Security daily (14-01-2021)

CISA tells agencies to consider ad blockers to fend off 'malvertising'

The U.S. Cybersecurity and Infrastructure Security Agency urged federal agencies on Thursday to deploy ad-blocking software and standardize web browser usage across their workforces in order to fend off advertisements implanted with malware. “With many agencies greatly expanding telework options, agencies should increase attention on securing federal endpoints, including associated web browsing capabilities,” the Department of Homeland Security’s cyber arm said in a guide for agencies. With the alert, CISA joins the National Security Agency, which in 2018 likewise urged agencies to adopt ad blockers in response to the threat from “malvertising” that can spread malware. However, CISA cautioned that ad blockers aren’t a cure-all for the issue of malicious adversiting which in recent months has plagued TikTok and a slew of industries during the coronavirus. “Some browser extensions are known to accept payment from advertisers to ensure their ads are allowlisted from blocking,” the agency said, citing concerns that […] The post CISA tells agencies to consider ad blockers to fend off 'malvertising' appeared first on CyberScoop. (CyberScoop)

Ring adds encryption tool as other security questions surface

Ring will begin protecting the data that travels through its cameras with end-to-end encryption. The Amazon-owned home security firm announced its intentions to roll out end-to-end encryption, which will protect videos from being seen by unwanted third parties while streaming to customers’ devices, in September. The company said Wednesday it would begin a “technical preview” for the new data protection feature, which encrypts streams from the camera to the device where a footage is streamed. Ring markets its devices as a way to boost neighborhoods’ and customers’ safety, but researchers have routinely accused the company of degrading customers’ security and privacy for years. Meanwhile, TechCrunch on Thursday reported that the company’s companion application, Neighbors, has been exposing some users’ location and home addresses. The application, intended to allow users to anonymously share information with neighbors about crimes or violence captured on their Ring cameras, was collecting location information about posters […] The post Ring adds encryption tool as other security questions surface appeared first on CyberScoop. (CyberScoop)

Capitol Hill riot crackdown leaves extremists searching for more secure messaging platforms, US intel memo says

A law enforcement crackdown on domestic terrorists following the Capitol Hill riot will likely lead some violent extremists to turn to communications platforms they perceive to be more secure to discuss their activities, according to a U.S. intelligence bulletin obtained by CyberScoop. The arrests of Jan. 6 rioters could deter some domestic violent extremists (DVEs), but “lead others to adjust their tactics and to lessen law enforcement scrutiny,” says the Jan. 13 memo from the Department of Homeland Security, FBI and the National Counterterrorism Center. The document is marked “For Official Use Only” and was distributed to state and local law enforcement agencies. The bulletin shows how law enforcement officials are looking to track any efforts by far-right extremists to cloak their communications on encrypted platforms following the insurrection. Some of the would-be usurpers have reportedly turned to encrypted messaging platforms Telegram and Signal after crackdowns on other media. Twitter […] The post Capitol Hill riot crackdown leaves extremists searching for more secure messaging platforms, US intel memo says appeared first on CyberScoop. (CyberScoop)

Iran-linked spies used Christmas as cover for spearphishing, researchers say

A cyber-espionage group linked to the Iranian government timed a mobile phishing campaign with the Christmas holidays, using email and text messages to target individuals at think tanks, universities and elsewhere, according to new research. Known as Charming Kitten, APT35 or Phosphorous, the group sent fake text messages from “Google Account Recovery” and fake emails with Christmas content, reports the cybersecurity organization CERFTA, which specializes in Iran-related research. The goal was to use malicious web pages to capture login credentials and “steal sensitive data from their victims,” CERTFA said. “The group started the new round of attacks at a time when most companies, offices, organizations, etc. were either closed or half-closed during Christmas holidays and, as a result, their technical support and IT departments were not able to immediately review, identify, and neutralize these cyber incidents,” CERTFA says. “Charming Kitten has taken full advantage of this timing to execute its […] The post Iran-linked spies used Christmas as cover for spearphishing, researchers say appeared first on CyberScoop. (CyberScoop)

Europol announces bust of “world’s biggest” dark web marketplace

Dark web servers are hard to find - but not impossible. (Naked Security)

S3 Ep15: Titan keys, Mimecast certs and Solarwinds [Podcast]

Latest episode. Listen now! (Naked Security)

Ring Adds End-To-End Encryption To Quell Security Uproar

(News ≈ Packet Storm)

Kaspersky Lab Fingers Own Government For SolarWinds Hack

(News ≈ Packet Storm)

Apple Removes Feature That Allowed Its Apps To Bypass macOS Firewalls And VPNs

(News ≈ Packet Storm)

Hackers Used 4 Zero-Days To Infect Windows And Android Devices

(News ≈ Packet Storm)

Real-Time Phishing Kit Targets Brazilian Central Bank

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our investigation revealed was that attackers were leveraging PIX, a new payment method created by the Brazilian Central Bank. Features & Context for PIX PIX was created and introduced to replace Brazil’s old and deprecated transfer methods TED and DOC. PIX’s new functionalities made it significantly cheaper and faster for transactions to be completed, allowing transfers to be conducted any time of the day, including weekends — functionality not available in the older, deprecated methods. Continue reading Real-Time Phishing Kit Targets Brazilian Central Bank at Sucuri Blog. (Sucuri Blog)

Facebook: Malicious Chrome Extension Developers Scraped Profile Data

Facebook has sued two Chrome devs for scraping user profile data - including names, user IDs and more. (Threatpost)

Florida Ethics Officer Charged with Cyberstalking

Judge bars former Tallahassee city ethics officer from internet-connected devices after her arrest for cyberstalking. (Threatpost)

Telegram Bots at Heart of Classiscam Scam-as-a-Service

The cybercriminal service has scammed victims out of $6.5 million and continues to spread on Telegram. (Threatpost)

Cloud Attacks Are Bypassing MFA, Feds Warn

CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted. (Threatpost)

Ring Adds End-to-End Encryption to Quell Security Uproar

The optional feature was released free to users in a technical preview this week, adding a new layer of security to service, which has been plagued by privacy concerns. (Threatpost)


/security-daily/ 15-01-2021 23:44:27