Security News

• No recent updates.

• Zoom Scrutinized As Security Woes Mount
  The New York Attorney General has inquired about Zoom's data security strategy, as the conferencing platform comes under heavy scrutiny for its privacy policies.
  
• 8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign
  An old RAT learns an old trick.
  
• Millions of Guests Impacted in Marriott Data Breach, Again
  The second breach in less than 24 months stemmed from employee account compromises.
  
• Covid-19 Poll Results: One in Four Prioritize Health Over Privacy
  An informal Threatpost reader poll shows the majority of site visitors are privacy absolutists. But attitudes shift when the trade off is saving lives.
  
• Nation-State Attacks Drop in Latest Google Analysis
  Phishing and zero-days continue to be a core part of the APT arsenal.
  
• Zoom Kills iOS App’s Data-Sharing Facebook Feature
  Zoom removed its Facebook SDK for iOS feature after a report found the app sending Facebook "unnecessary" user data.
  
• Zeus Sphinx Banking Trojan Arises Amid COVID-19
  The malware is back after three years, looking to cash in on interest in government relief efforts around coronavirus.
  
• Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers
  The vulnerability can be exploited to reveal limited traffic data including a device’s IP address.
  
• Critical CODESYS Bug Allows Remote Code Execution
  CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit.
  
• Tupperware Cyberattack Stores Away Customer Payment Cards
  The food container company's main website had a card skimmer that scooped up online customers' payment card data.