Cyber Bites

DNS, which is often described as the “phonebook of the internet”, is a network protocol for translating human-friendly computer hostnames into IP addresses. Because it is such a core component of the internet, there are many solutions and implementations of DNS servers out there, but only a few are extensively used. “Windows DNS Server” is the Microsoft implementation and is an essential part of and a requirement for a Windows Domain environment. SIGRed (CVE-2020-1350) is...

Video sharing platform TikTok has been fined by a South Korea regulator over mishandling child data.   The country's telecommunications watchdog, The Korea Communications Commission (KCC), said it has fined the company 186 million won -- around $155,000 -- for failing to protect users' private data. The fine is equivalent to 3% of the company's annual sales in South Korea, an amount designated for such violations under local privacy laws. The investigation began last year...

Security firm G4S has been fined £44m by the Serious Fraud Office (SFO) as part of an agreement that will see it avoid prosecution for overcharging the Ministry of Justice for the electronic tagging of offenders, some of whom had died. The SFO said G4S had accepted responsibility for three counts of fraud that were carried out in an effort to “dishonestly mislead” the government, in order to boost its profits.   Source: The Guardian

SAP has patched a critical vulnerability impacting the LM Configuration Wizard component in NetWeaver Application Server (AS) Java platform, allowing an unauthenticated attacker to take control of SAP applications. The bug, dubbed RECON and tracked as CVE-2020-6287, is rated with a maximum CVSS score of 10 out of 10, potentially affecting over 40,000 SAP customers, according to cybersecurity firm Onapsis, which uncovered the flaw.   Source: The Hacker News

Passwords have always been a weak link in security, but people are so used to them that getting them to change to a more secure form of authentication has been a difficult task. Could COVID-19 be the catalyst that ends up ushering in passwordless access? The push is slowly happening. Gartner predicts that 60% of enterprises and 90% of midsize businesses will move to passwordless authentication by 2022. Although it has been discussed as option...

A hacker claims to have breached the backend servers belonging to a US cybersecurity firm and stolen information from the company's "data leak detection" service. The hacker says the stolen data includes more than 8,200 databases containing the information of billions of users that have leaked from other companies in previous security breaches. The databases have been collected inside DataViper, a data leak monitoring service managed by Vinny Troia, the security researcher behind Night Lion...

The group behind Evilnum malware, that targets financial institutions, appears to be testing new techniques. ESET researchers published an analysis of advanced persistent threat (APT) group Evilnum, known for developing malware of the same name. A detailed look at its activity reveals an evolved toolset and infrastructure that combine custom malware with tools bought from malware-as-a-service (MaaS) providers. Evilnum has been around for at least two years, according to Matías Porolli, a malware researcher at...

Any.Run is a malware analysis sandbox service that lets researchers and users safely analyse malware without risk to their computers. And now malware developers are checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analysed by researchers.   Source: Bleeping Computer

Security researchers recently found a flaw in the videoconferencing software, Zoom, which would have allowed hackers to remotely take control of computers running on old Microsoft Windows operating systems. Specifically, the vulnerability applies to Zoom running on Windows 7 or older operating systems. While Microsoft has attempted to phase out technical support for Windows 7 to encourage users to upgrade, many continue to use it - leaving many at risk. Source: CyberScoop

This week, Google announced that it would now ban any ads that promote any form of surveillance technology, including stalkerware. As part of an update on Google Ad policies, this change will take effect on the 11th of August 2020. Advertisers will no longer be able to promote the following: Technology that allows intimate partner surveillance, such as monitoring texts, calls or browser history. GPS tracking, to track someone without consent. Other surveillance equipment used...