Security daily (11-08-2020)

Facebook's hate speech removals jumped by more than 100% in recent months

The number of posts that Facebook removed for violating its policies around hate speech in the second quarter of 2020 more than doubled than the number of posts during the previous quarter, the company said. Facebook scrubbed 22.5 million pieces of hate speech — defined as violent or dehumanizing speech, statements of inferiority, slurs or calls for exclusion or segregation — from its platform, up from 9.6 million pieces of content in the first three months of the year. The uptick coincided with the removal of 14 networks that Facebook associated with “hate and/or white supremacist groups” such as the Ku Klux Klan, the Proud Boys and avowed neo-Nazi groups Atomwaffen and Blood & Honour. The update comes as part of the firm’s regular community standards enforcement report. Facebook also removed 1.5 billion fake accounts during the same period. The numbers come after civil rights attorneys Facebook hired to audit its […] The post Facebook's hate speech removals jumped by more than 100% in recent months appeared first on CyberScoop. (CyberScoop)

Citrix releases fix for software bug that hackers ‘will move quickly to exploit’

A newly revealed set of vulnerabilities in popular software made by Citrix, whose clients include Fortune 500 companies, could let hackers who exploit the bugs gain control of a mobile server and steal sensitive data. The Florida-based company, which has dealt with multiple critical vulnerabilities this year, has released fixes for the new round of bugs and urged customers to apply them. “While there are no known exploits as of this writing, we do anticipate malicious actors will move quickly to exploit,” Citrix CISO Fermin J. Serna wrote in a blog post Tuesday. The bugs are in a software product known as Citrix Endpoint Management or XenMobile, which allows clients to remotely connect to corporate networks with their mobile devices. Exploiting one of the bugs could let a hacker steal domain account credentials for a corporate network, according to Andrey Medov, a security researcher at Positive Technologies, which found the […] The post Citrix releases fix for software bug that hackers ‘will move quickly to exploit’ appeared first on CyberScoop. (CyberScoop)

Hackers exploited Tor exit relays to generate bitcoin: research

At one point this spring, a single set of money-hungry hackers controlled nearly a quarter of the endpoint infrastructure through which the anonymizing internet browser Tor routed traffic, a researcher who tracks Tor claimed this week. The unidentified attacker likely used those Tor “exit relays” — the IP addresses through which Tor traffic passes — to manipulate the traffic and mine cryptocurrency, said the researcher, who goes by nusenu. How much bitcoin the attackers were able to generate, if any, remains unclear. It’s the latest example of how malicious hackers can subvert parts of Tor’s infrastructure for their own gain, and follows another set of malicious Tor activity documented by the same researcher last year. Users ranging from human rights workers in repressive countries to U.S. drug dealers rely on Tor to try to maintain their anonymity online. “So far, 2020 is probably the worst year in terms of malicious Tor exit relay activity since I started monitoring it about […] The post Hackers exploited Tor exit relays to generate bitcoin: research appeared first on CyberScoop. (CyberScoop)

3 strategies for addressing sensitive legal cybersecurity issues

Three years after enacting one of the most exacting cybersecurity regulations in the United States, the New York State Department of Financial Services (NYDFS) recently filed its first cybersecurity enforcement action. This enforcement action shows the importance of mitigating legal risks when addressing cybersecurity risks. NYDFS alleged that First American Financial, one of the country’s largest providers of title insurance, failed to properly address a known security vulnerability on its website that allowed millions of documents containing consumers’ nonpublic information to be exposed. After the vulnerability surfaced in a penetration test, First American misclassified the vulnerability as “low,” failed to investigate the vulnerability in the timeframe set by the company’s cybersecurity policy, as well as the scope of documents that were exposed, and neglected to heed the recommendations of its in-house cybersecurity team. The timing of the NYDFS’s inaugural enforcement action shows that cybersecurity remains a key priority for government […] The post 3 strategies for addressing sensitive legal cybersecurity issues appeared first on CyberScoop. (CyberScoop)

Facial recognition – another setback for law enforcement

"Something needs to be done," said the court. Where do you stand? For or against, have your say in our comments. (Naked Security)

How to Gain SSH Access to Servers by Brute-Forcing Credentials

SSH is one of the most common protocols in use in modern IT infrastructures, and because of this, it can be a valuable attack vector for hackers. One of the most reliable ways to gain SSH access to servers is by brute-forcing credentials. There are a few methods of performing an SSH brute-force attack that will ultimately lead to the discovery of valid login credentials.

While not the only ways to do so, we'll be exploring tools such as Metasploit, Hydra, and the Nmap Scripting Engine in Nmap to accomplish this task, all of which are included in Kali Linux. As for the target, we will be... more (Null Byte « WonderHowTo)

Tor Exit Nodes Hijacked To Perform SSL stripping Attacks

(News ≈ Packet Storm)

Homeland Security Details New Tools For Extracting Device Data At US Borders

(News ≈ Packet Storm)

NCC Group Admits Leaking Training Data Online

(News ≈ Packet Storm)

Why Did The FCA Drop Its Warning About The OneCoin Scam?

(News ≈ Packet Storm)

Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)

Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management (CEM), also known as XenMobile, a product made for enterprises to help companies manage and secure their employees' mobile devices remotely.

Citrix Endpoint Management offers businesses mobile device management (MDM) and mobile application management (MAM) capabilities. It allows (The Hacker News)

Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers

If you haven't recently updated your Chrome, Opera, or Edge web browser to the latest available version, it would be an excellent idea to do so as quickly as possible.

Cybersecurity researchers on Monday disclosed details about a zero-day flaw in Chromium-based web browsers for Windows, Mac and Android that could have allowed attackers to entirely bypass Content Security Policy (CSP) rules (The Hacker News)

A New vBulletin 0-Day RCE Vulnerability and Exploit Disclosed Publicly

A security researcher earlier today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability affecting the widely used internet forum software vBulletin that's already under active exploitation in the wild.

vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server that (The Hacker News)

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal

The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware. (Threatpost)

Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

One of the two zero-day bugs is rated ‘critical’ and is classified as a remote code-execution bug impacting Microsoft’s Internet Explorer. (Threatpost)

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

A critical privilege-escalation flaw affects several popular Intel motherboards, server systems and compute modules. (Threatpost)

Critical Adobe Acrobat and Reader Bugs Allow RCE

Adobe patched critical and important-severity flaws tied to 26 CVEs in Acrobat and Reader. (Threatpost)

Cybersecurity Skills Gap Worsens, Fueled by Lack of Career Development

The fundamental causes for the skill gap are myriad, starting with a lack of training and career-development opportunities. (Threatpost)

Samsung Quietly Fixes Critical Galaxy Flaws Allowing Spying, Data Wiping

Four critical-severity flaws were recently disclosed in the Find My Mobile feature of Samsung Galaxy smartphones, which if exploited could allow attackers to force a factory reset on the phones or spy on users. (Threatpost)

Researcher Publishes Patch Bypass for vBulletin 0-Day

Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug. (Threatpost)


/security-daily/ 12-08-2020 23:44:24