August 2, Softpedia – (International) Windows flaw reveals Microsoft account passwords, VPN credentials. Researchers discovered an exploit affecting the way Microsoft Windows handles old authentication procedures for shared network resources where an attacker could embed a disguised link to a server message block (SMB) resource inside a Webpage or an email viewed via Outlook that sends the victim’s login credentials to authenticate on the malicious actor’s domain once the user accesses the link via Internet Explorer, Edge, or Outlook. The exploit gives the hacker access to the user’s Microsoft username, virtual private network (VPN) credentials, or password, which is leaked as a NT LAN Manager (NTLM) hash. Source
August 1, Softpedia – (International) Data of 200 million Yahoo users pops up for sale on the Dark Web. Yahoo is investigating a potential data breach after cyber-criminal Peace_of_Mind (Peace) published a listing on TheRealDeal Dark Web marketplace that reportedly offers data on over 200 million Yahoo users for 3 bitcoin, or approximately $1,800, including usernames, MD5-hashed passwords, dates of birth for all users, and in some cases, backup email addresses, country of origin, and ZIP codes for U.S. users. Source
August 1, Softpedia – (International) Trojan in 155 Google Play Android apps affects 2.8 million users. Security researchers from Dr. Web discovered a new variant of the Android.Spy family trojan, dubbed Anrdoid.Spy.305 was plaguing 155 Android apps on the official Google Play Store and affecting over 2.8 million users by collecting data about the user’s device, including the email address connected to their Google user account, the name of the app the trojan leverages for distribution, and the developer ID and software developer’s kit (SDK) version, among other details in order to deliver ads. Google released a list of all the apps potentially impacted by the trojan. Source
August 1, SecurityWeek – (International) SSL flaw in Intel Crosswalk exposes apps to MitM attacks. Intel released updates for its Crosswalk framework after security researchers from Nightwatch Cybersecurity discovered a serious vulnerability in the Crosswalk Project library that allows malicious actors to launch man-in-the-middle (MitM) attacks and capture sensitive information transmitted by the app after finding that when a user makes a network request and accepts the initial error message displayed by the app if an invalid Secure Socket Layer (SSL) certificate is found, the app accepts all future SSL certificates without validation even when connections are made via different WiFi hotspots and different certificates. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report