This posting is here to collect cyber security news in April 2020.
I post links to security vulnerability news with short descriptions to comments section of this article.
If you are interested in cyber security trends, read my Cyber security trends 2020 posting.
You are also free to post related links to comments.
218 Comments
Tomi Engdahl says:
Critical Vulnerable Found In WordPress Search Engine Optimisation (WSEO) Which Cloud Lock Admin Out
https://www.hackers-review.tech/2020/04/critical-vulnerable-found-in-wordpress.html
The WordPress plugin (search engine optimization) vulnerabilities, OR Rank Math has they called it allow remote cyber criminals, according to researchers, to increase their privileges and install malicious redirects on a target Website online. It’s a plugin for WordPress with over 200,000 installs.
One of all the flaws (10 out of 10 on the CVSSv3 vulnerability scale) in accordance with the researchers with Wordfence are significant.
Tomi Engdahl says:
https://krebsonsecurity.com/2020/04/war-dialing-tool-exposes-zooms-password-problems/
Harden Your Zoom Settings to Protect Your Privacy and Avoid Trolls
https://www.eff.org/deeplinks/2020/04/harden-your-zoom-settings-protect-your-privacy-and-avoid-trolls
Tomi Engdahl says:
Hackers ‘without conscience’ demand ransom from dozens of hospitals and labs working on coronavirus
https://fortune.com/2020/04/01/hackers-ransomware-hospitals-labs-coronavirus/
Tomi Engdahl says:
DarkHotel hackers use VPN zero-day to breach Chinese government agencies
https://www.zdnet.com/article/darkhotel-hackers-use-vpn-zero-day-to-compromise-chinese-government-agencies/
Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad.
Tomi Engdahl says:
8,000 Unprotected Redis Instances Accessible From Internet
https://www.securityweek.com/8000-unprotected-redis-instances-accessible-internet
Trend Micro’s security researchers discovered roughly 8,000 unsecured Redis instances that were exposed to anyone with an Internet connection.
Spread all over the world, the unsecured instances were found to lack Transport Layer Security (TLS) encryption and without any password protection. Some of these instances were even deployed in public clouds.
An open source, in-memory data structure store, Redis (Remote Dictionary Server) was designed for use within trusted environments. Thus, if left unsecured and Internet-accessible, Redis instances are prone to all kinds of abuse, including SQL injections, cross-site scripting attacks, and even remote code execution.
Tomi Engdahl says:
Pre-Installed Utility Renders HP Computers Vulnerable to Attacks
https://www.securityweek.com/pre-installed-utility-renders-hp-computers-vulnerable-attacks
A security researcher discovered multiple vulnerabilities in HP Support Assistant, a utility pre-installed on all HP computers sold after October 2012.
Pre-loaded on computers running Windows 7, Windows 8, and Windows 10, the tool was found to be impacted by ten vulnerabilities, including five local privilege escalation flaws, two arbitrary file deletion bugs, and three remote code execution bugs.
When launched, the utility starts hosting a “service interface” that exposes over 250 different functions to the client. The contract interface is exposed to the local system and clients connect to it through a specific pipe, security researcher Bill Demirkapi explains.
Several Critical Vulnerabilities on most HP machines running Windows
https://d4stiny.github.io/Several-Critical-Vulnerabilities-on-most-HP-machines-running-Windows/
Tomi Engdahl says:
Attacks Simultaneously Exploiting Vulnerability in IE (CVE-2020-0674)
and Firefox (CVE-2019-17026)
https://blogs.jpcert.or.jp/en/2020/04/ie-firefox-0day.html
On 8 January 2020, Mozilla released an advisory regarding a
vulnerability in Firefox. On 17 January, Microsoft reported that 0-day
attacks exploiting a vulnerability in Internet Explorer (IE) had been
seen in the wild. JPCERT/CC confirmed attacks exploiting both
vulnerabilities at once and issued a security alert.. This article
explains the details of these attacks.
Tomi Engdahl says:
Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?
https://threatpost.com/beyond-zoom-safe-slack-collaboration-apps/154446/
As the coronavirus pandemic continues to worsen, remote-collaboration
platforms now fixtures in many workers new normal are facing more
scrutiny. Popular video-conferencing app Zoom may currently be in the
cybersecurity hot seat, but other collaboration tools, such as Slack,
Trello, WebEx and Microsoft Teams, are certainly not immune from
cybercriminal attention.
