<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/28/2020

SHARE

Hacking

Google finds Indian hack-for-hire firms exploiting coronavirus fears via spearphishing schemes

Hack-for-hire firms in India have been impersonating the World Health Organization in credential-stealing spearphishing email campaigns, Google's Threat Analysis Group said Wednesday. The hack-for-hire campaign, which has targeted healthcare companies, consulting firms, and financial services entities primarily in the U.S., Slovenia, Canada, Iran, Bahrain, and Cyprus, uses Gmail accounts imitating the WHO to direct victims to lookalike WHO websites. READ MORE...


DoubleGun Group Builds Massive Botnet Using Cloud Services

An operation from the China-based cybercrime gang known as DoubleGun Group has been disrupted, which had amassed hundreds of thousands of bots that were controlled via public cloud services, including Alibaba and Baidu Tieba. NetLab 360 researchers, in a recent posting, said that it noticed DNS activity in its telemetry that traced back to a suspicious domain (pro.csocools[dot]com) controlling mass amounts of infected Windows devices. READ MORE...

Malware

Email scam aims to drop Dridex on machines by impersonating FedEx, UPS

As more Americans rely on package deliveries during the coronavirus pandemic, scammers are trying to capitalize on the tracking process by sending spoofed emails containing malicious software. Hackers are sending spoofed emails that appear to be from FedEx, UPS and DHL as part of a mass emailing campaign meant to infect victims' computers, according to research initially published on May 5 by the security vendor Votiro. READ MORE...


'[F]Unicorn' Ransomware Impersonates Legit COVID-19 Contact-Tracing App

A fresh ransomware strain known as "[F]Unicorn" has emerged, first seen this week targeting users by pretending to be an official government COVID-19 contact tracing app. According to an advisory from the Computer Emergency Response Team (CERT) from the Agency for Digital Italy (AgID), the malware family is taking advantage of the rollout of "Immuni" - Italy's official coronavirus-tracking app. READ MORE...

Exploits/Vulnerabilities

Computer science student discovers privacy flaws in security and doorbell cameras

Ring, Nest, SimpliSafe and eight other manufacturers of internet-connected doorbell and security cameras have been alerted to systemic design flaws discovered by Florida Tech computer science student Blake Janes that allows a shared account that appears to have been removed to actually remain in place with continued access to the video feed. Janes discovered the mechanism for removing user accounts does not work as intended on many camera systems because it does not remove active user accounts. READ MORE...

Encryption

Dangerous SHA-1 crypto function will die in SSH linking millions of computers

Developers of two open source code libraries for Secure Shell-the protocol millions of computers use to create encrypted connections to each other-are retiring the SHA-1 hashing algorithm, four months after researchers piled a final nail in its coffin. The moves, announced in release notes and a code update for OpenSSH and libssh respectively, mean that SHA-1 will no longer be a means for digitally signing encryption keys between two computers connected by Secure Shell (SSH). READ MORE...

On This Date

  • ...in 1588, A massive Spanish fleet, known as the "Invincible Armada", sets sail from Lisbon on a mission to secure control of the English Channel.
  • ...in 1916, Barney Oldfield ran a qualifying lap in his Christie at 102.6mph. It was the first time any driver had rounded the Indianapolis Motor Speedway in excess of 100 mph.
  • ...in 1977, the Beverly Hills Supper Club in Southgate, KY is engulfed in fire, killing 165 people inside.
  • ...in 1987, Matthias Rust, a 19-year-old from West Germany, takes off from Helsinki, flys through more than 400 miles of Soviet airspace, and lands his small aircraft in Red Square.