IT Security Newsletter

IT Security Newsletter - 7/1/2020

Written by Cadre | Wed, Jul 1, 2020

Fake "DNS Update" emails targeting site owners and admins

Attackers are trying to trick web administrators into sharing their admin account login credentials by urging them to activate DNSSEC for their domain. The scam was spotted by Sophos researchers, when the admin of their own security marketing blog received an email impersonating WordPress and urging them to click on a link to perform the activation. READ MORE...

Operators of Android hacking kit impersonate postal services in US and Europe

Two years ago, when researchers at antivirus company Trend Micro reported on a new mobile data-stealing kit known as FakeSpy, they warned there could be more to come from the hackers. Directing the Android-focused malware at users outside of South Korea and Japan, where it was discovered, would simply be a matter of reconfiguring the code, the researchers said. That's exactly what happened. READ MORE...

Krebs on Security: COVID-19 'Breach Bubble' Waiting to Pop?

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change - and likely for the worse. READ MORE...

Microsoft Releases Emergency Security Updates for Windows 10, Server

Microsoft has quietly pushed out two emergency security updates to fix remote code execution bugs in Microsoft Windows Codecs Library. Windows Codecs Library handles how the OS compresses large multimedia files such as photos and videos, and then decodes them for playback within applications. The out-of-band updates, addressing a critical-severity flaw and important-severity vulnerability, were sent out via Windows Update Tuesday night and affect several versions of Windows 10 and Windows Server 2019. READ MORE...

Netgear Starts Patching Serious Vulnerabilities Affecting Tens of Products

Netgear has started releasing patches for ten vulnerabilities affecting nearly 80 of its products, including flaws disclosed last year at the Pwn2Own hacking competition. All of the security holes were reported to Netgear through Trend Micro's Zero Day Initiative (ZDI), including five by a hacker who uses the online moniker d4rkn3ss, from VNPT ISC, and five by Pedro Ribeiro and Radek Domanski of Team Flashback. READ MORE...

StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks

The APT group known as StrongPity is back with a new watering-hole campaign, targeting mainly Kurdish victims in Turkey and Syria. The malware served offers operators the ability to search for and exfiltrate any file or document from a victim's machine. The group (a.k.a. Promethium) is operating a series of bogus websites purporting to offer a range of popular software utilities. READ MORE...

New EvilQuest macOS ransomware is a smokescreen for other threats

A new piece of ransomware dubbed EvilQuest is being delivered bundled up with pirated versions of popular macOS software, researchers warned. But the ransomware is also a smokescreen, as its "noisiness" is meant to hide other things happening on the system in the background: the installation of a keylogger and a reverse shell, and the exfiltration of files that contain valuable information (keys to cryptocurrency wallets, code-signing certificates, and more). READ MORE...

Google joins Apple in limiting web certificates to one year

Google, it seems, is joining Apple in limiting the maximum validity of web security certificates - those digitally signed blobs of data that put the S in TLS and the padlock in your address bar - to just one year. The code change is headlined Enforce 398-day validity for certificates issued on-or-after 2020-09-01. Apple announced back in February 2020 that it was going to start doing this in its Safari browser. READ MORE...

  • ...in 1863, the Battle of Gettysburg begins in Gettysburg, PA.
  • ...in 1934, blues musician and songwriter Willie Dixon is born in Vicksburg, MS.
  • ...in 1963, ZIP codes are introduced for US Mail.
  • ...in 1979, Sony introduces the Walkman.