Breach CVE Cyber Security Malware Phishing Vulnerability

Zoom under scrutiny, Phishing campaigns evade Office 365 ATPs, Wiper targets Windows, and more

Major cybersecurity events on 1st April 2020: Two Zoom zero-day vulnerabilities could allow root privileges to attackers. Windows vulnerability, SMBGhost, exploited for local privilege escalation. Wiper malware dubbed “Coronavirus” render disks unusable. Phishing emails lure victims with financial relief for Coronavirus.

Round Up of Major Breaches and Scams

Cybersecurity warning: These scammers are looking for a way into your email accounts

Business email compromise (BEC) attacks have more than doubled in the past year as cyber criminals try to use their email scams against big businesses. This form of cyber crime is often based around scammers pretending to be someone known to the victim – a colleague, a contractor, or maybe even their boss – and asking for a large sum of money to be transferred, often under the guise of a business deal or payment.

Top email protections fail in latest COVID-19 phishing campaign

Threat actors continue to capitalize on fears surrounding the spread of the COVID-19 virus through a surge in new phishing campaigns that use spoofing tactics to effectively evade Proofpoint and Microsoft Office 365 advanced threat protections (ATPs), researchers have found. An effective spoofing campaign promises users important information about new coronavirus cases in their local area, scooting past Proofpoint and Microsoft Office 356 ATPs.

Coronavirus ‘financial relief’ phishing attacks spike

Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic. A spate of phishing attacks have promised financial relief due to the coronavirus pandemic – but in reality swiped victims’ credentials, payment card data and more.

Round Up of Major Malware and Ransomware Incidents

Wiper malware called “Coronavirus” spreads among Windows victims

A new Windows malware has emerged that makes disks unusable by overwriting the master boot record (MBR). It takes its cue from the COVID-19 pandemic, calling itself simply “Coronavirus.” Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that caused widespread, global financial damage.

Round Up of Major Vulnerabilities and Patches

OpenWRT code-execution bug puts millions of devices at risk

For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said.

SMBGhost vulnerability allows privilege escalation on Windows systems

Researchers have published proof-of-concept (PoC) exploits to demonstrate that the Windows vulnerability tracked as SMBGhost and CVE-2020-0796 can be exploited for local privilege escalation. Microsoft says the vulnerability, which it patched on March 12 with an out-of-band update, can be exploited for remote code execution on SMB clients and servers. The critical flaw, described as “wormable” and related to the way SMB 3.1.1 handles certain requests, affects Windows 10 and Windows Server versions 1903 and 1909.

Patch released for Linux kernel vulnerability disclosed at hacking contest

A patch has been released for a Linux kernel vulnerability that a researcher used at the recent Pwn2Own 2020 hacking competition to escalate privileges to root on Ubuntu Desktop.

Two Zoom zero-day flaws uncovered

Two zero-day flaws have been uncovered in Zoom’s macOS client version, according to researchers. The web conferencing platform vulnerabilities could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera.