Cyber Security News April 2020

This posting is here to collect cyber security news in April 2020.

I post links to security vulnerability news with short descriptions to comments section of this article.

If you are interested in cyber security trends, read my Cyber security trends 2020 posting.

You are also free to post related links to comments.

218 Comments

  1. Tomi Engdahl says:

    Critical Vulnerable Found In WordPress Search Engine Optimisation (WSEO) Which Cloud Lock Admin Out
    https://www.hackers-review.tech/2020/04/critical-vulnerable-found-in-wordpress.html

    The WordPress plugin (search engine optimization) vulnerabilities, OR Rank Math has they called it allow remote cyber criminals, according to researchers, to increase their privileges and install malicious redirects on a target Website online. It’s a plugin for WordPress with over 200,000 installs.

    One of all the flaws (10 out of 10 on the CVSSv3 vulnerability scale) in accordance with the researchers with Wordfence are significant.

    Reply
  2. Tomi Engdahl says:

    Hackers ‘without conscience’ demand ransom from dozens of hospitals and labs working on coronavirus
    https://fortune.com/2020/04/01/hackers-ransomware-hospitals-labs-coronavirus/

    Reply
  3. Tomi Engdahl says:

    DarkHotel hackers use VPN zero-day to breach Chinese government agencies
    https://www.zdnet.com/article/darkhotel-hackers-use-vpn-zero-day-to-compromise-chinese-government-agencies/

    Targets included government agencies in Beijing and Shanghai and Chinese diplomatic missions abroad.

    Reply
  4. Tomi Engdahl says:

    8,000 Unprotected Redis Instances Accessible From Internet
    https://www.securityweek.com/8000-unprotected-redis-instances-accessible-internet

    Trend Micro’s security researchers discovered roughly 8,000 unsecured Redis instances that were exposed to anyone with an Internet connection.

    Spread all over the world, the unsecured instances were found to lack Transport Layer Security (TLS) encryption and without any password protection. Some of these instances were even deployed in public clouds.

    An open source, in-memory data structure store, Redis (Remote Dictionary Server) was designed for use within trusted environments. Thus, if left unsecured and Internet-accessible, Redis instances are prone to all kinds of abuse, including SQL injections, cross-site scripting attacks, and even remote code execution.

    Reply
  5. Tomi Engdahl says:

    Pre-Installed Utility Renders HP Computers Vulnerable to Attacks
    https://www.securityweek.com/pre-installed-utility-renders-hp-computers-vulnerable-attacks

    A security researcher discovered multiple vulnerabilities in HP Support Assistant, a utility pre-installed on all HP computers sold after October 2012.

    Pre-loaded on computers running Windows 7, Windows 8, and Windows 10, the tool was found to be impacted by ten vulnerabilities, including five local privilege escalation flaws, two arbitrary file deletion bugs, and three remote code execution bugs.

    When launched, the utility starts hosting a “service interface” that exposes over 250 different functions to the client. The contract interface is exposed to the local system and clients connect to it through a specific pipe, security researcher Bill Demirkapi explains.

    Several Critical Vulnerabilities on most HP machines running Windows
    https://d4stiny.github.io/Several-Critical-Vulnerabilities-on-most-HP-machines-running-Windows/

    Reply
  6. Tomi Engdahl says:

    Attacks Simultaneously Exploiting Vulnerability in IE (CVE-2020-0674)
    and Firefox (CVE-2019-17026)
    https://blogs.jpcert.or.jp/en/2020/04/ie-firefox-0day.html
    On 8 January 2020, Mozilla released an advisory regarding a
    vulnerability in Firefox. On 17 January, Microsoft reported that 0-day
    attacks exploiting a vulnerability in Internet Explorer (IE) had been
    seen in the wild. JPCERT/CC confirmed attacks exploiting both
    vulnerabilities at once and issued a security alert.. This article
    explains the details of these attacks.

    Reply
  7. Tomi Engdahl says:

    Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?
    https://threatpost.com/beyond-zoom-safe-slack-collaboration-apps/154446/
    As the coronavirus pandemic continues to worsen, remote-collaboration
    platforms now fixtures in many workers new normal are facing more
    scrutiny. Popular video-conferencing app Zoom may currently be in the
    cybersecurity hot seat, but other collaboration tools, such as Slack,
    Trello, WebEx and Microsoft Teams, are certainly not immune from
    cybercriminal attention.

