Security daily (21-10-2020)

DOJ efforts to weaken encryption place national security at risk, congressman says

Rep. Ro Khanna has one message for politicians who continue to suggest technology companies should give law enforcement agencies access to encrypted data: This is a power grab. The U.S. Department of Justice has long called for technology firms to create software that would allow law enforcement agencies to investigate suspects who use encryption to hide illegal behavior. For Khanna, a California Democrat, the tradeoff is too dangerous. Legislation that enables law enforcement to crack strong security measures in order to root out some criminals, while also but leaving other people’s communications exposed, just is not worth it, he said Wednesday during CyberTalks, a virtual event produced by CyberScoop. “What I worry about is at a time where we already have an imbalance between the power of the U.S. government and the power of corporations and the individual, is it would shift more power to the tech companies and the government,” he said. “If you […] The post DOJ efforts to weaken encryption place national security at risk, congressman says appeared first on CyberScoop. (CyberScoop)

Justice Department official accuses China of acting as ‘safe haven’ for cybercriminals

China is increasingly tolerant of criminal hackers on its soil if they are willing to hack on behalf of the Chinese government, a senior U.S. Justice Department official has alleged. Recent U.S. indictments of accused Chinese hackers indicate that the country “has become a safe haven for cybercriminals as long as they’re also doing work on behalf of the state,” John Demers, the assistant attorney general for national security, alleged in an interview for CyberTalks, the annual summit produced by Scoop News Group. “That’s very worrisome…because now you’ve got a country that’s giving free rein to criminal hackers.” It’s an accusation that U.S. government officials and security researchers have frequently leveled against Russia, as well. The blend, though, of criminal and state-sponsored activity in China will make it even more difficult for U.S. companies to defend themselves, Demers said. A spokesperson for the Chinese Embassy in Washington, D.C., called the allegations “groundless,” adding: “China is a […] The post Justice Department official accuses China of acting as ‘safe haven’ for cybercriminals appeared first on CyberScoop. (CyberScoop)

'MuddyWater' spies suspected in attacks against Middle East governments, telecoms

One of the most prolific cyber-espionage groups linked to Iran has used old tricks — and perhaps a new hacking tool — in dozens of attempts to breach government and telecommunications operators in the Middle East in recent months, security researchers said Wednesday. The hacking attempts have hit organizations in Iraq, Kuwait, Turkey and the United Arab Emirates, according to researchers at security provider Symantec. Iran has strategic interests in all of those countries. And the attackers appear to be trying to smuggle key data from the organizations they managed to breach. It’s a reminder that while other hacking teams associated with Tehran have gained notoriety for disruptive, data-wiping attacks against Middle East organizations, the group known as MuddyWater, or Seedworm, is better known for its relentless spying efforts. “These actors are extremely focused in what they’re doing,” said Vikram Thakur, technical director at Symantec, a division of semiconductor and software maker Broadcom. “They’re […] The post 'MuddyWater' spies suspected in attacks against Middle East governments, telecoms appeared first on CyberScoop. (CyberScoop)

Chrome zero-day in the wild – patch now!

Exploitable bug in Chrome - patch now! (Naked Security)

Use Banner Grabbing to Aid in Reconnaissance & See What Services Are Running on the System

As we've seen with other tools and utilities, administrators typically use certain things to do their job more efficiently, and those things are often abused by attackers for exploitation. After all, hacking is just the process of getting a computer to do things in unexpected ways. Today, we will be covering various methods to perform banner grabbing to learn more about the target system.

Banner grabbing is a technique used to gather information about running services on a computer system. Banners refer to the messages on the host that usually provide a greeting or version information. An... more (Null Byte « WonderHowTo)

Adobe Release Another Out-Of-Band Patch, Squashing Bugs Across Creative

(News ≈ Packet Storm)

Cybersecurity And A Potential Biden White House

(News ≈ Packet Storm)

Google Patches Actively-Exploited Zero-Day Bug In Chrome Browser

(News ≈ Packet Storm)

Adblockers Installed 300,000 Times Are Found To Be Malicious

(News ≈ Packet Storm)

A Quick Glance at Cross-Origin Resource Sharing Security Headers

Thanks to the rapid growth of JavaScript frameworks such as Angular, Vue, and React, CORS has become a popular word in the developer’s vocabulary. When requesting information from an external source such as an API (a pretty common practice for client-side JavaScript code), the origin of the resource must tell the web browser which domain, HTTP method, and header are allowed to request the resource. This is possible and easy to do with the Cross-origin resource sharing (CORS) headers — the most common being Access-Control-Allow-Origin, Access-Control-Allow-Methods and Access-Control-Allow-Headers. Continue reading A Quick Glance at Cross-Origin Resource Sharing Security Headers at Sucuri Blog. (Sucuri Blog)

New Chrome 0-day Under Active Attacks – Update Your Browser Now

Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild by attackers to (The Hacker News)

Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks

Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browsers include UCWeb, Yandex Browser, Bolt Browser, and RITS Browser. The flaws were discovered by Pakistani (The Hacker News)

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks

The Feds have published a Top 25 exploits list, rife with big names like BlueKeep, Zerologon and other notorious security vulnerabilities. (Threatpost)

Cisco Warns of Severe DoS Flaws in Network Security Software

The majority of the bugs in Cisco’s Firepower Threat Defense (FTD) and Adaptive Security Appliance (ASA) software can enable denial of service (DoS) on affected devices. (Threatpost)

Oracle Kills 402 Bugs in Massive October Patch Update

Over half of Oracle's flaws in its quarterly patch update can be remotely exploitable without authentication; two have CVSS scores of 10 out of 10. (Threatpost)

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data

The ransomware gang claims to have bought network access to the bookseller's systems before encrypting the networks and stealing "financial and audit data." (Threatpost)

Cybercriminals Step Up Their Game Ahead of U.S. Elections

Ahead of the November U.S. elections, cybercriminals are stepping up their offensive in both attacks against security infrastructure and disinformation campaigns - but this time, social media giants, the government and citizens are more prepared. (Threatpost)


/security-daily/ 22-10-2020 23:44:25