Search Results for “Liam Tung”


April 2, 2020
Liam Tung / ZDNet

Liam Tung / ZDNet  
Microsoft Issues First-Ever Targeted Warning to Hospitals About Threat of REvil Ransomware Attacks

Microsoft says it has issued its first-ever targeted warning to several dozen hospitals, alerting them to vulnerabilities in their virtual private network (VPN) appliances after spotting the REvil (also known as Sodinokibi) ransomware gang targeting them. The Internet giant said that through its vast network of threat intelligence sources, it identified the several dozens of hospitals with vulnerable gateway and VPN appliances in their infrastructure. The company sent out the notification “with important information about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates that will protect them from exploits of these particular vulnerabilities and others.” Microsoft urges all enterprises to review their VPN infrastructure for updates, as attackers are actively tailoring exploits to take advantage of remote workers.

Related: Dark Reading, BleepingComputer.com, DataBreaches.net, Microsoft Security Intelligence, CNET, Data Privacy Monitor

Tweets:@MsftSecIntel


April 24, 2020
Liam Tung / ZDNet

Liam Tung / ZDNet  
Microsoft Issues Out-of-Band Security Update for Office, Office 365 ProPlus and Paint 3D to Fix RCE Bugs in an Autodesk Library

Microsoft released out-of-band security updates for Office, Office 365 ProPlus, and Paint 3D products to address multiple newly disclosed bugs in Autodesk’s library for the FBX file format for 3D animations which do allow for remote code execution on affected products. To exploit the flaws, the attacker would need to send victims a malicious 3D FBX file and trick them into opening it. Autodesk, the maker of the widely used AutoCAD software, said in an earlier advisory that applications and services that use the FBX-SDK Version 2020.0 or earlier are affected by buffer overflow, type confusion, use-after-free, integer overflow, NULL pointer dereference, and heap overflow vulnerabilities. The bugs affected several other Autodesk products, including AutoCAD, Maya, Motion Builder, Mudbox, 3ds Max, Fusion, Revit, Infraworks, and Navisworks.

May 6, 2020
Liam Tung / ZDNet

Liam Tung / ZDNet  
Microsoft Launches Azure Sphere Research Challenge Offering Approved Researchers Rewards of Up to $100,000 for Breaking Sphere Security

Microsoft has launched the Azure Sphere Research Challenge, an expansion of Azure Security Lab, offering approved security researchers individual rewards of up to $100,000 for exploits that break the security of Azure Sphere, its Linux-based platform for internet-connected (IoT) devices. The Azure Sphere Research Challenge is a three-month, application-only security research challenge offering special bounty awards and providing additional research resources to program participants. Application forms are due before May 15 and will be reviewed every week with accepted researchers notified by email. The challenge runs from June 1, 2020, through August 31, 2020, for researchers accepted through open application.

Related: BleepingComputer.com, Security Week, TechNet Blogs, Microsoft Security Response Center, Dark Reading: Vulnerabilities / Threats

Tweets:@msftsecresponse


April 16, 2019
Liam Tung / ZDNet

Liam Tung / ZDNet  
Microsoft Confirms That Its Latest Patch Tuesday Updates Cause Performance Issues, Reboot Failures Due to Clash With Various Antivirus Tools

Numerous reports claim that the Patch Tuesday updates issued for Windows 7, Windows 8.1, Windows Server 2008 R2, and Windows Server 2012 on April 9 have caused serious performance issues for users, with the issue appearing to affect systems running various antivirus tools. Many users reported that their machines were failing to boot after installing the security-only and monthly updates. Avast and Avira separately confirmed in support documents that these cumulative updates have caused issues for their customers. Microsoft has now confirmed that there is an antivirus clash that affects Windows 10 version 1809 in relation to ArcaBit, a little-known Polish antivirus vendor, as well as boot problems affecting Avast for Business, Avast CloudCare, and AVG Business Edition on Windows 7. Avast has released ’emergency updates’ to fix this problem for customers and details the procedures to resolve problems in a support note.

Related: WinBuzzer, Infosecurity Magazine, HotHardware.com, WCCFtech, PCWorld, Tom’s Hardware, Context Blog, Appuals.com, Softpedia News, DigitalMunition, PC World, Microsoft, Avast


June 18, 2019
Liam Tung / ZDNet

Liam Tung / ZDNet  
SACK Flaws in Linux and FreeBSD Kernels Can Lead to Systems Crashing, Organizations Running Large Fleets of Production Linux Computers Urged to Patch

Four vulnerabilities in Linux and FreeBSD kernels could lead to systems crashing or consuming too many resources and consequently slowing down, Jonathan Looney, an engineering manager at Netflix and FreeBSD developer, discovered. The most serious of the flaws, CVE-2019-11477, is called SACK Panic, referring to the Linux kernel’s TCP Selective Acknowledgement (SACK) capabilities and can be exploited to trigger a kernel ‘panic’ that could crash a machine, leading to a denial of service. The other bugs are CVE-2019-11478 or CVE-2019-11478, which affects Linux 4.15 and below, CVE-2019-5599, another SACK Slowness bug that affects FreeBSD 12, and CVE-2019-11479, which causes excess resource consumption. All the flaws have been patched and organizations running large fleets of production Linux computers are urged to patch immediately.

