List of well-known web sites that port scan their visitors
www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/ Last weekend, news heavily circulated that eBay.com was port scanning visitors’ computers when they browsed their site. To see what other sites may be using this script, BleepingComputer reached out to DomainTools, a cybersecurity company specializing in web domain and DNS threat intelligence. Of the sites we tested, we saw Citibank, TD Bank, Ameriprise, Chick-fil-A, Lendup, BeachBody, Equifax IQ connect, TIAA-CREF, Sky, GumTree, and WePay port scanning our computers.
Critical ‘Sign in with Apple’ Bug Could Have Let Attackers Hijack Anyone’s Account
thehackernews.com/2020/05/sign-in-with-apple-hacking.html Bhavuk responsibly reported the issue to the Apple security team last month, and the company has now patched the vulnerability. Besides paying bug bounty to the researcher, in response, the company also confirmed that it did an investigation of their server logs and found the flaw was not exploited to compromise any account.
New Noise-Resilient Attack On Intel and AMD CPUs Makes Flush-based Attacks Effective
thehackernews.com/2020/05/noise-resilient-flush-attack.html Modern Intel and AMD processors are susceptible to a new form of side-channel attack. The new variant aims to improve the accuracy of these attacks even in a noisy multi-core system. It also works seamlessly against non-Linux Operating Systems, like macOS.
Amtrak resets user passwords after Guest Rewards data breach
www.bleepingcomputer.com/news/security/amtrak-resets-user-passwords-after-guest-rewards-data-breach/ Amtrak, a high-speed intercity passenger rail provider and an independent US government agency, operates a nationwide rail network in 46 states, the District of Columbia, and three Canadian provinces, with 30 million customers during the last nine years.
The Week in Ransomware – May 29th 2020 – Quiet before the storm?
www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-29th-2020-quiet-before-the-storm/ The biggest news is the Netwalker attack on Michigan State University and a [F]Unicorn spam campaign targeting Italy.
TrickBot Updates Propagation Module
unit42.paloaltonetworks.com/goodbye-mworm-hello-nworm-trickbot-updates-propagation-module/ s early as April 2020, TrickBot updated one of its propagation modules known as “mworm” to a new module called “nworm.” Infections caused through nworm leave no artifacts on an infected DC, and they disappear after a reboot or shutdown.
Valak malware targets Microsoft Exchange servers to steal enterprise data
www.zdnet.com/article/valak-targets-microsoft-exchange-servers-to-steal-enterprise-data-in-active-campaigns/ The malware has been spotted in active campaigns mainly focused entities in the US and Germany, having previously been bundled together with Ursnif and IcedID banking Trojan payloads