Election Systems Under Attack via Microsoft Zerologon Exploits
Cybercriminals are chaining Microsoft's Zerologon flaw with other exploits in order to infiltrate government systems, putting election systems at risk, a new CISA and FBI advisory warns.
Source: Threadpost
Authentication Bug Opens Android Smart-TV Box to Data Theft
The streaming box allows arbitrary code execution as root, paving the way to pilfering social-media tokens, passwords, messaging history and more.
Source: Threadpost
TrickBot Takedown Disrupts Major Crimeware Apparatus
Microsoft and partners went after the botnet using a copyright infringement tactic and hunting down C2 servers.
Source: Threadpost
Office 365: A Favorite for Cyberattack Persistence
Bad actors are leveraging legitimate services and tools within Microsoft's productivity suite to launch cyberattacks on COVID-19 stay-at-home workers, new research finds.
Source: Threadpost
Ransomware Attackers Buy Network Access in Cyberattack Shortcut
Network access to various industries is being offered in underground forums at as little as $300 a pop - and researchers warn that ransomware groups like Maze and NetWalker could be...
Fitbit Spyware Steals Personal Data via Watch Face
Immersive Labs Researcher takes advantage of lax Fitbit privacy controls to build a malicious spyware watch face.
Source: Threadpost
Sophisticated Android Ransomware Executes with the Home Button
The malware also has a unique machine-learning module.
Source: Threadpost
Facebook Debuts Bug-Bounty ‘Loyalty Program’
Facebook bounty hunters will be placed into tiers by analyzing their score, signal and number of submitted bug reports -- which will dictate new bonus percentages.
Source: Threadpost
Wormable Apple iCloud Bug Allows Automatic Photo Theft
Ethical hackers so far have earned nearly $300K in payouts from the Apple bug-bounty program for discovering 55 bugs, 11 of them critical, during a three-month hack.
Source: Threadpost
RAINBOWMIX Apps in Google Play Serve Up Millions of Ad Fraud Victims
Collectively, 240 fraudulent Android apps -- masquerading as retro game emulators -- account for 14 million installs.
Source: Threadpost