SecurityLab, [04.06.20 15:05]
The Chinese-language cybercrime group Cycldek (also known as Goblin Panda or Conimes) has developed the malicious tool USBCulprit to carry out attacks on physically isolated systems and steal confidential data.
Cycldek APT has developed a malware for attacks on physically isolated systems (https://www.securitylab.ru/news/508913.php)
as reported previously, to exfiltrate data “signals of a computer’s video card” at “distance of 15m” has been tested successfully.
Also with the power supply data could be “morsed out”.
solution: SuperGlue all one’s USB devices into one’s USB ports X-D (unremovable) SuperGlueClose all other USB ports
SecurityLab, [04.06.20 15: 40]
Microsoft has decided to change the way its Edge browser is distributed.from now on, It will be installed on systems automatically, regardless of users ‘ wishes.
Microsoft Edge will now be distributed automatically (https://www.securitylab.ru/news/508915.php)
… why do they have now two browsers that suck? X-D (iexplore + edge X-D)
SecurityLab, [04.06.20 15:55]
Japanese cryptocurrency exchange Coincheck reported a cyber attack.
Criminals seized control of the domain registration service’s account and hacked one of its domain names to carry out phishing attacks.
Criminals seized control of one of the domains of the Coincheck exchange (https://www.securitylab.ru/news/508917.php)
sometimes one thinks: the best way to rob a bank is to own one.
maybe it’s the same for bitcoin exchanges X-D
maybe they rob their own exchanges X-D
(but maybe not who knows)
SecurityLab, [05.06.20 07:55]
Cybercriminals have launched a new large-scale malicious campaign against sites running WordPress.
Hackers exploit old cross-site scripting (XSS) vulnerabilities in non-updated plug-ins and steal site configuration files (wp-config.php) containing usernames and passwords for accessing databases, connection information, unique authentication keys, and salt.
A large-scale malicious campaign against WordPress sites was detected (https://www.securitylab.ru/news/508919.php)
this is why keeping wordpress itself and plugins as up to date as possible is crucial.
also: would disable = rename the xmlrpc.php to xmlrpc.php.disabled or something
this is the php that the app connects to
a lot of bruteforce attacks are going either to wp-admin.php or xmlrpc.php
if user does not use the app, delete/disable it (will return with every update)
maybe cron job automate that deletion X-D
SecurityLab, [05.06.20 08: 30]
Specialists from Cisco Talos have discovered two critical vulnerabilities in the Zoom video conferencing software.
Exploitation of the vulnerability allows an attacker to compromise a computer system via live chat.
Vulnerabilities in Zoom allow you to hack systems via chat (https://www.securitylab.ru/news/508920.php)
SecurityLab, [05.06.20 08:55]
Based on numerous user complaints, the Windows 10 May 2020 Update released last month is causing problems with the Intel Optane memory module.
-> HAHA ! MS U SUCK! X-D
(they try to safe money by miniziming testing, isn’t it? X-D (the end user is doing the quality testing… has always been like this, Apple is moving into the same sloppy direction))
Windows 10 May 2020 Update causes problems with Intel Optane (https://www.securitylab.ru/news/508921.php)
SecurityLab, [05.06.20 10: 00]
Experts from the Google Threat Analysis Group found two unrelated phishing operations aimed at participants in the election campaigns of us presidential candidates Donald trump and Joe Biden.
Phishing emails to Biden’s campaign were sent by hackers linked to the Chinese government, and trump’s were sent to the Iranian government.
Iranian and Chinese hackers attack the election headquarters of trump and Biden (https://www.securitylab.ru/news/508925.php)
SecurityLab, [05.06.20 10: 15]
Experts from IntSights noted an increase in demand for YouTube channel credentials on underground trading platforms.
The cost of the offered accounts is proportional to the number of subscribers.
For example, the price for a channel with 200 thousand subscribers starts from $1000.
The demand for YouTube channel credentials has increased in the darknet (https://www.securitylab.ru/news/508926.php)
SecurityLab, [05.06.20 11:25]
Mozilla plans to add the ability to export saved credentials to a CSV file in future versions of Firefox, which can then be imported into the password Manager or saved as a backup.
In Firefox, you will see a function for exporting passwords in text format (https://www.securitylab.ru/news/508932.php)
SecurityLab, [05.06.20 11:55]
The developers of the secure messenger Signal told about a new feature in their app that will allow users to blur faces in photos.
The innovation will be available in future versions of Signal for Android and iOS and will automatically recognize faces and hide them.
Otherwise, the user can manually blur the image before sending it.