Tomi Engdahl says:
NASA sees an exponential jump in malware attacks as personnel work
from home
https://arstechnica.com/information-technology/2020/04/nasa-sees-an-exponential-jump-in-malware-attacks-as-personnel-work-from-home/
NASA has experienced an exponential increase in malware attacks and a
doubling of agency devices trying to access malicious sites in the
past few days as personnel work from home, the space agencys Office of
the Chief Information Officer said on Monday.
Tomi Engdahl says:
80% of all exposed Exchange servers still unpatched for critical flaw
https://www.bleepingcomputer.com/news/security/80-percent-of-all-exposed-exchange-servers-still-unpatched-for-critical-flaw/
Starting March 24, Rapid7 used its Project Sonar internet-wide survey
tool to discover all publicly-facing Exchange servers on the Internet
and the numbers are grim.. As they found, “at least 357,629 (82.5%) of
the 433,464 Exchange servers” are still vulnerable to attacks that
would exploit the CVE-2020-0688 vulnerability.
Tomi Engdahl says:
Trusting Zoom?
https://www.cs.columbia.edu/~smb/blog/2020-04/2020-04-06.html
Since the world went virtual, often by using Zoom, several people have
asked me if I use it, and if so, do I use their app or their web
interface. If I do use it, isn’t this odd, given that I’ve been doing
security and privacy work for more than 30 years and everyone knows
that Zoom is a security disaster?. Also
https://www.sans.org/webcasts/zomg-its-zoom-114670
Tomi Engdahl says:
Official Government COVID-19 Mobile Apps Hide a Raft of Threats
https://threatpost.com/official-government-covid-19-apps-threats/154512/
Security researchers at the ZeroFOX Alpha Team have uncovered various
privacy concerns and security vulnerabilities including a backdoor in
various apps. The apps are either created and endorsed by countries or
invented as one-offs by threat actors to take advantage of the current
pandemic, according to a blog post published Monday.. Original at
https://www.zerofox.com/blog/covid-19-mobile-apps/. Also
https://www.androidcentral.com/google-nukes-all-coronavirus-android-apps-play-store
https://www.cnbc.com/2020/03/05/apple-rejects-coronavirus-apps-that-arent-from-health-organizations.html
Tomi Engdahl says:
Decade of the RATs: Novel APT Attacks Targeting Linux, Windows and
Android
https://blogs.blackberry.com/en/2020/04/decade-of-the-rats
BlackBerry researchers have released a new report that examines how
five related APT groups operating in the interest of the Chinese
government have systematically targeted Linux servers, Windows systems
and Android mobile devices while remaining undetected for nearly a
decade.. Report at
https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-decade-of-the-rats.pdf
Tomi Engdahl says:
COVID-19 Exploited by Malicious Cyber Actors
https://www.us-cert.gov/ncas/alerts/aa20-099a
This alert provides information on exploitation by cybercriminal and
advanced persistent threat (APT) groups of the current coronavirus
disease 2019 (COVID-19) global pandemic. It includes a non-exhaustive
list of indicators of compromise (IOCs) for detection as well as
mitigation advice.. This is a joint alert from the United States
Department of Homeland Security (DHS) Cybersecurity and Infrastructure
Security Agency (CISA) and the United Kingdoms National Cyber Security
Centre (NCSC).
Tomi Engdahl says:
Introducing our new book Building Secure and Reliable Systems
https://security.googleblog.com/2020/04/introducing-our-new-book-building.html
For good reasons, enterprise security teams have largely focused on
confidentiality. However, organizations often recognize data integrity
and availability to be equally important, and address these areas with
different teams and different controls. . The SRE function is a
best-in-class approach to reliability. However, it also plays a role
in the real-time detection of and response to technical
issuesincluding security- related attacks on privileged access or
sensitive data. Ultimately, while engineering teams are often
organizationally separated according to specialized skill sets, they
have a common goal: ensuring the quality and safety . of the system or
application.
