Secjuice Squeeze Volume 17

Welcome to the 17th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed, lovingly prepared for you every week. This week's volume compiled by Secjuice writers Mike Peterson and Miguel Calles.

Researching the coronavirus? Careful where you look

The 2019 Novel Coronavirus is now a global pandemic, and it has people worried. But that concern has given bad actors a golden opportunity to prey on victims. Not only is misinformation rampant, but it now appears like attackers are spoofing coronavirus informational sites to infect PCs with malware.

A new threat analysis report outlines a recent attack that tricks runs into downloading what appears to be a coronavirus spread map. But, in the background, the malicious app contains information-stealing malware that collects data stored in a user's browser, such as cookies, passwords and even cryptocurrency keys.

Source: blog.reasonsecurity.com
Curator: Mike Peterson

Years-long trojan campaign targets other hackers

While there may be honor among thieves, that may not be the case among black hats. According to new research via Cybereason, it looks like an unknown threat actor is trojanizing popular hacking tools with njRat. In fact, it appears that they've been doing so for years.

The bad actors are also "baiting" other hackers by posting the weaponized tools, which include product key generators and data exfiltration tools, in hacking forums. Worse still, it looks like these tools don't just give the threat actor full access to a hacker's system – they may also compromise all of the systems the hacker has previously breached.

Source: techcrunch.com
Curator: Mike Peterson

Putting things on the internet continues to be a dumb idea

In today's edition of "stop putting things on the internet," researchers at Palo Alto Networks Unit 42 have published new data that further corroborates what many in the security field already know. Specifically: more than half of all IoT devices are vulnerable to medium- or high-severity attacks.

That's in addition to the fact that 98 percent of all IoT traffic is still unencrypted. And the continued use of legacy protocols and OSes are opening networks and organizations to specific attacks that many IT professionals haven't seen in years. As companies and consumers continue to produce and use internet-connected devices, it's likely that reports like these – and the problems they describe – will only become more commonplace.

Source: threatpost.com
Curator: Mike Peterson

CIA Vault 7 trial ends in a hung jury

Schulte, 31, was on trial for eight counts for allegedly gathering and transmitting national defense information to WikiLeaks. The prosecution could not prove beyond a reasonable doubt that Schulte was guilty of the crimes, although the evidence did show Schulte downloaded the software WikiLeaks recommends using for sending information to them without leaving a trace. Schulte was indicted of two counts: "contempt of court, and making false statements to the FBI."

Source: theregister.co.uk
Curator: Miguel Calles