The Signal messenger will feature photo anonymization (https://www.securitylab.ru/news/508933.php)
SecurityLab, [05.06.20 13: 20]
The spread of misinformation about the coronavirus is gradually becoming almost more of a problem than the coronavirus itself.
According to a survey conducted by the British company YouGov commissioned by Yahoo News, one of the most popular “conspiracy theories” on this topic is the alleged plans of Bill Gates to introduce microchips into the human body under the guise of a vaccine against COVID-19.
According to a survey of US residents, the most adherents of this theory are among Republicans, the audience of the Fox News channel and people who voted for Donald trump.
Bill gates has denied the rumors about the chipping of people (https://www.securitylab.ru/news/508941.php)
SecurityLab, [05.06.20 14:20]
The British Ministry of defence has created the 13th Signal regiment within the Royal corps of signals of the British armed forces, responsible for providing protection against digital attacks.
The new unit will protect vital defense networks at home and during operations abroad.
The UK defense Ministry has created a cyber regiment to protect against digital attacks
SecurityLab, [05.06.20 16: 00]
Using them allows a remote attacker to compromise the target system, perform spoofing, or circumvent security measures.
Vulnerability overview for the week: June 5, 2020 (https://www.securitylab.ru/news/508948.php)
SecurityLab, [06.06.20 12: 30]
Facebook will begin marking pages, publications, or advertisements of state-controlled media outlets.
The company announced this in its blog.
Facebook will start marking state-controlled media outlets (https://www.securitylab.ru/news/508949.php)
SecurityLab, [06.06.20 22: 45]
In the evening of June 6, Telegram experienced a massive failure.
This is evidenced by data from the DownDetector.com service on June 6.
According to them, the failure occurred around 11 PM in Moscow.
Most of them have problems logging in, while others note that they can’t send a message.
At the time of writing the news, more than 11 thousand messenger users complained about problems in their work.
The vast majority of them — 93% — report that they can’t connect.
The others don’t send messages.
Most of the reports of failures came from the European part of Russia — Moscow and St. Petersburg, as well as Belarus, Ukraine, Germany, Italy, Estonia, Latvia, France and Spain.
There was a failure in the work of Telegram around the world (https://www.securitylab.ru/news/508951.php)
SecurityLab, [07.06.20 13: 00]
Cybercriminals are distributing a fake tool to recover files encrypted by the ransomware STOP Djvu.
The free decryptor supposedly decrypts files, but in fact re-encrypts them, making the situation even worse.
A fake decryptor re-encrypts victims ‘ files (https://www.securitylab.ru/news/508960.php)
SecurityLab, [08.06.20 08:15]
Apple has released a free set of tools for developers of password managers and other applications that allows you to generate strong passwords.
Apple has released a set of tools for developing password managers (https://www.securitylab.ru/news/508961.php)
SecurityLab, [08.06.20 08: 30]
Operators of extortionate software eCh0raix organized a malicious campaign targeting network storage (NAS) QNAP.
Malware compromises devices by brutalizing and exploiting known vulnerabilities in network storage (CVE-2018-19943, CVE-2018-19949, and CVE-2018-19953) that allow code to be embedded or remotely executed.
Operators of the eCh0raix ransomware attacked QNAP network storage (https://www.securitylab.ru/news/508962.php)
SecurityLab, [08.06.20 09:25]
Security researcher Athul Jayaram warned about the threat posed by a WhatsApp messenger feature called Click to Chat.
According to him, the function allows Google to index users ‘ phone numbers, and they can then be easily found using a search engine.
WhatsApp allows Google to index users ‘ phone numbers (https://www.securitylab.ru/news/508966.php)
“Your Whatsapp number may be leaked in the open web, they don’t care do you?”
SecurityLab, [08.06.20 10: 00]
Two residents of the Voronezh region are accused of illegally “cloning” Bank cards, using which they tried to steal funds from other people’s Bank accounts.
Residents of the Voronezh region stole 15 million rubles using “clones” of Bank cards (https://www.securitylab.ru/news/508971.php)
SecurityLab, [08.06.20 10: 15]
64-year-old Kenenty Kim, also known as Myung Kim, admitted in the Federal court of the southern district of Texas to carrying out BEC attacks (business email compromise–, in which he sent fake emails to employees of companies allegedly on behalf of executives.
The criminal cheated the company Electrlux and Solid Bridge for more than $500,000.
SecurityLab, [08.06.20 11: 40]
Exploiting the vulnerability allows attackers to disrupt traffic lights.
Vulnerability in SWARCO controllers can disrupt traffic lights (https://www.securitylab.ru/news/508975.php)