Tomi Engdahl says:
Zoom removes meeting IDs from client title bar to boost security
https://www.bleepingcomputer.com/news/software/zoom-removes-meeting-ids-from-client-title-bar-to-boost-security/
A new update to the Zoom client has been released that removes the
meeting ID from the title bar when conducting meetings to increase
security and to prevent them from being exposed in screenshots.. Other
Zoom-related news at
https://www.bleepingcomputer.com/news/security/zoom-creates-council-of-cisos-to-solve-security-privacy-issues/
https://www.zdnet.com/article/google-heres-how-google-meet-beats-zoombombing-trolls/.
https://betanews.com/2020/04/08/zoom-account-credentials-dark-web/
Tomi Engdahl says:
Microsoft: No surge in malicious attacks, only more COVID-19 lures
https://www.bleepingcomputer.com/news/security/microsoft-no-surge-in-malicious-attacks-only-more-covid-19-lures/
“Attackers dont suddenly have more resources theyre diverting towards
tricking users; instead, theyre pivoting their existing
infrastructure, like ransomware, phishing, and other malware delivery
tools, to include COVID-19 keywords that get us to click,” Microsoft
365 Security Corporate Vice President Rob Lefferts said.. Also
https://www.microsoft.com/security/blog/2020/04/08/microsoft-shares-new-threat-intelligence-security-guidance-during-global-crisis/
Tomi Engdahl says:
Fingerprint cloning: Myth or reality?
https://blog.talosintelligence.com/2020/04/fingerprint-research.html
Our tests showed that on average we achieved an ~80 percent success
rate while using the fake fingerprints, where the sensors were
bypassed at least once. Reaching this success rate was difficult and
tedious work. We found several obstacles and limitations related to
scaling and material physical properties. Even so, this level of
success rate means that we have a very high probability of . unlocking
any of the tested devices before it falls back into the pin unlocking.
The results show fingerprints are good enough to protect the average
person’s privacy if they lose their phone. However, a person that is
likely to be targeted by a well-funded and motivated actor should not
use fingerprint authentication.
Tomi Engdahl says:
Antivirus for GPS spoofing and other vulnerabilities
https://www.zdnet.com/article/an-antivirus-for-gps-spoofing-and-other-vulnerabilities/
The Regulus system is a software solution that uses machine learning
to detect spoofing and defend any GNSS receiver, device, or chipset
against it. GPS spoofing attacks are becoming more common and are
often very difficult to detect and protect against.
Tomi Engdahl says:
Domain name registrar suspends 600 suspicious coronavirus websites
https://www.zdnet.com/article/domain-name-registrar-suspends-600-suspicious-coronavirus-websites/
The UK’s domain name registrar Nominet, which manages the launch of
.uk websites, is stepping up efforts to tackle the proliferation of
sites dedicated to scamming the public, for example by selling fake
vaccines, protective equipment and frauds remedies to the COVID-19
virus. . Rather than taking down domains after they have been reported
as malicious, the organization has implemented more radical measures
to stop these sites appearing in the first place, with extra scrutiny
of websites names containing “coronavirus”, “covid”, or other selected
terms related to the pandemic.. It is only once the organization has
established that the website is legitimate that the domain name will
be able to resolve. Eleanor Bradley, head of registry domains at
Nominet, told ZDNet that about 600 names have been suspended so far.
Tomi Engdahl says:
How an Attacker Could Use Instance Metadata to Breach Your App in AWS
https://www.mcafee.com/blogs/enterprise/cloud-security/how-an-attacker-could-use-instance-metadata-to-breach-your-app-in-aws/
All cloud providers have capabilities to manage credentials for
resources in your cloud-native applications. When used correctly,
these capabilities allow you to avoid storing credentials in the
clear, or in a source code repository. In AWS, the Instance Metadata
Service (IMDS) makes information about a compute instance, its
network, and storage available to software running on the instance.
IMDS . also makes temporary, frequently rotated credentials available
for any IAM role attached to the instance. IAM roles attached to an
instance may for example, define that the instance and software
running on it can access data in S3 storage buckets.
Tomi Engdahl says:
An Elite Spy Group Used 5 Zero-Days to Hack North Koreans
https://www.wired.com/story/north-korea-hacking-zero-days-google/
Cybersecurity researchers at Google’s Threat Analysis Group revealed
on Thursday that an unnamed group of hackers used no fewer than five
zero-day vulnerabilities, or secret hackable flaws in software, to
target North Koreans and North Korea-focused professionals in 2019. .
