Shannon Vavra – Page 27 – WindowsTechs.com

Federal agencies recommend U.S. bar China Telecom over cybersecurity concerns

Posted on April 9, 2020 by Shannon Vavra

Several federal agencies recommended Thursday that U.S. regulators block a Chinese state-owned telecommunications firm from providing service to American customers. The Departments of Justice, Defense, and State urged the Federal Communications Commission to take action against China Telecom, a subsidiary of a Chinese state-owned telecommunications company, over cybersecurity and national security concerns, according to a Justice Department statement. The departments said the FCC should revoke China Telecom’s licenses to operate in the U.S. because, as a Beijing-based firm, China Telecom can “provide opportunities for [China] to engage in malicious cyber activity enabling economic espionage and disruption and misrouting of U.S. communications,” the department says. China Telecom has acted as a “common carrier,” meaning it connects domestic and international networks, since 2007. The U.S. government in recent years has warned that Chinese companies may not be able to refuse Beijing’s intelligence requests. This recommendation comes after U.S. intelligence officials have warned for years that the Chinese government could leverage another […]

The post Federal agencies recommend U.S. bar China Telecom over cybersecurity concerns appeared first on CyberScoop.

Continue reading Federal agencies recommend U.S. bar China Telecom over cybersecurity concerns→

Zoom has fixed an eavesdropping issue tied to their ‘waiting rooms’

Posted on April 9, 2020 by Shannon Vavra

Earlier this week video teleconferencing company Zoom fixed an issue that would have allowed users in Zoom “waiting rooms” to spy on meetings even if they weren’t approved to attend them, according to researchers at Toronto-based Citizen Lab. Before the fix, which was issued on Sunday, Zoom servers automatically sent live streams of meetings and meeting decryption keys to the users in the rooms, where they must wait for approval to join a meeting. This vulnerability allowed those users to eavesdrop without approval. “Because users in a Zoom waiting room are not yet approved to join the meeting, and Zoom’s documentation appears to promote waiting rooms as a confidentiality feature, we assessed that this issue could represent a security concern,” Bill Marczak, a senior research fellow at Citizen Lab, and John Scott-Railton, a senior researcher at Citizen Lab, write in a blog post on the issue. The vulnerability would have been particularly relevant […]

The post Zoom has fixed an eavesdropping issue tied to their ‘waiting rooms’ appeared first on CyberScoop.

Continue reading Zoom has fixed an eavesdropping issue tied to their ‘waiting rooms’→

Who is World Wired Labs and why are they selling an Android trojan?

Posted on April 7, 2020 by Shannon Vavra

A company advertising a remote access tool frequently used by criminals and nation-state hackers may be serving as a front for a Chinese hacking group, according to new research published Tuesday by BlackBerry Cylance. In a lengthy report on remote access trojans (RAT), BlackBerry Cylance researchers detail an Android malware variant, which they call PWNDROID4, that can be used to monitor targets’ phone calls, record audio, send and receive text messages, and track victims’ GPS location. Researchers believe it has been used by suspected Chinese government-linked hackers known as the Winnti group. In the report, researchers have pieced together that PWNDROID4 is remarkably similar to the Android version of a RAT known as NetWire, which has been around since 2017. BlackBerry Chief Product Architect Eric Cornelius told CyberScoop that researchers traced NetWire, a multi-platform RAT that’s been in use since at least 2012, back to a firm known as World Wired […]

The post Who is World Wired Labs and why are they selling an Android trojan? appeared first on CyberScoop.

Continue reading Who is World Wired Labs and why are they selling an Android trojan?→

Schiff wants ODNI to scrub out politics from election security briefs

Posted on April 7, 2020 by Shannon Vavra

Rep. Adam Schiff, the House Intelligence Committee chairman, wrote to Acting Director of National Intelligence Richard Grenell on Monday asking him to share communications about an intelligence briefing on election security provided to lawmakers last month over concerns that some of the information may have been politicized, according to the letter. During the intelligence briefing in question, which took place behind closed doors March 10, intelligence officials told lawmakers that Russia was not directly supporting any presidential candidates in the buildup to the 2020 presidential election, according to The New York Times. Just days earlier, U.S. intelligence officials told the House Intelligence Committee that Russia had a preference for President Donald Trump’s candidacy, as CyberScoop reported. The discrepancy in the two briefings raised concerns that the Office of the Director of National Intelligence began politicizing possible election interference information shared with Congress just after a new acting DNI took the reins. Just days before […]

The post Schiff wants ODNI to scrub out politics from election security briefs appeared first on CyberScoop.

Continue reading Schiff wants ODNI to scrub out politics from election security briefs→

Facebook wanted to purchase NSO Group spyware to surveil users, court documents allege

Posted on April 3, 2020 by Shannon Vavra

Two Facebook representatives approached NSO Group in 2017 asking to purchase rights to use its surveillance software to monitor its users, according to court documents filed this week by the Israeli-owned surveillance software company in an ongoing lawsuit with Facebook-owned WhatsApp. The Facebook representatives specifically told NSO Group they wanted to monitor users on Apple devices, NSO Group CEO Shalev Hulio said, according to court documents obtained by CyberScoop. NSO Group and WhatsApp are currently battling it out in court after Facebook sued NSO Group for allegedly targeting thousands of WhatsApp users with its spyware. At the time, Facebook was working to use a VPN product, Onavo Protect, to track users’ web traffic. According to Shalev, Facebook was not satisfied with the results for users on Apple devices and wanted to use NSO Group’s signature Pegasus spyware as a way to monitor Facebook users better. “The Facebook representatives stated that Facebook […]

The post Facebook wanted to purchase NSO Group spyware to surveil users, court documents allege appeared first on CyberScoop.

