Skip to main content

Posts

Showing posts from April 2, 2020

Unpatched Zoom App Bug Lets Hackers Steal Your Windows Password

Zoom has been there for nine years, but the immediate requirement of an easy-to-use video conferencing app during the coronavirus pandemic made it overnight a favorite tool for millions of people. Though Zoom is an efficient online video meeting solution, it's still not the best choice in terms of privacy and security. According to the latest finding by cybersecurity expert  @_g0dmode , which was also  confirmed  by researcher Matthew Hickey and  Mohamed A. Baset , the Zoom client for Windows is vulnerable to the ' UNC path injection ' vulnerability that could let remote attackers steal login credentials for victims' Windows systems The attack involves the SMBRelay technique wherein Windows automatically exposes a user's login username and NTLM password hashes to a remote SMB server when attempting to connect and download a file hosted on it. The attack is possible only because Zoom for Windows supports remote UNC paths, which converts such potentially insec...

Microsoft SQL Servers infected with Secret Backdoor by Hackers, Thousands of servers affected!!

Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools (RATs) and cryptominers. Named " Vollgar " after the Vollar cryptocurrency it mines and its offensive "vulgar" modus operandi, researchers at  Guardicore Labs  said the attack employs password brute-force to breach Microsoft SQL servers with weak credentials exposed to the Internet. Researchers claim the attackers managed to successfully infect nearly 2,000-3,000 database servers daily over the past few weeks, with potential victims belonging to healthcare, aviation, IT & telecommunications, and higher education sectors across China, India, the US, South Korea, and Turkey. Thankfully for those concerned, researchers have also  released a script  to let sysadmins detect if any of their Windows MS-SQL servers have b...