Connect with us

Cyber Security

Donald Trump closes Chinese Consulate in Houston for Espionage

Avatar

Published

on

US President Donald Trump issued a federal order to close the Chinese Consulate in Houston from Friday(July 24th,2020) this week, as the office was found indulging in Espionage activities on Federal Agencies. The order which was made public on Wednesday this week was being followed thoroughly by the law enforcement as it seized all assets and operations at the office from Thursday.

After the officials at the consulate learnt about the ban, some of them threw all the paper files into the corridor and lit them in flames. And this prompted the fire and police officers to rush to the site to get control of the mishap- only to be stopped by a senior official from Trump Administration for reasons.

Beijing reacted sharply to the news and stated that the action taken by the Trump administration was illegal and could attract retaliation in the form of cyber attacks from its intelligence.

A source from White House claims that the Chinese government was spying on the networks of University and research labs to steal valuable medical research related information and was trying to digitally infiltrate networks related to oil and natural gas firms.

United States on Thursday confirmed the news and alleged that Beijing had turned its consulate in Houston a high-tech communications hub to coordinate and execute espionage related activities.

Mark Warner, the Democrat Senator from Virginia, confirmed the news and added that the Chinese Communist Party was indulging in some notorious activities like stealing information of companies, and research data related to MD Anderson Cancer Center of a Texas University by making Houston as its hub.

Note 1- In April 2019, 3 out of 5 scientists from MD Anderson Cancer Research were fired from their duties as they were found guilty in passing out valuable research info related to Cancer to servers in China. The 4th scientists resigned from the job because of health reasons after the investigation was initiated, and the news about the 5th scientist is still unknown.

What if the Communications hub acted as a static point to hack & influence the US Elections 2020 in state or across the nation…?

Note 2- As a first move to express retaliation, China announced on Friday that it will shut down to US Consulate of Chengdu in South West of China’s Sichuan Province.

Source: https://www.cybersecurity-insiders.com/donald-trump-closes-chinese-consulate-in-houston-for-espionage/

Cyber Security

Bitglass Security Spotlight: Over 200k Instacart Users’ Data Is Being Sold on Dark Web

Avatar

Published

on

[ This article was originally published here ]

Here are the top stories of recent weeks:

  • Instacart Customer Data for Sale on Dark Web
  • 17 Million users exposed on SaaS platform
  • First American Financial Corp. Charged Over 2019 Breach
  • COVID-19 Research Data Hacked by Chinese Contractors
  • University of York, the Latest Victim of a Data Breach

Avatar

Source: https://www.cybersecurity-insiders.com/bitglass-security-spotlight-over-200k-instacart-users-data-is-being-sold-on-dark-web/?utm_source=rss&utm_medium=rss&utm_campaign=bitglass-security-spotlight-over-200k-instacart-users-data-is-being-sold-on-dark-web

Continue Reading

Cyber Security

Reddit Attack Defaces Dozens of Channels

Avatar

Published

on

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2020-15058
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

CVE-2020-15059
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

CVE-2020-15060
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

CVE-2020-15061
PUBLISHED: 2020-08-07

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.

CVE-2020-15062
PUBLISHED: 2020-08-07

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

Source: https://www.darkreading.com/attacks-breaches/reddit-attack-defaces-dozens-of-channels/d/d-id/1338614?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Continue Reading

Cyber Security

Researcher Finds New Office Macro Attacks for MacOS

Avatar

Published

on

Building successful macro attacks means getting past several layers of security, but a Black Hat speaker found a way through.

Microsoft Office is no stranger to vulnerabilities and exploits. Most of those vulnerabilities led from Microsoft Office to Microsoft Windows, but it’s possible for an attacker to take an exploit path from Microsoft Office to macOS — a path that Patrick Wardle, principal security researcher at Jamf, discussed in his presentation on Wednesday at Black Hat USA.

Wardle began by pointing out that macros — executable code inserted into documents — have been exploited as attack vectors since at least 1999. In the last three or four years, Wardle said, more of these exploits have been aimed at macOS targets as Macs have become more attractive targets because of their increased use in business environments.

The Human Side
In most of the macro-based attacks, human intervention on the part of the victim is required at least once, and usually twice, Wardle said. First, the victim must click on an email attachment or malicious link in order to download and open the infected document. Next, in most cases macros will not run on a system by default — they must be given explicit permission to run by the user.

Most macro-based attacks have two stages, Wardle explained. In the first — the stage given explicit permission to run by the victim — code executes that checks the system status, checks for the presence of anti-malware software, and then downloads the second stage. It’s the second stage payload that contains the “working” code of the attack, whether it’s skimming credentials, creating a bot, or encrypting the system’s data as part of a ransomware scheme.

Out of the (Sand)box
Modern malware writers have an additional hurdle to overcome. Microsoft Office now executes all macros in a “sandbox,” a walled-off environment within the operating system that prevents code from gaining persistence or interacting with the system as a whole. The goal for malware writers is breaking out of the sandbox.

