<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter

Get the latest headlines, summaries, and security news!

IT Security Newsletter - 3/12/2020

Top News

Secret-sharing app Whisper shared secrets like last known location and actual password tokens in exposed database

Whisper, a mobile app for sharing those thoughts you'd rather not make public, turns out to be better at sharing secrets than keeping them, spilling a whopping 90 metadata fields associated with users in an exposed database. The app, launched in 2012, is intended as a way for people to "share real thoughts and feelings, forge relationships and engage in conversations on an endless variety of topics - without identities or profiles." READ MORE...

Hacking

Russian intelligence-backed hackers go after Armenian embassy website with new code

Computer code used by hackers tied to Russia's FSB intelligence agency has haunted governments around the world for years. The hackers' tools have been associated with a damaging breach of U.S. military networks in the mid-to-late 1990s, and used in a cunning hijacking of Iranian infrastructure more than two decades later. Now, malware analysts have surfaced a new piece of code that they say the Russian hacking group, dubbed Turla, is using to spy on government and think tank websites in Armenia. READ MORE...


Krebs on Security: Crafty Web Skimming Domain Spoofs "https"

Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site's source code: "http[.]ps" (the actual malicious domain does not include the brackets, which are there to keep readers from being able to click on it). READ MORE...

Malware

Analytics firm's VPN and ad-blocking apps are secretly grabbing user data

A popular analytics platform has been secretly installing root certificates on mobile devices so it can suck up users' data from its 20 or more ad-blocker and virtual private network (VPN) mobile apps, according to a BuzzFeed News investigation. Both Google and Apple have hosed down their app stores to cleanse them of at least some of the apps from the company, Sensor Tower, which is used by developers, venture capitalists, publishers, and others to track the popularity, usage trends, and revenue of apps. READ MORE...


New TrickBot Variant Updates Anti-Analysis Tricks

Researchers uncovered a new variant of the TrickBot malware that relies on new anti-analysis techniques, an updated method for downloading its payload as well as adopting minor changes to the integration of its components. TrickBot is a module-based malware that, while first identified as a banking trojan, has gradually extended its functions to include collecting credentials from a victim's emails, browsers and installed network apps. READ MORE...

Exploits/Vulnerabilities

DDR4 Memory Still At Rowhammer Risk, New Method Bypasses Fixes

Academic researchers testing modern memory modules from Samsung, Micron, and Hynix discovered that current protections against Rowhammer attacks are insufficient. Current mitigation solutions are efficient against known Rowhammer variants but attack possibilities are not exhausted and exploitation is still possible. The new findings show that memory bit flipping works on many devices, including popular smartphones from Google, Samsung, and OnePlus. READ MORE...


Critical Vulnerabilities in SAP Solution Manager Expose Companies to Attacks

SAP on Tuesday released 16 security notes and two updates to previously released patches as part of its March 2020 Security Patch Day, with three of the new notes rated hot news. The most important of the notes address critical (hot news) missing authorization checks in Solution Manager. The first of them, CVE-2020-6207, features a CVSS score of 10 and impacts User-Experience Monitoring, while the second, CVE-2020-6198, features a CVSS score of 9.8 and impacts Diagnostics Agent. READ MORE...