Author Archives: mlmcadams

I'm an artist, IT engineer, Cybersecurity geek, coffee connoisseur, travel and weather nerd, and a gamer.

NYU Disinformation Research Challenged and Defended

“Mozilla, MacArthur and Ford foundations unite to oppose Facebook ban on NYU disinformation research” via Jonathan Greig | ZDNet

“Multiple high-profile foundations and philanthropic organizations came together to criticize Facebook for shutting down the accounts of New York University (NYU) researchers investigating advertising disinformation on the platform.

The open letter was from the NetGain Partnership, which includes the Mozilla Foundation, Ford Foundation, John D. and Catherine T. MacArthur Foundation, the Omidyar Network and more. The group of foundations focus their work on fostering research into”..

More detail here: https://www.zdnet.com/article/mozilla-macarthur-and-ford-foundations-unite-to-oppose-facebook-ban-on-disinformation-research/

Patch Tuesday is Here

Ready or not, it’s patch time again:

“Point and Print Default Behavior Change” via MSRC : https://msrc-blog.microsoft.com/2021/08/10/point-and-print-default-behavior-change/

Microsoft: Security Updates for August: https://msrc.microsoft.com/update-guide/

Adobe: Security updates for Adobe Connect and Magento : https://helpx.adobe.com/security/security-bulletin.html

“Firefox 91 Introduces Enhanced Cookie Clearing” via Mozilla Security Blog : https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/

“Snort rule update for Aug. 10, 2021 — Microsoft Patch Tuesday” via Snort Blog : https://blog.snort.org/2021/08/snort-rule-update-for-aug-10-2021.html

More Network Routers Actively Being Attacked

“Actively exploited bug bypasses authentication on millions of routers” via Sergiu Gatlan | Bleeping Computer

“Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads.

The vulnerability tracked as CVE-2021-20090 is a critical path traversal vulnerability (rated 9.9/10) in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass”….

More detail here: https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/

BazaCall Campaigns

“BazaCall: Phony call centers lead to exfiltration and ransomware” via Eric Avena | Microsoft Security Blog

“Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart from having backdoor capabilities, the BazaLoader payload from these campaigns also gives a remote attacker hands-on-keyboard control on an affected user’s device, which allows for a fast network compromise. In our observation, attacks emanating from the BazaCall threat could move quickly within a network, conduct extensive data exfiltration and credential theft, and distribute ransomware within 48 hours of the initial compromise.”

More detail: https://www.microsoft.com/security/blog/2021/07/29/bazacall-phony-call-centers-lead-to-exfiltration-and-ransomware/

MosaicLoader Malware Hiding in Search Ads

“This password-stealing Windows malware is distributed via ads in search results” via Danny Palmer | ZDNet

“MosaicLoader can be used to steal passwords, install cryptocurrency miners and deliver trojan malware warn researchers, who say those behind it want to sell access to Windows PCs on to other cyber criminals.”

More detail: https://www.zdnet.com/article/this-password-stealing-windows-malware-is-distributed-via-ads-in-search-results/

Bug hunters asked to probe Microsoft Teams mobile apps, can earn up to $30k – Help Net Security

Bug hunters asked to probe Microsoft Teams mobile apps, can earn up to $30k
— Read on www.helpnetsecurity.com/2021/07/20/bug-hunters-microsoft-teams/