    Reply
  8. Tomi Engdahl says:

    NASA sees an exponential jump in malware attacks as personnel work
    from home
    https://arstechnica.com/information-technology/2020/04/nasa-sees-an-exponential-jump-in-malware-attacks-as-personnel-work-from-home/
    NASA has experienced an exponential increase in malware attacks and a
    doubling of agency devices trying to access malicious sites in the
    past few days as personnel work from home, the space agencys Office of
    the Chief Information Officer said on Monday.

    Reply
  9. Tomi Engdahl says:

    80% of all exposed Exchange servers still unpatched for critical flaw
    https://www.bleepingcomputer.com/news/security/80-percent-of-all-exposed-exchange-servers-still-unpatched-for-critical-flaw/
    Starting March 24, Rapid7 used its Project Sonar internet-wide survey
    tool to discover all publicly-facing Exchange servers on the Internet
    and the numbers are grim.. As they found, “at least 357,629 (82.5%) of
    the 433,464 Exchange servers” are still vulnerable to attacks that
    would exploit the CVE-2020-0688 vulnerability.

    Reply
  10. Tomi Engdahl says:

    Trusting Zoom?
    https://www.cs.columbia.edu/~smb/blog/2020-04/2020-04-06.html
    Since the world went virtual, often by using Zoom, several people have
    asked me if I use it, and if so, do I use their app or their web
    interface. If I do use it, isn’t this odd, given that I’ve been doing
    security and privacy work for more than 30 years and everyone knows
    that Zoom is a security disaster?. Also
    https://www.sans.org/webcasts/zomg-its-zoom-114670

    Reply
  11. Tomi Engdahl says:

    Official Government COVID-19 Mobile Apps Hide a Raft of Threats
    https://threatpost.com/official-government-covid-19-apps-threats/154512/
    Security researchers at the ZeroFOX Alpha Team have uncovered various
    privacy concerns and security vulnerabilities including a backdoor in
    various apps. The apps are either created and endorsed by countries or
    invented as one-offs by threat actors to take advantage of the current
    pandemic, according to a blog post published Monday.. Original at
    https://www.zerofox.com/blog/covid-19-mobile-apps/. Also
    https://www.androidcentral.com/google-nukes-all-coronavirus-android-apps-play-store
    https://www.cnbc.com/2020/03/05/apple-rejects-coronavirus-apps-that-arent-from-health-organizations.html

    Reply
  12. Tomi Engdahl says:

    Decade of the RATs: Novel APT Attacks Targeting Linux, Windows and
    Android
    https://blogs.blackberry.com/en/2020/04/decade-of-the-rats
    BlackBerry researchers have released a new report that examines how
    five related APT groups operating in the interest of the Chinese
    government have systematically targeted Linux servers, Windows systems
    and Android mobile devices while remaining undetected for nearly a
    decade.. Report at
    https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-decade-of-the-rats.pdf

    Reply
  13. Tomi Engdahl says:

    COVID-19 Exploited by Malicious Cyber Actors
    https://www.us-cert.gov/ncas/alerts/aa20-099a
    This alert provides information on exploitation by cybercriminal and
    advanced persistent threat (APT) groups of the current coronavirus
    disease 2019 (COVID-19) global pandemic. It includes a non-exhaustive
    list of indicators of compromise (IOCs) for detection as well as
    mitigation advice.. This is a joint alert from the United States
    Department of Homeland Security (DHS) Cybersecurity and Infrastructure
    Security Agency (CISA) and the United Kingdoms National Cyber Security
    Centre (NCSC).

    Reply
  14. Tomi Engdahl says:

    Introducing our new book Building Secure and Reliable Systems
    https://security.googleblog.com/2020/04/introducing-our-new-book-building.html
    For good reasons, enterprise security teams have largely focused on
    confidentiality. However, organizations often recognize data integrity
    and availability to be equally important, and address these areas with
    different teams and different controls. . The SRE function is a
    best-in-class approach to reliability. However, it also plays a role
    in the real-time detection of and response to technical
    issuesincluding security- related attacks on privileged access or
    sensitive data. Ultimately, while engineering teams are often
    organizationally separated according to specialized skill sets, they
    have a common goal: ensuring the quality and safety . of the system or
    application.

