Security

Sophisticated hacking campaign uses Windows and Android zero-days--Security Affairs

The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered a watering hole […]

securityaffairs.co

Post-Riot, the Capitol Hill IT Staff Faces a Security Mess

In the aftermath of destructive riots that trashed the United States Capitol on Wednesday, the nation is grappling with questions about the stability and trajectory of US democracy. But inside the ...

www.wired.com

Sunburst: connecting the dots in the DNS requests 

On December 13, 2020 FireEye published important details of a newly discovered supply chain attack. An unknown attacker, referred to as UNC2452 or DarkHalo planted a backdoor in the SolarWinds Orion IT software. This backdoor, which comes in the form of a .NET module, has some really interesting and rather unique features.

securelist.com

Widespread malware campaign seeks to silently inject ads into search results, affects multiple browsers: A persistent malware campaign has been actively distributing Adrozek, an evolved browser modifier malware at scale since at least May 2020. At its peak in August, the threat was observed on over 30,000 devices every day. The malware is designed to inject ads into search engine results pages and affects multiple browsers…

Hundreds of millions of Android users exposed to hack due to CVE-2020-8913--Security Affairs

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913 The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library. 

securityaffairs…

A hacker is selling access to the email accounts of hundreds of C-level executives | ZDNet

Access is sold for $100 to $1500 per account, depending on the company size and exec role.

www.zdnet.com

A flaw in Facebook Messenger could have allowed spying on users--Security Affairs

Facebook has addressed a major security issue in its Messenger for Android app that could have allowed threat actors to spy on users by placing and connecting Messenger audio calls without their interaction. 

securityaffairs.co

Cyberattacks targeting health care must stop - Microsoft on the Issues

In recent months, Microsoft has detected cyberattacks from nation-state actors targeting prominent companies directly involved in researching vaccines and treatments for Covid-19. We are calling on the world’s leaders to affirm that international law protects health care facilities and to take action to enforce the law.

blogs.microsoft.com

Reverse shell botnet Gitpaste-12 spreads via GitHub and Pastebin

A newly discovered worm and botnet named Gitpaste-12 lives on GitHub and also uses Pastebin to host malicious code. The advanced malware comes equipped with reverse shell and crypto mining: www.bleepingcomputer.com