Between The Hacks

View Original

BTH News 05June2020

This Week In Cybersecurity

This week Between the Hacks reports on two critical vulnerabilities patched in Zoom, 80% of data breaches leverage compromised credentials, attackers are targeting your mobile device to get access to your company network, a 64 year-old man pleads guilty to business email compromise charges, and use HTTPS Everywhere to better secure your browsing.


Zoom Patches Two Critical Flaws

Cybersecurity researchers from Cisco Talos discovered two critical vulnerabilities in the Zoom software that could have allowed attackers to hack into the systems of group chat participants or an individual recipient remotely, reports The Hacker News.

Both vulnerabilities can be remotely exploited to execute malicious code on the systems running vulnerable versions of the Zoom video conferencing software.

Last month, Zoom patched both vulnerabilities so if you are a Zoom user, be sure you are running version 4.6.12 or later.


80% of Data breaches leverage compromised credentials

According to the Verizon’s Data Breach Investigations Report (DBIR), 80% of cyber-related data breaches are tied to passwords and according to a Symantec Internet Security Threat Report, 71% of successful targeted attacks involved a spear-phishing attack, reports Security Boulevard.

As frequently reported by Between The Hacks, phishing is still one of the most prevalent and successful tools in the cyber-criminal’s arsenal. In addition to phishing, Security Boulevard states, “sharing passwords among colleagues, both on purpose and on accident, can inadvertently lead to your credentials getting into the wrong hands.” Other popular methods of credential compromise today include credential stuffing and business email compromise (BEC).


Image from the Lookout State of Mobile Phishing Research Report

Attackers are targeting your smartphone as A way into the company network

Campaigns targeting smartphones have risen by 37% worldwide in just a few months reports ZDNet. As many employees are still working form home due to COVID-19, attackers have increased the number of phishing attacks according to the State of Mobile Phishing Research Report by cybersecurity firm, Lookout.

As with many desktop phishing attacks, mobile attackers are using fake login pages that look identical to that of the organization they're targeting or a commonly used cloud service like Office 365.

ZDNet reports that, “mobile phishing attacks against personal accounts are also on the rise, as attackers exploit smartphones and mobile browsers in attempts to steal login details, banking information and other personal data.”


Image from https://www.fbi.gov/news/stories/business-e-mail-compromise-on-the-rise

64 Year-Old Man Pleads Guilty to BEC Fraud

Kenenty Kim, a 64 year-old man has pleaded guilty in a Texas court, to charges of money laundering after managing a series of Business Email Compromise (BEC) attacks which defrauded companies out of hundreds of thousands of dollars.

The Register reports that Kim, “tricked two suppliers into paying him more than $500,000 by impersonating staff as a subcontractor at a retail outlet via email.” Kim used an email address that looked very like – but not quite the same as – the one used by his victims, reports Graham Cluley.

In February, 2020, celebrity ‘Shark Tank star Barbara Corcoran nearly lost $400K in a similar BEC scam that used a doppelgänger domain/evil twin domain to trick one of Barbara’s employees into wiring money to the scammer.


Tip of the Week

HTTPS Everywhere

HTTPS Everywhere is a free, open source browser extension that forces all of your browsing to use an encrypted HTTPS connection instead of an unencrypted HTTP connection. It is available for Chrome, Firefox and Opera and is prepackaged in the Brave and Tor browsers and is a collaboration between The Tor Project and the Electronic Frontier Foundation.

Why do you want this? The EFF’s website states, “Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by using clever technology to rewrite requests to these sites to HTTPS.”

How does it work? When you click on a link that uses http:// your browser loads a page this is not encrypted. You don’t want this so HTTPS Everywhere will try that site using the encrypted HTTPS option. If it is not available, you will get a warning and have to click a link to allow the unencrypted page to load. While that is an extra step, it puts you in control and of your browsing by only allowing HTTP to be used with your permission.

If you have questions or just want more information, read the HTTPS Everywhere FAQ.


Picture of the Week