    Reply
  15. Tomi Engdahl says:

    Zoom removes meeting IDs from client title bar to boost security
    https://www.bleepingcomputer.com/news/software/zoom-removes-meeting-ids-from-client-title-bar-to-boost-security/
    A new update to the Zoom client has been released that removes the
    meeting ID from the title bar when conducting meetings to increase
    security and to prevent them from being exposed in screenshots.. Other
    Zoom-related news at
    https://www.bleepingcomputer.com/news/security/zoom-creates-council-of-cisos-to-solve-security-privacy-issues/
    https://www.zdnet.com/article/google-heres-how-google-meet-beats-zoombombing-trolls/.
    https://betanews.com/2020/04/08/zoom-account-credentials-dark-web/

    Reply
  16. Tomi Engdahl says:

    Microsoft: No surge in malicious attacks, only more COVID-19 lures
    https://www.bleepingcomputer.com/news/security/microsoft-no-surge-in-malicious-attacks-only-more-covid-19-lures/
    “Attackers dont suddenly have more resources theyre diverting towards
    tricking users; instead, theyre pivoting their existing
    infrastructure, like ransomware, phishing, and other malware delivery
    tools, to include COVID-19 keywords that get us to click,” Microsoft
    365 Security Corporate Vice President Rob Lefferts said.. Also
    https://www.microsoft.com/security/blog/2020/04/08/microsoft-shares-new-threat-intelligence-security-guidance-during-global-crisis/

    Reply
  17. Tomi Engdahl says:

    Fingerprint cloning: Myth or reality?
    https://blog.talosintelligence.com/2020/04/fingerprint-research.html
    Our tests showed that on average we achieved an ~80 percent success
    rate while using the fake fingerprints, where the sensors were
    bypassed at least once. Reaching this success rate was difficult and
    tedious work. We found several obstacles and limitations related to
    scaling and material physical properties. Even so, this level of
    success rate means that we have a very high probability of . unlocking
    any of the tested devices before it falls back into the pin unlocking.
    The results show fingerprints are good enough to protect the average
    person’s privacy if they lose their phone. However, a person that is
    likely to be targeted by a well-funded and motivated actor should not
    use fingerprint authentication.

    Reply
  18. Tomi Engdahl says:

    Antivirus for GPS spoofing and other vulnerabilities
    https://www.zdnet.com/article/an-antivirus-for-gps-spoofing-and-other-vulnerabilities/
    The Regulus system is a software solution that uses machine learning
    to detect spoofing and defend any GNSS receiver, device, or chipset
    against it. GPS spoofing attacks are becoming more common and are
    often very difficult to detect and protect against.

    Reply
  19. Tomi Engdahl says:

    Domain name registrar suspends 600 suspicious coronavirus websites
    https://www.zdnet.com/article/domain-name-registrar-suspends-600-suspicious-coronavirus-websites/
    The UK’s domain name registrar Nominet, which manages the launch of
    .uk websites, is stepping up efforts to tackle the proliferation of
    sites dedicated to scamming the public, for example by selling fake
    vaccines, protective equipment and frauds remedies to the COVID-19
    virus. . Rather than taking down domains after they have been reported
    as malicious, the organization has implemented more radical measures
    to stop these sites appearing in the first place, with extra scrutiny
    of websites names containing “coronavirus”, “covid”, or other selected
    terms related to the pandemic.. It is only once the organization has
    established that the website is legitimate that the domain name will
    be able to resolve. Eleanor Bradley, head of registry domains at
    Nominet, told ZDNet that about 600 names have been suspended so far.

    Reply
  20. Tomi Engdahl says:

    How an Attacker Could Use Instance Metadata to Breach Your App in AWS
    https://www.mcafee.com/blogs/enterprise/cloud-security/how-an-attacker-could-use-instance-metadata-to-breach-your-app-in-aws/
    All cloud providers have capabilities to manage credentials for
    resources in your cloud-native applications. When used correctly,
    these capabilities allow you to avoid storing credentials in the
    clear, or in a source code repository. In AWS, the Instance Metadata
    Service (IMDS) makes information about a compute instance, its
    network, and storage available to software running on the instance.
    IMDS . also makes temporary, frequently rotated credentials available
    for any IAM role attached to the instance. IAM roles attached to an
    instance may for example, define that the instance and software
    running on it can access data in S3 storage buckets.

