2020
Comcast Xfinity published the contact details of 200,000 customers who paid for them to be kept private
Nearly 200,000 customers in the United States, who thought they were paying Comcast Xfinity to keep their information safely out of the public eye, have had their details exposed on the company's online directory. Customers pay Comcast each month to keep their personal details names, phone numbers, and addresses out of public databases. The reason they do this is not just because they are privacy-conscious, but also because they might be concerned about their personal safety. READ MORE...
Durham City, County Recovering After Ransomware Attack
The City of Durham and the Durham County government in North Carolina are in the process of recovery after experiencing what appears to be a ransomware attack on March 6. In a notice published on its website on Sunday, the City of Durham revealed that it was alerted of the incident late on Friday, and that it immediately responded and shut down some systems in an attempt to contain the attack. READ MORE...
Variant of Paradise Ransomware Targets Office IQY Files
A new variant of the Paradise ransomware attacks rarely-targeted Microsoft Office Excel IQY files, providing a new and relatively inobtrusive way to infiltrate and hijack an organization's network, researchers have found. Lastline Labs' James Haughom discovered the variant in December in a spam campaign executed over two days that targeted an organization in Asia, he wrote in a blog post about the campaign published Tuesday. READ MORE...
NSA Warns About Microsoft Exchange Flaw as Attacks Start
The U.S. National Security Agency (NSA) warned about a post-auth remote code execution vulnerability in all supported Microsoft Exchange Server servers via a tweet published on the agency's Twitter account. NSA's tweet reminded followers to patch the CVE-2020-0688 vulnerability which would enable potential attackers to execute commands on vulnerable Microsoft Exchange servers using email credentials. READ MORE...
PPP Daemon flaw opens Linux distros, networking devices to takeover attacks
A vulnerability (CVE-2020-8597) in the Point-to-Point Protocol Daemon (pppd) software, which comes installed on many Linux-based and Unix-like operating systems and networking devices, can be exploited by unauthenticated attackers to achieve code execution on - and takeover of - a targeted system. The vulnerability affects Debian GNU/Linux, NetBSD, Red Hat, Ubuntu, OpenWRT, TP-LINK and Cisco offerings, and other software/products. READ MORE...
Avast's AntiTrack promised to protect your privacy. Instead, it opened you to miscreant-in-the-middle snooping
You'd think HTTPS certificate checking would be a cinch for a computer security toolkit - but no so for Avast's AntiTrack privacy tool. Web researcher David Eade found and reported CVE-2020-8987 to Avast: this is a trio of blunders that, when combined, can be exploited by a snooper to silently intercept and tamper with an AntiTrack user's connections to even the most heavily secured websites. READ MORE...
Folding@Home Wants Your CPU Cycles for Coronavirus Research
The Folding@home distributed computing project is now utilizing donated CPU cycles to research the Coronavirus (COVID-19) virus. Folding@home is a project founded by Pande Lab at Stanford University where users donate CPU cycles through a software client to simulate protein folding, computational drug design, and other types of molecular dynamics to learn more about diseases and how to protect against them. READ MORE...