Table of Contents
- Privacy
- Crime
- Clever Microsoft Phishing Scam Creates a Local Login Form
- Newly discovered Mac malware uses “fileless” technique to remain stealthy.
- Ransomware at Colorado IT Provider Affects 100+ Dental Offices
- 20 Low-End VPS Providers Suddenly Shutting Down In a 'Deadpooling' Scam
- BMW Infiltrated by Hackers Hunting for Automotive Trade Secrets
- Windows
- Politics
- Exploit development
Privacy
Moscow Cops Sell Access to City CCTV
Facial Recognition Data with about $470/5 days access, Russian government officials sell their credentials from the 3000 city surveillance cameras, with facial recognition capability.
Send your fingerprints to FBI for free
You can submit your own fingerprints in the post offices to be sent directly to FBI for identity check.
FBI also recommends people to secure IoT devices
The FBI has warned about smart TVs, and now they warn about all kinds of IoT devices, how to secure them, and to put them in a separate network than ones containing sensitive data.
In China, you need an account to get toilet paper in the station
You need to have a phone, scan the QR code, create an account, just to be able to take a shit in China train station….
Crime
Clever Microsoft Phishing Scam Creates a Local Login Form
This new phishing campaign uses an interesting technique to hide, namely it is generated locally using obfuscated JavaScript code after thousands of new lines after the
<!-- Internal Server Error --> message. Technical analysis
Newly discovered Mac malware uses “fileless” technique to remain stealthy.
North Korean hackers (Lazarus group) have started using fileless malware to infect Apple computers, with focus on cryptocurrency. It runs as root, and loads MACH-O directly in memory. Technical analysis.
Ransomware at Colorado IT Provider Affects 100+ Dental Offices
Dental offices in Colorado have been affected by a ransomware attack which exploits a severe vulnerability in Oracle WebLogic.
20 Low-End VPS Providers Suddenly Shutting Down In a 'Deadpooling' Scam
At least 20 different cheap VPN providers managed by the same entity has shut down unexpectedly after the Black Friday and Cyber Monday deals.
BMW Infiltrated by Hackers Hunting for Automotive Trade Secrets
BMW's security team has discovered a compromised machine in their network, in which they decided to monitor it rather than it shutting down. They claim no sensitive data was stolen. Hyuandai networks were also under the attack of the same campaign.
Windows
Someone found a way to bypass Windows 7 Extended Security Updates checks
Even though the Windows 7 support ends, many users still don't want to update to Windows 10, and they have found out a way to get the extended security updates available for enterprises, thus delaying the upgrade process even longer. Looks like Windows 7 is the new XP.
Politics
Reddit Bans 61 Accounts, Citing 'Coordinated' Russian Campaign
In a UK Vote Reddit has discovered and blocked a coordinated campaign originating from Russia trying to manipulate UK elections.
China tells government offices to remove all foreign computer equipment
China has ordered to remove all of the foreign hardware from all government offices and public institutions withing three years.
Exploit development
Full chain exploit for CVE-2019-11708 & CVE-2019-9810
This is a full browser compromise exploit chain (CVE-2019-11708 & CVE-2019-9810) targeting Firefox on Windows 64-bit. It uses CVE-2019-9810 for getting code execution in both the content process and the parent process as well as CVE-2019-11708 to trick the parent process into browsing to an arbitrary URL.
UAC Bypass by Mocking Trusted Directories
UAC can be bypassed by abusing Windows filesystem properties when directly calling the kernel API, it's possible to create a C:\Windows \System32\\ folder (notice the space after Windows), and place malicious executable files or scripts, that will be considered trusted by the Windows kernel.