<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 4/2/2020

SHARE

Top News

Attackers can use Zoom to steal users' Windows credentials with no warning

Users of Zoom for Windows beware: the widely used software has a vulnerability that allows attackers to steal your operating system credentials, researchers said. Discovery of the currently unpatched vulnerability comes as Zoom usage has soared in the wake of the coronavirus pandemic. With massive numbers of people working from home, they rely on Zoom to connect with co-workers, customers, and partners. READ MORE...


Zoom vulnerabilities could give attackers webcam, microphone access

Vulnerabilities discovered in popular video teleconferencing app Zoom could allow attackers to escalate privileges on a computer or allow access to users' webcams and microphones, according to new research from Jamf Principal Security Researcher Patrick Wardle. It's just the latest security and privacy issue for Zoom, which has been served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General's Office and the FBI. READ MORE...

Hacking

Hacker Group Backdoors Thousands of Microsoft SQL Servers Daily

Hackers have been brute-forcing thousands of vulnerable Microsoft SQL (MSSQL) servers daily to install cryptominers and remote access Trojans (RATs) since May 2018 as researchers at Guardicore Labs discovered in December. This attack campaign is still actively infecting between 2,000 and 3,000 MSSQL servers on a daily basis and it was dubbed Vollgar because the cryptomining scripts it deploys on compromised MSSQL will mine for Monero (XMR) and Vollar (VDS) cryptocurrency. READ MORE...

Information Security

Coronavirus 'Financial Relief' Phishing Attacks Spike

Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic. The slew of campaigns piggy-back on news of governments mulling financial relief packages, in response to the economic stall brought on by consumers social distance themselves. This latest trend shows cybercriminals continuing to look to the newest developments in the coronavirus saga as leverage for scams. READ MORE...

Exploits/Vulnerabilities

Vulnerable VPN appliances at healthcare organizations open doors for ransomware gangs

The increased enterprise VPN use due to the COVID-19 pandemic and the work-from-home (WFH) shift has not gone unnoticed by ransomware gangs, Microsoft warns. "We're seeing from signals in Microsoft Threat Protection services (Microsoft Defender ATP, Office 365 ATP, and Azure ATP) that the attackers behind the REvil ransomware are actively scanning the internet for vulnerable systems," the company shared. READ MORE...

On This Date

  • ...in 1889, inventor Charles M. Hall is given a patent for his method of extracting aluminum, allowing for large-scale production.
  • ...in 1917, President Woodrow Wilson asks Congress for a declaration of war on Germany and the U.S. enters WWI.
  • ...in 1992, Mafia boss John Gotti is convicted of murder and racketeering, and sentenced to life in prison.
  • ...in 2005, Pope John Paul II dies.