Daily NCSC-FI news followup 2019-07-09

Serious Zoom security flaw could let websites hijack Mac cameras

www.theverge.com/2019/7/8/20687014/zoom-security-flaw-video-conference-websites-hijack-mac-cameras Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed.

Exclusive: The true origins of the Seth Rich conspiracy theory. A Yahoo News investigation.

news.yahoo.com/exclusive-the-true-origins-of-the-seth-rich-conspiracy-a-yahoo-news-investigation-100000831.html In the summer of 2016, Russian intelligence agents secretly planted a fake report claiming that Democratic National Committee staffer Seth Rich was gunned down by a squad of assassins working for Hillary Clinton, giving rise to a notorious conspiracy theory that captivated conservative activists and was later promoted from inside President Trumps White House, a Yahoo News investigation has found.

Bug in Anesthesia Machines Allows Changing Gas Mix Levels



www.wired.com/story/zoom-flaw-web-server-fix/ AFTER INITIALLY SAYING that it wouldn’t issue a full fix for a vulnerability disclosed on Monday, the video conferencing service Zoom has changed course. The company now tells WIRED that it will push a patch on Tuesday night to alter Zoom’s functionality and eliminate the bug. You should update Zoom as soon as the patch is live.

Microsoft Patches A Pair of Zero-Days Under Active Attack

threatpost.com/microsoft-patches-zero-days-active-attack/146349/ The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel SACK Panic bug.. Microsoft has addressed 77 vulnerabilities in its July Patch Tuesday update, with 15 of them rated as critical and two known to be under active exploit; and Adobe issued a small group of updates, with surprisingly none for Acrobat Reader or Flash.. also:

www.bleepingcomputer.com/news/microsoft/microsofts-july-2019-patch-tuesday-fixes-2-zero-day-vulnerabilities/. also:


Marriott Faces $123 Million GDPR Fine Over Starwood Data Breach


Logitech wireless USB dongles vulnerable to new hijacking flaws

www.zdnet.com/article/logitech-wireless-usb-dongles-vulnerable-to-new-hijacking-flaws/ Vulnerabilities found in Logitech’s proprietary Unifying USB dongle technology.. A security researcher has publicly disclosed new vulnerabilities in the USB dongles (receivers) used by Logitech wireless keyboards, mice, and presentation clickers.. report:


Microsoft Releases July 2019 Office Updates With Security Fixes


Rig Exploit Kit Pushing Eris Ransomware in Drive-by Downloads


US Coast Guard warns about malware designed to disrupt ships’ computer systems

www.zdnet.com/article/us-coast-guard-warns-about-malware-designed-to-disrupt-ships-computer-systems/#ftag=RSSbaffb68 US Coast Guard also shares a list of cybersecurity best practices for commercial vessels.

Security Updates Released for Adobe Bridge, Dreamweaver, and AEM


Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info


Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques

blog.talosintelligence.com/2019/07/sea-turtle-keeps-on-swimming.html After several months of activity, the actors behind the “Sea Turtle” DNS hijacking campaign are not slowing down. Cisco Talos recently discovered new details that suggest they regrouped after we published our initial findings and coverage and are redoubling their efforts with new infrastructure. While many actors will slow down once they are discovered, this group appears to be unusually brazen, and will be unlikely to be deterred going forward.

Fake eFax emails are now spreading Dridex Trojan, RMS RAT

www.zdnet.com/article/fake-efax-emails-are-now-spreading-dridex-trojan-rms-rat/ Phishing attachments are dropping a dangerous combination of Trojan and remote access tool.

Anubis Android banking malware returns with extensive financial app hit list

www.zdnet.com/article/anubis-android-banking-malware-returns-with-a-bang/#ftag=RSSbaffb68 Thousands of new samples are targeting 188 banking and finance-related apps.

A deeper dive into the”Silentbruter” malware – Internal folder structures revealed

www.gdatasoftware.com/blog/2019/07/31728-a-deeper-dive-into-thesilentbruter-malware-internal-folder-structures-revealed A malware called “SilentBruter”, which is designed to guess login credentials for online accounts, has caught the attention of one of our analysts. In this blogpost we take a closer look at the Silentbruter-Malware and its rather interesting internal structures.

You might be interested in …

[NCSC-FI News] Log4j Remediation Took Weeks or More for Over 50% of Organizations

(ISC)² survey also found that half of cybersecurity teams worldwide worked on fixing Log4j issues on weekends and during time off. Source: Read More (NCSC-FI daily news followup)

Read More

[NCSC-FI News] Lazarus backdoor in DeFi wallet

In mid-December last year, a suspicious file was uploaded to VirusTotal — the online service that scans files for malware. At first glance, it looked like a cryptocurrency wallet installer But our experts analyzed it and found that, besides the wallet, it delivers malware to a user’s device. And it seems that the program isn’t […]

Read More

[NCSC-FI News] Amid Russian invasion, Ukraine granted formal role with NATO cyber hub

Ukraine was granted the formal role of “contributing participant” to the hub, known as the Cooperative Cyber Defence Centre of Excellence (CCDCOE), by its 27-member steering committee, the organization announced “Ukraine’s presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations, ” Col. Jaak Tarien, the institution’s director, […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.