    Reply
  21. Tomi Engdahl says:

    An Elite Spy Group Used 5 Zero-Days to Hack North Koreans
    https://www.wired.com/story/north-korea-hacking-zero-days-google/
    Cybersecurity researchers at Google’s Threat Analysis Group revealed
    on Thursday that an unnamed group of hackers used no fewer than five
    zero-day vulnerabilities, or secret hackable flaws in software, to
    target North Koreans and North Korea-focused professionals in 2019. .
    Also
    https://blog.google/technology/safety-security/threat-analysis-group/identifying-vulnerabilities-and-protecting-you-phishing/

    Reply
  22. Tomi Engdahl says:

    Microsoft and Google postpone insecure authentication removal
    https://www.bleepingcomputer.com/news/security/microsoft-and-google-postpone-insecure-authentication-removal/
    Microsoft says that Basic Authentication’s removal from Exchange
    Online is being postponed until the second half of 2021 due to the
    current situation created by the COVID-19 pandemic.. While Google also
    announced in December 2019 that it will block less secure apps (LSAs)
    from accessing G Suite accounts’ data starting in February 2021, the
    company now says that the LSA turn-off is put on hold until further
    notice.

    Reply
  23. Tomi Engdahl says:

    Thomas Brewster / Forbes:
    UK’s NCSC and US DHS publish a list of 2,500 COVID-19-related threats they are tracking, including malicious websites and email addresses linked to scams — If you weren’t already taking the rise of coronavirus-based cybercrime seriously, take note. A rare joint alert has gone out from U.S …
    https://www.forbes.com/sites/thomasbrewster/2020/04/08/government-warning-these-2500-covid-19-websites-pose-a-threat-to-your-online-safety/

    Reply
  24. Tomi Engdahl says:

    Dave Gershgorn / OneZero :
    Many US government and banking systems still use a 60-year-old COBOL, which makes it hard to find programmers to fix the systems when they break under pressure — Retired engineers are coming to the rescue — ver the weekend, New Jersey governor, Phil Murphy, made an unusual public plea during …

    Our Government Runs on a 60-Year-Old Coding Language, and Now It’s Falling Apart
    Retired engineers are coming to the rescue
    https://onezero.medium.com/our-government-runs-on-a-60-year-old-coding-language-and-now-its-falling-apart-61ec0bc8e121

    Reply
  25. Tomi Engdahl says:

    Talos Blog:
    Cisco’s Talos security group finds fingerprint scanners from Apple, Microsoft, Samsung, and others can be bypassed by fake fingerprints made with 3D printing — Phone, computer fingerprint scanners can be defeated with 3-D printing — By Paul Rascagneres and Vitor Ventura.
    Fingerprint cloning: Myth or reality?
    https://blog.talosintelligence.com/2020/04/fingerprint-research.html

    Cisco Research Shows High Success Rate in Bypassing Fingerprint Authentication
    https://www.securityweek.com/cisco-research-shows-high-success-rate-bypassing-fingerprint-authentication

    Cisco has conducted a research project on bypassing fingerprint authentication systems and it achieved a success rate of roughly 80 percent, but the company’s experts were unsuccessful against Windows devices.

    Reply
  26. Tomi Engdahl says:

    Attacking the Organism: Telecom Service Providers
    https://www.securityweek.com/attacking-organism-telecom-service-providers

    Securing the Massive Netwoks of Telecom Service Providers is a Major Challenge and Becoming More Complex

    Service providers and telecom carriers form the backbone of communications and commerce in modern economies. Their networks and cell towers deliver the internet itself—and everything that depends on it—to homes, businesses and mobile devices all over the world. And the complexity involved in doing so creates enormous security challenges.

    Major telecom companies provide the back-end datacenters, backhaul networks and cell towers to deliver connectivity all the way to your individual device and the array of applications on it. They also offer many of the storefronts that put manufacturers’ devices into your hands in the first place.

    Much has been said of the explosion of applications now driving everything from power grids to Pokemon, but it’s this pervasive global industry that provides the connective tissue for all those billions of end points. An average smartphone may have several dozen applications on it. The potential for backdoors in applications and devices can create even more challenges.

    Reply
  27. Tomi Engdahl says:

    China-Linked Hackers Systematically Targeted Linux Servers for Years
    https://www.securityweek.com/china-linked-hackers-systematically-targeted-linux-servers-years

    Hackers Operating in the Interest of the Chinese Government Systematically Targeted Linux Servers, Windows Systems and Mobile Devices

    Activity associated with five cyber-espionage groups acting in the interest of the Chinese government remained undetected for almost a decade, security researchers at BlackBerry say.

