Daily NCSC-FI news followup 2019-07-09

Serious Zoom security flaw could let websites hijack Mac cameras

www.theverge.com/2019/7/8/20687014/zoom-security-flaw-video-conference-websites-hijack-mac-cameras Today, security researcher Jonathan Leitschuh has publicly disclosed a serious zero-day vulnerability for the Zoom video conferencing app on Macs. He has demonstrated that any website can open up a video-enabled call on a Mac with the Zoom app installed.

Exclusive: The true origins of the Seth Rich conspiracy theory. A Yahoo News investigation.

news.yahoo.com/exclusive-the-true-origins-of-the-seth-rich-conspiracy-a-yahoo-news-investigation-100000831.html In the summer of 2016, Russian intelligence agents secretly planted a fake report claiming that Democratic National Committee staffer Seth Rich was gunned down by a squad of assassins working for Hillary Clinton, giving rise to a notorious conspiracy theory that captivated conservative activists and was later promoted from inside President Trumps White House, a Yahoo News investigation has found.

Bug in Anesthesia Machines Allows Changing Gas Mix Levels

www.bleepingcomputer.com/news/security/bug-in-anesthesia-machines-allows-changing-gas-mix-levels/

ZOOM WILL FIX THE FLAW THAT LET HACKERS HIJACK WEBCAMS

www.wired.com/story/zoom-flaw-web-server-fix/ AFTER INITIALLY SAYING that it wouldn’t issue a full fix for a vulnerability disclosed on Monday, the video conferencing service Zoom has changed course. The company now tells WIRED that it will push a patch on Tuesday night to alter Zoom’s functionality and eliminate the bug. You should update Zoom as soon as the patch is live.

Microsoft Patches A Pair of Zero-Days Under Active Attack

threatpost.com/microsoft-patches-zero-days-active-attack/146349/ The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel SACK Panic bug.. Microsoft has addressed 77 vulnerabilities in its July Patch Tuesday update, with 15 of them rated as critical and two known to be under active exploit; and Adobe issued a small group of updates, with surprisingly none for Acrobat Reader or Flash.. also:

www.bleepingcomputer.com/news/microsoft/microsofts-july-2019-patch-tuesday-fixes-2-zero-day-vulnerabilities/. also:

isc.sans.edu/forums/diary/MSFT+July+2019+Patch+Tuesday/25110/

Marriott Faces $123 Million GDPR Fine Over Starwood Data Breach

thehackernews.com/2019/07/marriott-data-breach-gdpr.html

Logitech wireless USB dongles vulnerable to new hijacking flaws

www.zdnet.com/article/logitech-wireless-usb-dongles-vulnerable-to-new-hijacking-flaws/ Vulnerabilities found in Logitech’s proprietary Unifying USB dongle technology.. A security researcher has publicly disclosed new vulnerabilities in the USB dongles (receivers) used by Logitech wireless keyboards, mice, and presentation clickers.. report:

github.com/mame82/misc/blob/master/logitech_vuln_summary.md

Microsoft Releases July 2019 Office Updates With Security Fixes

www.bleepingcomputer.com/news/microsoft/microsoft-releases-july-2019-office-updates-with-security-fixes/

Rig Exploit Kit Pushing Eris Ransomware in Drive-by Downloads

www.bleepingcomputer.com/news/security/rig-exploit-kit-pushing-eris-ransomware-in-drive-by-downloads/

US Coast Guard warns about malware designed to disrupt ships’ computer systems

www.zdnet.com/article/us-coast-guard-warns-about-malware-designed-to-disrupt-ships-computer-systems/#ftag=RSSbaffb68 US Coast Guard also shares a list of cybersecurity best practices for commercial vessels.

Security Updates Released for Adobe Bridge, Dreamweaver, and AEM

www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-bridge-dreamweaver-and-aem/

Trickbot Trojan Gets IcedID Proxy Module to Steal Banking Info

www.bleepingcomputer.com/news/security/trickbot-trojan-gets-icedid-proxy-module-to-steal-banking-info/

Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques

blog.talosintelligence.com/2019/07/sea-turtle-keeps-on-swimming.html After several months of activity, the actors behind the “Sea Turtle” DNS hijacking campaign are not slowing down. Cisco Talos recently discovered new details that suggest they regrouped after we published our initial findings and coverage and are redoubling their efforts with new infrastructure. While many actors will slow down once they are discovered, this group appears to be unusually brazen, and will be unlikely to be deterred going forward.

Fake eFax emails are now spreading Dridex Trojan, RMS RAT

www.zdnet.com/article/fake-efax-emails-are-now-spreading-dridex-trojan-rms-rat/ Phishing attachments are dropping a dangerous combination of Trojan and remote access tool.

Anubis Android banking malware returns with extensive financial app hit list

www.zdnet.com/article/anubis-android-banking-malware-returns-with-a-bang/#ftag=RSSbaffb68 Thousands of new samples are targeting 188 banking and finance-related apps.

A deeper dive into the”Silentbruter” malware – Internal folder structures revealed

www.gdatasoftware.com/blog/2019/07/31728-a-deeper-dive-into-thesilentbruter-malware-internal-folder-structures-revealed A malware called “SilentBruter”, which is designed to guess login credentials for online accounts, has caught the attention of one of our analysts. In this blogpost we take a closer look at the Silentbruter-Malware and its rather interesting internal structures.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.