Security daily (15-06-2020)

‘Vendetta’ hackers are posing as Taiwan's CDC in data-theft campaign

A mysterious hacking group has been posing as Taiwan’s top infection-disease official in an attempt to steal sensitive data from Taiwanese users, researchers said Monday. The hackers sent meticulously written spearphishing emails to a select group of targets, which may have included Taiwan’s Centers for Disease Control employees, according to ElevenPaths, the cybersecurity unit of Spanish telecommunications firm Telefónica Group, which uncovered the activity. It’s a reminder of the lengths to which hacking groups have gone to impersonate public health authorities and break into computer networks during the COVID-19 pandemic. Over the course of a week in early May, the hackers sent emails to certain Taiwanese users urging them to get novel coronavirus tests. Attached to the email was a remote hacking tool capable of stealing login credentials and hijacking webcams. “The type of tools and the targets selected indicate that they are looking for intelligence, mainly governmental,” Miguel Ángel […] The post ‘Vendetta’ hackers are posing as Taiwan's CDC in data-theft campaign appeared first on CyberScoop. (CyberScoop)

Research shows human rights activists in India were targeted with spyware

Human rights activists in India were targeted by a coordinated spyware campaign from January to October of 2019, according to research published Monday by Amnesty International and the University of Toronto’s Citizen Lab. Nine activists in total were targeted, eight of which have been calling for the release of 11 people jailed during protests related to the violent uprising in Bhima Koregaon, India in 2018. The targets were sent spearphishing emails with malicious links and files that, if clicked, would infect the victims’ computers with spyware capable of tracking their communications. Three of the activists were also alleged to have been targeted by Pegasus, a notorious spyware program developed by Israeli surveillance software firm NSO Group last year. Human rights defenders in India have been victimized by spyware in the past. But the research shows that surveillance software has been leveraged multiple times against activists linked to the Bhima Koregaon activists. One […] The post Research shows human rights activists in India were targeted with spyware appeared first on CyberScoop. (CyberScoop)

You’ve heard of sextortion – now there’s “breachstortion”, too

Sextortion again - but with "we hacked your website and stole all your data" instead of "we hacked your webcam and made a video". (Naked Security)

Congress wants to know who is using spyware against the US

A 2021 intelligence funding draft bill mandates a report on surveillance vendors and which countries or other actors are using spyware. (Naked Security)

Microsoft Azure users leave front door open for cryptomining crooks

Microsoft has discovered a campaign that exploits Kubernetes to install cryptomining software in its Azure cloud. (Naked Security)

Monday review – the hot 13 stories of the week

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time. (Naked Security)

Six Former eBay Employees Charged With Aggressive Cyberstalking Campaign

(News ≈ Packet Storm)

Intel Will Soon Bake Anti-Malware Defenses Directly Into Its CPUs

(News ≈ Packet Storm)

Lamphone Attack Recovers Conversations From Your Light Bulb

(News ≈ Packet Storm)

South African Bank To Replace 12m Cards After Employees Stole Master Key

(News ≈ Packet Storm)

Russian Hacker Releases At Least 14,000 Mexican Taxpayer IDs

(News ≈ Packet Storm)

WebAuthn Passwordless Authentication Now Available for Atlassian Products

Atlassian solutions are widely used in the software development industry. Many teams practicing agile software development rely on these applications to manage their projects.

Issue-tracking application Jira, Git repository BitBucket, continuous integration and deployment server Bamboo, and team collaboration platform Confluence are all considered to be proven agile tools.

Considering how (The Hacker News)

New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users

High impact vulnerabilities in modern communication protocol used by mobile network operators (MNOs) can be exploited to intercept user data and carry out impersonation, fraud, and denial of service (DoS) attacks, cautions a newly published research.

The findings are part of a new Vulnerabilities in LTE and 5G Networks 2020 report published by London-based cybersecurity firm Positive (The Hacker News)

Twitter Disrupts Wide-Ranging Political Disinformation Campaigns

This removal, of 32K accounts, is not the first time Twitter has taken action to protect its users from influence operations. Researchers weighed in on the practice with Threatpost. (Threatpost)

Intel Adds Anti-Malware Protection in Tiger Lake CPUs

Intel's Tiger Lake CPUs will come with Control-flow Enforcement Technology (CET), aimed at battling common control-flow hijacking attacks. (Threatpost)

WFH Alert: Critical Bug Found in Old D-Link Router Models

Researchers find six bugs in consumer D-Link DIR-865L Wireless AC 1750 Dual Band Cloud Router. (Threatpost)

Claire’s Customers Targeted with Magecart Payment-Card Skimmer

The Magecart group targeted the tween accessories specialist starting the day after it shuttered its retail locations due to coronavirus. (Threatpost)

‘Lamphone’ Hack Uses Lightbulb Vibrations to Eavesdrop on Homes

A new hack allowed researchers to discern sound -- including "Let it Be" by the Beatles, and audio from a Donald Trump speech -- from lightbulb vibrations. (Threatpost)


/security-daily/ 16-06-2020 23:44:22