Also
https://blog.google/technology/safety-security/threat-analysis-group/identifying-vulnerabilities-and-protecting-you-phishing/
Tomi Engdahl says:
Microsoft and Google postpone insecure authentication removal
https://www.bleepingcomputer.com/news/security/microsoft-and-google-postpone-insecure-authentication-removal/
Microsoft says that Basic Authentication’s removal from Exchange
Online is being postponed until the second half of 2021 due to the
current situation created by the COVID-19 pandemic.. While Google also
announced in December 2019 that it will block less secure apps (LSAs)
from accessing G Suite accounts’ data starting in February 2021, the
company now says that the LSA turn-off is put on hold until further
notice.
Tomi Engdahl says:
Thomas Brewster / Forbes:
UK’s NCSC and US DHS publish a list of 2,500 COVID-19-related threats they are tracking, including malicious websites and email addresses linked to scams — If you weren’t already taking the rise of coronavirus-based cybercrime seriously, take note. A rare joint alert has gone out from U.S …
https://www.forbes.com/sites/thomasbrewster/2020/04/08/government-warning-these-2500-covid-19-websites-pose-a-threat-to-your-online-safety/
Tomi Engdahl says:
Dave Gershgorn / OneZero :
Many US government and banking systems still use a 60-year-old COBOL, which makes it hard to find programmers to fix the systems when they break under pressure — Retired engineers are coming to the rescue — ver the weekend, New Jersey governor, Phil Murphy, made an unusual public plea during …
Our Government Runs on a 60-Year-Old Coding Language, and Now It’s Falling Apart
Retired engineers are coming to the rescue
https://onezero.medium.com/our-government-runs-on-a-60-year-old-coding-language-and-now-its-falling-apart-61ec0bc8e121
Tomi Engdahl says:
Talos Blog:
Cisco’s Talos security group finds fingerprint scanners from Apple, Microsoft, Samsung, and others can be bypassed by fake fingerprints made with 3D printing — Phone, computer fingerprint scanners can be defeated with 3-D printing — By Paul Rascagneres and Vitor Ventura.
Fingerprint cloning: Myth or reality?
https://blog.talosintelligence.com/2020/04/fingerprint-research.html
Cisco Research Shows High Success Rate in Bypassing Fingerprint Authentication
https://www.securityweek.com/cisco-research-shows-high-success-rate-bypassing-fingerprint-authentication
Cisco has conducted a research project on bypassing fingerprint authentication systems and it achieved a success rate of roughly 80 percent, but the company’s experts were unsuccessful against Windows devices.
Tomi Engdahl says:
Attacking the Organism: Telecom Service Providers
https://www.securityweek.com/attacking-organism-telecom-service-providers
Securing the Massive Netwoks of Telecom Service Providers is a Major Challenge and Becoming More Complex
Service providers and telecom carriers form the backbone of communications and commerce in modern economies. Their networks and cell towers deliver the internet itself—and everything that depends on it—to homes, businesses and mobile devices all over the world. And the complexity involved in doing so creates enormous security challenges.
Major telecom companies provide the back-end datacenters, backhaul networks and cell towers to deliver connectivity all the way to your individual device and the array of applications on it. They also offer many of the storefronts that put manufacturers’ devices into your hands in the first place.
Much has been said of the explosion of applications now driving everything from power grids to Pokemon, but it’s this pervasive global industry that provides the connective tissue for all those billions of end points. An average smartphone may have several dozen applications on it. The potential for backdoors in applications and devices can create even more challenges.
Tomi Engdahl says:
Accenture Acquires Critical Infrastructure Protection Firm Revolutionary Security
https://www.securityweek.com/accenture-acquires-critical-infrastructure-protection-firm-revolutionary-security
Tomi Engdahl says:
China-Linked Hackers Systematically Targeted Linux Servers for Years
https://www.securityweek.com/china-linked-hackers-systematically-targeted-linux-servers-years
Hackers Operating in the Interest of the Chinese Government Systematically Targeted Linux Servers, Windows Systems and Mobile Devices
Activity associated with five cyber-espionage groups acting in the interest of the Chinese government remained undetected for almost a decade, security researchers at BlackBerry say.
Successfully conducting cross-platform attacks targeting Linux, Windows and Android devices, the adversaries have been engaged in both financially motivated and targeted espionage attacks. The hackers are likely civilian contractors working in the interest of the Chinese government, BlackBerry believes.
