Windows Remote Desktop servers now used to amplify DDoS attacks
Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks. [...]
Author Archives: Sergiu Gatlan
DDoS booters use Windows Remote Desktop servers to amplify attacks
Windows Remote Desktop Protocol (RDP) servers are being abused as an amplification vector by DDoS-for-hire services (aka booters or stressers) to launch Distributed Denial of Service (DDoS) attacks. [...]
Microsoft Edge gets a password generator, leaked credentials monitor
Microsoft is rolling out a built-in password generator and a leaked credentials monitoring feature on Windows and macOS systems running the latest Microsoft Edge version. [...]
UK govt gives malware infected laptops to vulnerable students
Some of the laptops distributed by the UK Department for Education (DfE) to vulnerable students have been found to be infected with malware as reported by the BBC. [...]
QNAP warns users to secure NAS devices against Dovecat malware
QNAP urges customers to secure their network-attached storage (NAS) devices against an ongoing malware campaign that infects and exploits them to mine bitcoin without their knowledge. [...]
Microsoft shares how SolarWinds hackers evaded detection
Microsoft today shared details on how the SolarWinds hackers were able to remain undetected by hiding their malicious activity inside the networks of breached companies. [...]
Cisco fixes critical pre-auth bugs in SD-WAN, cloud license manager
Cisco has released security updates to address pre-auth remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software. [...]
Google Chrome now checks for weak passwords, helps fix them
Google has added a new feature to the Chrome web browser that will make it easier for users to check if their stored passwords are weak and easy to guess. [...]
Hacker leaks full database of 77 million Nitro PDF user records
A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free. [...]
Bugs in Signal, Facebook, Google chat apps let attackers spy on users
Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users' surroundings without permission before the person on the other end picked up the calls. [...]
Malwarebytes says SolarWinds hackers accessed its internal emails
Cybersecurity firm Malwarebytes today confirmed that the threat actor behind the SolarWinds supply-chain attack were able to gain access to some company emails. [...]
Interpol: Trading scammers lure love-struck victims via dating apps
The Interpol (International Criminal Police Organisation) warns of fraudsters targeting dating app users and attempting to trick them into investing through fake trading apps. [...]
DNSpooq bugs let attackers hijack DNS on millions of devices
Israel-based security consultancy firm JSOF disclosed today seven Dnsmasq vulnerabilities, collectively known as DNSpooq, that can be exploited to launch DNS cache poisoning, remote code execution, and denial-of-service attacks against millions of affected devices. [...]
Microsoft Defender to enable full auto-remediation by default
Microsoft will enable fully automated threat remediation by default for Microsoft Defender for Endpoint customers who have opted into public previews starting next month, on February 16, 2021. [...]
FBI warns of vishing attacks stealing corporate accounts
The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts and credentials for network access and privilege escalation from US and international-based employees. [...]
Google to kill Chrome Sync feature in third-party browsers
Google says that it will block third-party Chromium web browsers from using private Google APIs after discovering that they were integrating them although they're intended to be used only in Chrome. [...]
Hackers leaked altered Pfizer data to sabotage trust in vaccines
The European Medicines Agency (EMA) today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines. [...]
Scotland environmental regulator hit by ‘ongoing’ ransomware attack
The Scottish Environment Protection Agency confirmed on Thursday that some of its contact center, internal systems, processes and internal communications were affected following a ransomware attack that took place on Christmas Eve. [...]
Microsoft warns of incoming Windows Zerologon patch enforcement
Microsoft today warned admins that updates addressing the Windows Zerologon vulnerability will transition into the enforcement phase starting next month. [...]
Facebook sues makers of malicious Chrome extensions for scraping data
Facebook has taken legal action against the makers of malicious Chrome extensions used for scraping user-profiles and other information from Facebook's website and from users' systems without authorization. [...]
NSA advises companies to avoid third party DNS resolvers
The US National Security Agency (NSA) says that companies should avoid using third party DNS resolvers to block threat actors' DNS traffic eavesdropping and manipulation attempts and to block access to internal network information. [...]
Office January security updates fix remote code execution bugs
Microsoft addresses important severity remote code execution vulnerabilities affecting multiple Office products in the January 2021 Office security updates released during this month's Patch Tuesday. [...]