Users of Zoom for Windows beware: the widely used software has a vulnerability that allows attackers to steal your operating system credentials, researchers said. Discovery of the currently unpatched vulnerability comes as Zoom usage has soared in the wake of the coronavirus pandemic. With massive numbers of people working from home, they rely on Zoom to connect with co-workers, customers, and partners. READ MORE...
Vulnerabilities discovered in popular video teleconferencing app Zoom could allow attackers to escalate privileges on a computer or allow access to users' webcams and microphones, according to new research from Jamf Principal Security Researcher Patrick Wardle. It's just the latest security and privacy issue for Zoom, which has been served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General's Office and the FBI. READ MORE...
Hackers have been brute-forcing thousands of vulnerable Microsoft SQL (MSSQL) servers daily to install cryptominers and remote access Trojans (RATs) since May 2018 as researchers at Guardicore Labs discovered in December. This attack campaign is still actively infecting between 2,000 and 3,000 MSSQL servers on a daily basis and it was dubbed Vollgar because the cryptomining scripts it deploys on compromised MSSQL will mine for Monero (XMR) and Vollar (VDS) cryptocurrency. READ MORE...
Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic. The slew of campaigns piggy-back on news of governments mulling financial relief packages, in response to the economic stall brought on by consumers social distance themselves. This latest trend shows cybercriminals continuing to look to the newest developments in the coronavirus saga as leverage for scams. READ MORE...
The increased enterprise VPN use due to the COVID-19 pandemic and the work-from-home (WFH) shift has not gone unnoticed by ransomware gangs, Microsoft warns. "We're seeing from signals in Microsoft Threat Protection services (Microsoft Defender ATP, Office 365 ATP, and Azure ATP) that the attackers behind the REvil ransomware are actively scanning the internet for vulnerable systems," the company shared. READ MORE...