The attackers “readily share tools, techniques, infrastructure, and targeting information with one another and their government counterparts. This reflects a highly agile government/contractor ecosystem,” the security researchers explain in a new report (PDF).
https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-decade-of-the-rats.pdf
Tomi Engdahl says:
BlackBerry uncovers hacker tools that it says opened data servers for a decade
https://www.ctvnews.ca/mobile/sci-tech/blackberry-uncovers-hacker-tools-that-it-says-opened-data-servers-for-a-decade-1.4887770
BlackBerry Ltd. says its researchers have uncovered how China-backed hackers have been able to extract data from many of the world’s servers for a decade — largely without being noticed by cyber security.
It says the tactics give the hackers the ability to extract information from huge amounts of valuable data from computers using the Linux operating system, which is used on most of the world’s web servers and cloud servers.
https://www.blackberry.com/us/en/forms/enterprise/mobile-malware-report
Tomi Engdahl says:
Zoom: Every security issue uncovered in the video chat app
https://www.cnet.com/news/zoom-every-security-issue-uncovered-in-the-video-chat-app/#ftag=COS-05-10aaa0i
Here’s a timeline of Zoom’s rapid rise and the security problems that have come to light.
Tomi Engdahl says:
NSO Group Disclose Facebook’s Secret Attempt To Buy Their Pegasus Spyware
https://latesthackingnews.com/2020/04/09/nso-group-disclose-facebooks-secret-attempt-to-buy-their-pegasus-spyware/
Facebook and NSO have made it into the news due to a feud that has been going on for months. Following Facebook’s lawsuit, NSO now discloses Facebook’s secret attempt of spying. As revealed, Facebook had previously attempted to buy NSO’s Pegasus spyware to spy on users.
Attribution link: https://latesthackingnews.com/2020/04/09/nso-group-disclose-facebooks-secret-attempt-to-buy-their-pegasus-spyware/
Tomi Engdahl says:
Piracy and File-Sharing Traffic Surges Amidst Covid-19 Crisis
https://torrentfreak.com/piracy-and-filesharing-traffic-surges-amidst-covid-19-crisis-200408/
Hundreds of millions of people are being asked to stay home during the coronavirus pandemic. This is having a widespread effect on worldwide consumption habits including Internet usage. New data obtained by TorrentFreak suggests that there has been a surge in global file-sharing traffic as well as an increased number of visitors to pirate sites.
Tomi Engdahl says:
Do These 4 Things To Keep Hackers Out Of Your Zoom Call
https://www.forbes.com/sites/anthonykarcz/2020/03/29/do-these-4-things-to-keep-hackers-out-of-your-zoom-call/#
Tomi Engdahl says:
Meet dark_nexus, quite possibly the most potent IoT botnet ever
Newly discovered botnet could be coming to a network-connected device near you.
https://arstechnica.com/information-technology/2020/04/meet-dark_nexus-quite-possibly-the-most-potent-iot-botnet-ever/
A newly discovered botnet that preys on home routers, video recorders, and other network-connected devices is one of the most advanced Internet-of-things platforms ever seen, researchers said on Wednesday. Its list of advanced features includes the ability to disguise malicious traffic as benign, maintain persistence, and infect devices that run on at least 12 different CPUs.
Tomi Engdahl says:
Facebook just filed a lawsuit against a software engineer who it says was helping scammers dodge its ad-review system and post ads related to coronavirus, cryptocurrency and diet pills
https://trib.al/UoUqcE5
Facebook announced that it filed a lawsuit against the founder of a company called LeadCloak on Thursday, alleging that it was helping coronavirus scammers run deceptive ads on Facebook and Instagram by selling “cloaking” software to them.
Cloaking fools ad-review systems by showing a website displaying a product that would not raise flags while users would see an entirely different website that could violate Facebook’s guidelines, the company said.
Facebook alleges that LeadCloak software had been used by scammers related to coronavirus, cryptocurrency, pharmaceuticals, diet pills, and fake news pages. It did not provide a dollar amount related to the number of ads that had run on the platform.
Tomi Engdahl says:
Suspecting Cyber Attack, MSC Reports Network Outage – Update
https://gcaptain.com/msc-reports-network-outage-cyber-attack-cannot-be-ruled-out/
Mediterranean Shipping Company says it has experienced a network outage and it cannot rule out the possibility of a cyber attack, the company said Friday.