Wardle said that researchers Pieter Ceelen and Stan Hegt found ways to include SYLK files and XLM code that make macros execute whether or not they’re invoked or allowed. They still run within the sandbox. Wardle showed that it’s possible to create files through a macro — files that can be placed outside the macro and can be built to auto execute on system boot. That combination is the key to persistence, one of the golden tickets that attackers pursue in any campaign.

What kind of files can fit the twin bill? Wardle found that a ZIP file, dropped into the proper subdirectory, will be invoked automatically. While the latest macOS endpoint security framework should detect such a file’s creation, Wardle said that there’s room for research here.

Asked by an audience member how he decides on which areas to pursue in his research, Wardle said that he looks at common vulnerabilities and exposures and their patches — especially patches that are very specific — and wonders whether there can be ways around them. Also, he said, he keeps abreast of research and finds that other researchers are a constant source of inspiration.

Related content

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and … View Full Bio

Recommended Reading:

More Insights

Source: https://www.darkreading.com/endpoint/researcher-finds-new-office-macro-attacks-for-macos/d/d-id/1338610?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Continue Reading
AI4 hours ago

Impacts of Artificial Intelligence in Content Writing

Publications5 hours ago

Hong Kong media tycoon Jimmy Lai arrested under security law

Cannabis6 hours ago

How to make a cannabis-infused canna-grapefruit spritz

Cannabis6 hours ago

Could Joe Biden budge on cannabis legalization?

Cannabis6 hours ago

4 weed products Weldon Angelos can’t live without

Blockchain7 hours ago

A $15K Bitcoin Likely As Price Breaks Above “Multi-Year Bullish Triangle”

Blockchain7 hours ago

Ethereum Classic Under Multiple 51% Attacks | Bitcoin News Summary Aug 10, 2020

Publications7 hours ago

Chinese Tesla rival Xpeng Motors files for New York IPO

Publications7 hours ago

U.S. health chief offers Taiwan ‘strong’ support in landmark visit

Publications8 hours ago

Stock futures mixed after Trump signs orders extending coronavirus relief

Blockchain8 hours ago

Number of Bitcoin Cash Whales Drop Following 39% Price Surge

Blockchain8 hours ago

Bitcoin Price Tackles $12,000 After Breaking Through a Key Resistance Zone

Blockchain9 hours ago

Japanese Messaging Giant LINE’s LN Token Trading on BitMax

Blockchain10 hours ago

Bitcoin Erupts Past $12,000: Here’s What Analysts Think Comes Next

Publications10 hours ago

Some office space could get permanently cut during the pandemic. Here’s how companies will cope

Blockchain11 hours ago

Here’s Why Analysts Are Expecting For Ethereum To Drop Back Towards $370

Publications11 hours ago

Pelosi slams Trump’s executive actions on coronavirus relief: ‘Absurdly unconstitutional’

Automotive12 hours ago

Hyundai launches Ioniq as a standalone brand to exclusively make electric cars

Blockchain12 hours ago

How Miners Can Hedge Their Inventory to Increase Return on Investment

Blockchain14 hours ago

Analysts Expect Chainlink (LINK) Reversal After 50% Eruption to $14

Blockchain14 hours ago

BAND Token is Now Available for Trading on Huobi Global

Publications15 hours ago

Amazon reportedly discussing using former J.C. Penney and Sears stores as fulfillment centers

Blockchain15 hours ago

DeFi has more than just yield farming to thank for the recent surge

Automotive15 hours ago

Judge denies bail for men accused of sneaking Carlos Ghosn out of Japan

Blockchain16 hours ago

What Hope Do Bears Have If Bitcoin Holds $11,500? Analyst Asks

Blockchain17 hours ago

Cardano short/medium-term price analysis: August 09

Publications17 hours ago

U.S. tops 5 million coronavirus cases as outbreak threatens America’s Midwest

Automotive18 hours ago

School buses are another coronavirus question mark

Blockchain18 hours ago

Will Bitcoin be the go-to asset during the incoming stagflation?

Cannabis18 hours ago

5 Thing You Can Do To Make Your Weeks Run Smoother

Automotive18 hours ago

Max Verstappen wins 70th Anniversary Grand Prix at Silverstone

Blockchain19 hours ago

Economic Crisis Leaves US Government Officials in State of Confusion

Blockchain19 hours ago

Litecoin short-term price analysis: 09 August

Automotive19 hours ago

This ‘Hoverboard’ can transform into a rideable 4-wheeler

Blockchain20 hours ago

Bitcoin: What to expect during institutional ‘land grab’ phase?

Blockchain20 hours ago

LINK Trading Volume Surpasses Bitcoin on Coinbase

Publications21 hours ago

While some techies flee Silicon Valley, this Waymo engineer is doubling down and running for office

Blockchain21 hours ago

Bitcoin’s price surge has depleted long-term hodlings

Blockchain22 hours ago

The Top Dice Strategies That Actually Make You Money

Cannabis22 hours ago

Stanley Brothers Face Another Setback with Final Refusal of “CW” Trademark

Trending