Related: Beta News, Security Affairs, The Daily Swig, SecurityWeek, Linux Security, fossBytes, The Next Web, Bleeping Computer, GitHub, Help Net Security


January 3, 2020
Liam Tung / ZDNet

Liam Tung / ZDNet  
Mozilla Will Allow Users to Delete Telemetry Data Under the California Consumer Privacy Act

Mozilla announced that it’s rolling out changes under the California Consumer Privacy Act (CCPA) to all Firefox users worldwide, explicitly allowing users to request that Mozilla deletes Firefox telemetry data stored on its servers. The telemetry data that Firefox will delete upon request does not include web history, which Mozilla doesn’t collect anyway. Still, it does include data about how many tabs were opened and browser session lengths. The new control will ship in the next version of Firefox due out on January 7.

February 20, 2020
Liam Tung / ZDNet

Liam Tung / ZDNet  
Thousands of Samsung Galaxy Device Owners Believed They Were Hacked Following Mistakenly Sent Messages

Thousands of Samsung Galaxy device owners yesterday reported receiving a strange message from the Korean phone maker’s Find My Mobile App that displayed a ‘1’ above another ‘1,’ leading them to believe their phones got hacked. The messages arrived on devices that had never even enabled Samsung’s Find My Mobile app. Samsung said that the message was sent unintentionally during an internal test, and there is no effect on the Galaxy devices.

Related: Reddit – cybersecurity, PhoneArena, xda-developers, Softpedia, Graham Cluley, Tech Insider, WCCFtech, Trusted Reviews, The Sun, CTV News, BGR, Geek.com, The Register

Tweets:@SamsungHelpUK


March 4, 2020
Liam Tung / ZDNet

Liam Tung / ZDNet  
Android Patches Critical Vulnerability Affecting Dozens of Mid-Range Devices That Use MediaTek Chips

A critical security vulnerability that impacted dozens of models of mid-range Android devices running on chips from MediaTek has been patched according to Google’s recent Android Security Bulletin. The flaw, known as CVE-2020-0069, affects the Command Queue driver and enables temporary root access on a large number of MediaTek chips. A developer by the name ‘diplomatic’ used XDA-Developers’ forums to share a script that users can run to gain superuser (su) access. MediaTek says the vulnerability affects MediaTek devices with Linux Kernel versions 3.18, 4.4, 4.9, or 4.14 running Android versions 7 Nougat, 8 Oreo, or 9 Pie.

Related: ZDNet Security, TechNadu, Android Central ,Techradar, Computer Business Review, Naked Security, GBHackers On Security, Android, xda developers


December 13, 2019
Liam Tung / ZDNet

Liam Tung / ZDNet  
New Threat Group Gallium Targets Telecom Companies, Malware Infrastructure Located in China and Hong Kong

A hacking group called Gallium that has malware infrastructure in China and Hong Kong and has been targeting telecommunications companies, researchers at Microsoft say. The group uses cheap and disposable tools, and they don’t care about hiding their tracks or intent once inside compromised networks. Gallium seeks to compromise web servers by scanning for internet-exposed and vulnerable web servers, such as Red Hat-developed WildFly (aka JBoss), and then using publicly known off-the-shelf exploits to attack them. Gallium was active starting from 2018 to mid-2019 but has been quiet lately. Despite what Microsoft calls its effectiveness, Gallium hasn’t been classified as an APT group yet.

Related: Microsoft Malware Protection Center, Dark Reading: Threat Intelligence, Security Affairs, ZDNet

Tweets:@MsftSecIntel @jdallman @k8em0


November 29, 2019
Liam Tung / ZDNet

Liam Tung / ZDNet  
Cash Logistics and Security Company Prosegur Shut Down in Face of Ryuk Ransomware Attacks

Spanish multinational cash logistics and private security company Prosegur had to shut down its IT network to mitigate a Ryuk ransomware infection. UK security researcher Kevin Beaumont, the first reports of the ransomware attack came in at about 5 am GMT. Prosegur’s worldwide IT network was reportedly shut down and its employees were sent home. One day after the attack, the company’s customers said that Prosegur’s security alarms were not working.