The outage began in one of MSC’s data centers in Geneva, Switzerland and the company shut down its servers in response. In an update late Friday, the company said the issue only concerns its headquarters in Geneva.
Swiss-based Mediterranean Shipping Company is the second largest container shipping line, controlling 571 ships representing 16% share of the world’s TEU capacity. It also participates in the 2M Alliance with Maersk, the world’s leading container line.
Tomi Engdahl says:
Google has banned the Zoom app from all employee computers over ‘security vulnerabilities’
https://www.businessinsider.com/google-bans-zoom-from-employee-computers-due-to-security-concerns-2020-4
Tomi Engdahl says:
Attackers can bypass fingerprint authentication with an ~80% success rate
Fingerprint-based authentication is fine for most people, but it’s hardly foolproof.
https://arstechnica.com/information-technology/2020/04/attackers-can-bypass-fingerprint-authentication-with-an-80-success-rate/
Tomi Engdahl says:
https://www.digitalshadows.com/blog-and-research/how-cybercriminals-are-taking-advantage-of-covid-19-scams-fraud-misinformation/
Tomi Engdahl says:
‘Unkillable’ Android malware gives hackers full remote access to your phone
https://www.techradar.com/news/beware-the-unkillable-android-malware-lurking-on-third-party-app-stores
Tomi Engdahl says:
https://nakedsecurity.sophos.com/2020/04/07/thousands-of-android-apps-contain-undocumented-backdoors-study-finds/
Tomi Engdahl says:
How we abused Slack’s TURN servers to gain access to internal services
https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/
Tomi Engdahl says:
https://www.schneier.com/blog/archives/2020/04/microsoft_buys_.html
Tomi Engdahl says:
PayPal and Venmo Are Letting SIM Swappers Hijack Accounts
Even after being warned by researchers, some companies still haven’t fixed systems that make it easy for hackers to take over accounts.
https://www.vice.com/en_us/article/pke9zk/paypal-and-venmo-are-letting-sim-swappers-hijack-accounts
Earlier this year, researchers at Princeton University found 17 major companies, among them Amazon, Paypal, Venmo, Blizzard, Adobe, eBay, Snapchat, and Yahoo, allowed users to reset their passwords via text message sent to a phone number associated with their accounts. This means that if a hacker takes control of a victim’s cellphone number via a common and tragically easy to perform hack known as SIM swapping, they can then hack into the victim’s online accounts with these apps and websites.
“Going through the dataset I actually didn’t expect to find much, and then I didn’t expect to find these huge websites to have this sort of issue,” Kevin Lee, the lead researcher on the study, told Motherboard.
“Many of them didn’t understand that this was an issue with their authentication policies,” Lee said. “Many of them were saying ‘well this is an issue with the carriers and not us.’”
Tomi Engdahl says:
“Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are compiled into lists that are sold to other hackers.
Some of the Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.”
[https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/](https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/)
Tomi Engdahl says:
5G Virus Conspiracy Theory Fueled by Coordinated Effort
https://www.bloomberg.com/news/articles/2020-04-09/covid-19-link-to-5g-technology-fueled-by-coordinated-effort
Marc Owen Jones, a researcher at Hamad bin Khalifa University in
Qatar, who specializes in online disinformation networks, analyzed
22,000 recent interactions on Twitter mentioning 5G and corona, and
said he found a large number of accounts displaying what he termed
inauthentic activity. He said the effort bears some hallmarks of a
state-backed campaign.
Tomi Engdahl says:
Ever needed a Zoom password? Probably not. But why not?
https://www.welivesecurity.com/2020/04/09/ever-needed-zoom-password-probably-not-why/
With Zoom and Zoom-bombing being all the rage, heres why the apps
default password settings may be leaving the backdoor wide open
Tomi Engdahl says:
Unique P2P Architecture Gives DDG Botnet Unstoppable Status
https://threatpost.com/p2p-ddg-botnet-unstoppable/154650/
DDG might be the worlds first P2P-based cryptomining botnet.
Tomi Engdahl says:
The Sandboxie Windows sandbox isolation tool is now open-source!
https://www.bleepingcomputer.com/news/software/the-sandboxie-windows-sandbox-isolation-tool-is-now-open-source/
Cybersecurity firm Sophos announced today that it has open-sourced the
Sandboxie Windows sandbox-based isolation utility 15 years after it
was released.