    Successfully conducting cross-platform attacks targeting Linux, Windows and Android devices, the adversaries have been engaged in both financially motivated and targeted espionage attacks. The hackers are likely civilian contractors working in the interest of the Chinese government, BlackBerry believes.

    The attackers “readily share tools, techniques, infrastructure, and targeting information with one another and their government counterparts. This reflects a highly agile government/contractor ecosystem,” the security researchers explain in a new report (PDF).

    https://www.blackberry.com/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-bb-decade-of-the-rats.pdf

    Reply
  28. Tomi Engdahl says:

    BlackBerry uncovers hacker tools that it says opened data servers for a decade
    https://www.ctvnews.ca/mobile/sci-tech/blackberry-uncovers-hacker-tools-that-it-says-opened-data-servers-for-a-decade-1.4887770

    BlackBerry Ltd. says its researchers have uncovered how China-backed hackers have been able to extract data from many of the world’s servers for a decade — largely without being noticed by cyber security.

    It says the tactics give the hackers the ability to extract information from huge amounts of valuable data from computers using the Linux operating system, which is used on most of the world’s web servers and cloud servers.

    https://www.blackberry.com/us/en/forms/enterprise/mobile-malware-report

    Reply
  29. Tomi Engdahl says:

    Zoom: Every security issue uncovered in the video chat app
    https://www.cnet.com/news/zoom-every-security-issue-uncovered-in-the-video-chat-app/#ftag=COS-05-10aaa0i

    Here’s a timeline of Zoom’s rapid rise and the security problems that have come to light.

    Reply
  30. Tomi Engdahl says:

    NSO Group Disclose Facebook’s Secret Attempt To Buy Their Pegasus Spyware
    https://latesthackingnews.com/2020/04/09/nso-group-disclose-facebooks-secret-attempt-to-buy-their-pegasus-spyware/

    Facebook and NSO have made it into the news due to a feud that has been going on for months. Following Facebook’s lawsuit, NSO now discloses Facebook’s secret attempt of spying. As revealed, Facebook had previously attempted to buy NSO’s Pegasus spyware to spy on users.
    Attribution link: https://latesthackingnews.com/2020/04/09/nso-group-disclose-facebooks-secret-attempt-to-buy-their-pegasus-spyware/

    Reply
  31. Tomi Engdahl says:

    Piracy and File-Sharing Traffic Surges Amidst Covid-19 Crisis
    https://torrentfreak.com/piracy-and-filesharing-traffic-surges-amidst-covid-19-crisis-200408/

    Hundreds of millions of people are being asked to stay home during the coronavirus pandemic. This is having a widespread effect on worldwide consumption habits including Internet usage. New data obtained by TorrentFreak suggests that there has been a surge in global file-sharing traffic as well as an increased number of visitors to pirate sites.

    Reply
  32. Tomi Engdahl says:

    Meet dark_nexus, quite possibly the most potent IoT botnet ever
    Newly discovered botnet could be coming to a network-connected device near you.
    https://arstechnica.com/information-technology/2020/04/meet-dark_nexus-quite-possibly-the-most-potent-iot-botnet-ever/

    A newly discovered botnet that preys on home routers, video recorders, and other network-connected devices is one of the most advanced Internet-of-things platforms ever seen, researchers said on Wednesday. Its list of advanced features includes the ability to disguise malicious traffic as benign, maintain persistence, and infect devices that run on at least 12 different CPUs.

    Reply
  33. Tomi Engdahl says:

    Facebook just filed a lawsuit against a software engineer who it says was helping scammers dodge its ad-review system and post ads related to coronavirus, cryptocurrency and diet pills
    https://trib.al/UoUqcE5

    Facebook announced that it filed a lawsuit against the founder of a company called LeadCloak on Thursday, alleging that it was helping coronavirus scammers run deceptive ads on Facebook and Instagram by selling “cloaking” software to them.

    Cloaking fools ad-review systems by showing a website displaying a product that would not raise flags while users would see an entirely different website that could violate Facebook’s guidelines, the company said.

    Facebook alleges that LeadCloak software had been used by scammers related to coronavirus, cryptocurrency, pharmaceuticals, diet pills, and fake news pages. It did not provide a dollar amount related to the number of ads that had run on the platform.

