Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-based multimedia framework on most versions of Microsoft Windows that assists with many audio and video operations. An attacker must convince the user to open a...
Read More
The U.S. Federal Bureau of Investigation (FBI) warned government agencies and health care organizations of ongoing BEC schemes exploiting the COVID-19 pandemic, as well as an overall increase in cryptocurrency and health care fraud scam activity targeting consumers. Govt and health care industry buyers were alerted of multiple incidents where fraudsters scammed state government agencies trying to buy personal protective equipment (PPE) and medical equipment from both domestic and foreign entities....
Read More
Cybercriminals are taking advantage of the fear and uncertainty surrounding the current global health and economic situation as well as sudden shifts and exposures in IT environments to launch COVID-19 related attack campaigns. The bad guys are moving full-steam ahead in their efforts to lure victims by playing on their fears. Fortunately, the security community is banding together to take on these cyber attackers by...
Read More
On Friday, Apple and Google announced they were working on a system that would make it easier for apps from country’s health departments to trace the spread of coronavirus while aiming to preserve privacy. The system is designed to use bluetooth low energy to inform a user when they’ve been in close contact with someone who has self identified as having tested positive for the coronavirus. This...
Read More
Hackers are selling two critical vulnerabilities for the video conferencing software Zoom that would allow someone to hack users and spy on their calls, Motherboard has learned. The two flaws are so-called zero-days, and are currently present in Zoom’s Windows and MacOS clients, according to three sources who are knowledgeable about the market for these kinds of hacks. The sources have not seen the actual code...
Read More