Continue reading Facebook wanted to purchase NSO Group spyware to surveil users, court documents allege→

Zoom founder promises to remedy security, privacy concerns during a ‘feature freeze’

Posted on April 2, 2020 by Shannon Vavra

Zoom’s founder says the company behind the popular videoconferencing app will spend the next 90 days focused on fixing security issues. In a blog post Thursday, Zoom founder Eric S. Yuan said the technology firm is enacting a “feature freeze,” in which employees will turn their attention from enhancing usability toward tightening data protection. The announcement comes as the number of daily Zoom users has skyrocketed to 200 million users in March, up from 10 million in December, as much of the world’s workforce moves to remote work amid the COVID-19 pandemic. The update from the San Jose-based company comes after the FBI issued a public warning about “Zoombombing,” in which white supremacists and other unauthorized outsiders have hijacked teleconferences. In some cases, internet trolls have disrupted online classes to shout profanities at teachers. Zoom also was hit with a class-action lawsuit in which users claimed the company was sharing […]

The post Zoom founder promises to remedy security, privacy concerns during a ‘feature freeze’ appeared first on CyberScoop.

Continue reading Zoom founder promises to remedy security, privacy concerns during a ‘feature freeze’→

Zoom vulnerabilities could give attackers webcam, microphone access

Posted on April 1, 2020 by Shannon Vavra

Vulnerabilities discovered in popular video teleconferencing app Zoom could allow attackers to escalate privileges on a computer or allow access to users’ webcams and microphones, according to new research from Jamf Principal Security Researcher Patrick Wardle. It’s just the latest security and privacy issue for Zoom, which has been served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General’s Office and the FBI. Yet, if you’re already social distancing to avoid the spread of the coronavirus, the two vulnerabilities may not be a primary concern. In order for someone to exploit these zero-days, they would need to have physical access to a machine running Zoom’s MacOS client, according to Wardle. “However if you value either your (cyber) security or privacy, you … should avoid using the macOS version of the app, as neither of these essential values seem to be […]

The post Zoom vulnerabilities could give attackers webcam, microphone access appeared first on CyberScoop.

Continue reading Zoom vulnerabilities could give attackers webcam, microphone access→

North Korean hackers reboot espionage operations following December takedown

Posted on March 31, 2020 by Shannon Vavra

Suspected North Korean hackers have been running a spearphishing email operation targeting people interested in North Korean refugees, according to new research from ESTsecurity, a South Korea-based security firm. The cyber-espionage group, which ESTsecurity Security Response Center (ESRC) researchers attribute to a group known as Geumseong121, entices its victims into clicking links that look to be about North Korean refugees. But instead of delivering valuable information, the link points recipients to repositories that download malicious files, according to ESRC. The campaign, which ESRC has named “Operation Spy Cloud” since it relies on cloud services, shows the hacking group returning to operations following a setback in December when Microsoft seized 50 websites used by the group in spearphishing campaigns. The group is also widely known as APT37. Following the takedown, the group is working to conceal its activities, according to ESRC. The attackers appear to have opted to prompt users to click links […]

The post North Korean hackers reboot espionage operations following December takedown appeared first on CyberScoop.

Continue reading North Korean hackers reboot espionage operations following December takedown→

FBI warns Zoom, teleconference meetings vulnerable to hijacking

Posted on March 31, 2020 by Shannon Vavra

As remote work surges amid the coronavirus pandemic, the FBI issued a public bulletin Tuesday warning Zoom and other video teleconferencing services may not be as private, or as secure, as users may assume. Use of Zoom and similar services has exploded in recent weeks as companies, schools, governments, and individuals increasingly turn to its teleconferencing as ways to keep businesses and classrooms afloat while sheltering in pace or working from home. However the shift also represents an opportunity for attackers, as white supremacists, hackers and other trolls barge into digital meetings, a phenomenon known as “Zoombombing.” In Massachusetts, there have been several incidents, including an unintended participant joining a high school’s virtual classroom only to yell profanities and reveal personal information about the teacher, according to the FBI. Another unwelcome participant with swastika tattoos joined a separate Massachusetts school’s Zoom meeting, the FBI reports. “The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate […]

The post FBI warns Zoom, teleconference meetings vulnerable to hijacking appeared first on CyberScoop.

Continue reading FBI warns Zoom, teleconference meetings vulnerable to hijacking→

Hong Kong targeted in new sweeping mobile malware campaign

Posted on March 27, 2020 by Shannon Vavra

A new spate of iOS and Android mobile malware attacks capable of taking control of devices, and tracking GPS location, phone call history, contacts, and text messages has been unleashed on targets in Hong Kong in the last several months, according to multiple cybersecurity companies. The attackers, which Kaspersky suspects are Chinese-speaking, lure their victims by posting links to local news sites in general discussion sections of forums that are popular among Hong Kong residents. But when victims click through to see the news, attackers deploy a hidden iFrame that runs an iOS malware variant, a modular backdoor. Trend Micro researchers have also found this malware, dubbing it “LightSpy.” Some of the lures include content on protests in Hong Kong. They also touch on information about the novel coronavirus and sex. The Android portion of the campaign is being distributed through Instagram posts and Telegram channels, with lures encouraging victims to download […]

The post Hong Kong targeted in new sweeping mobile malware campaign appeared first on CyberScoop.

Continue reading Hong Kong targeted in new sweeping mobile malware campaign→