    Reply
  34. Tomi Engdahl says:

    Suspecting Cyber Attack, MSC Reports Network Outage – Update
    https://gcaptain.com/msc-reports-network-outage-cyber-attack-cannot-be-ruled-out/

    Mediterranean Shipping Company says it has experienced a network outage and it cannot rule out the possibility of a cyber attack, the company said Friday.

    The outage began in one of MSC’s data centers in Geneva, Switzerland and the company shut down its servers in response. In an update late Friday, the company said the issue only concerns its headquarters in Geneva.

    Swiss-based Mediterranean Shipping Company is the second largest container shipping line, controlling 571 ships representing 16% share of the world’s TEU capacity. It also participates in the 2M Alliance with Maersk, the world’s leading container line.

    Reply
  35. Tomi Engdahl says:

    Google has banned the Zoom app from all employee computers over ‘security vulnerabilities’
    https://www.businessinsider.com/google-bans-zoom-from-employee-computers-due-to-security-concerns-2020-4

    Reply
  36. Tomi Engdahl says:

    Attackers can bypass fingerprint authentication with an ~80% success rate
    Fingerprint-based authentication is fine for most people, but it’s hardly foolproof.
    https://arstechnica.com/information-technology/2020/04/attackers-can-bypass-fingerprint-authentication-with-an-80-success-rate/

    Reply
  37. Tomi Engdahl says:

    How we abused Slack’s TURN servers to gain access to internal services
    https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/

    Reply
  38. Tomi Engdahl says:

    PayPal and Venmo Are Letting SIM Swappers Hijack Accounts
    Even after being warned by researchers, some companies still haven’t fixed systems that make it easy for hackers to take over accounts.
    https://www.vice.com/en_us/article/pke9zk/paypal-and-venmo-are-letting-sim-swappers-hijack-accounts

    Earlier this year, researchers at Princeton University found 17 major companies, among them Amazon, Paypal, Venmo, Blizzard, Adobe, eBay, Snapchat, and Yahoo, allowed users to reset their passwords via text message sent to a phone number associated with their accounts. This means that if a hacker takes control of a victim’s cellphone number via a common and tragically easy to perform hack known as SIM swapping, they can then hack into the victim’s online accounts with these apps and websites.

    “Going through the dataset I actually didn’t expect to find much, and then I didn’t expect to find these huge websites to have this sort of issue,” Kevin Lee, the lead researcher on the study, told Motherboard.

    “Many of them didn’t understand that this was an issue with their authentication policies,” Lee said. “Many of them were saying ‘well this is an issue with the carriers and not us.’”

    Reply
  39. Tomi Engdahl says:

    “Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.

    These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are compiled into lists that are sold to other hackers.

    Some of the Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.”

    [https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/](https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/)

    Reply
  40. Tomi Engdahl says:

    5G Virus Conspiracy Theory Fueled by Coordinated Effort
    https://www.bloomberg.com/news/articles/2020-04-09/covid-19-link-to-5g-technology-fueled-by-coordinated-effort
    Marc Owen Jones, a researcher at Hamad bin Khalifa University in
    Qatar, who specializes in online disinformation networks, analyzed
    22,000 recent interactions on Twitter mentioning 5G and corona, and
    said he found a large number of accounts displaying what he termed
    inauthentic activity. He said the effort bears some hallmarks of a
    state-backed campaign.

    Reply
  41. Tomi Engdahl says:

    Ever needed a Zoom password? Probably not. But why not?
    https://www.welivesecurity.com/2020/04/09/ever-needed-zoom-password-probably-not-why/
    With Zoom and Zoom-bombing being all the rage, heres why the apps
    default password settings may be leaving the backdoor wide open

    Reply
  42. Tomi Engdahl says:

    Unique P2P Architecture Gives DDG Botnet Unstoppable Status
    https://threatpost.com/p2p-ddg-botnet-unstoppable/154650/
    DDG might be the worlds first P2P-based cryptomining botnet.

    Reply
  43. Tomi Engdahl says:

    The Sandboxie Windows sandbox isolation tool is now open-source!
    https://www.bleepingcomputer.com/news/software/the-sandboxie-windows-sandbox-isolation-tool-is-now-open-source/
    Cybersecurity firm Sophos announced today that it has open-sourced the
    Sandboxie Windows sandbox-based isolation utility 15 years after it
    was released.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*