Tech

• Malicious PDFs Flood the Web, Lead to Password-Snarfing

  

  SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware.

  ---

• Ten-Year Old Sudo Vulnerability Gives Root Privileges on Host

  A major security hole in the Sudo utility could be abused by unprivileged users to gain root privileges on the vulnerable host, Qualys reports.

  ---

• Hackers breached U.S. government agencies via compromised SolarWinds Orion software

   

  A “highly sophisticated” hacking group has breached the U.S. Treasury Department, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA), other government agencies and private sector companies (including, apparently, FireEye) via compromised SolarWinds Orion software.

  ---

• FireEye hack: Cybersecurity firm says nation-state stole attacking tools

   

  “This attack is different from the tens of thousands of incidents we have responded to throughout the years,” the firm says in an SEC filing.

  ---

• Website Security Breach Exposes 1 Million DNA Profiles

   

  A genealogy website used to catch one of California’s most wanted serial killers remained shut down Thursday after a security breach exposed the DNA profiles of more than a million people to law enforcement agencies.

  ---

• Critical, Wormable Bug in Windows DNS Servers Could Allow Full Infrastructure Compromise

   

  Exploitation Would Grant Attacker Domain Administrator Rights That Could Compromise Entire Corporate Infrastructure

  ---

• Work From Home Opens New Remote Insider Threats

   

  Remote work is opening up new insider threats – whether it’s negligence or malicious employees – and companies are scrambling to stay on top of these unprecedented risks.

  ---

• NSA Publishes Recommendations on Securing IPsec VPNs
  The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).
• Everything we know about the Google/Apple COVID-19 contact tracing tech

  Here’s how it works, what it does, why it matters and links to further information.

  ---

• Microsoft Working on Patches for Wormable SMB Vulnerability

   

  Microsoft is working on patches for a critical remote code execution vulnerability in Server Message Block 3.0 (SMBv3) that exposes systems to “wormable” attacks.

  ---

• Microsoft Exchange Server Flaw Exploited in APT Attacks

   

  A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.

  ---