October 6, SecurityWeek – (International) Mac malware can abuse legitimate apps to spy on users. A security researcher from Synack discovered that Apple Mac operating system (OS) X malware can monitor an infected system for legitimate user-initiated video sessions on applications such as FaceTime, Skype, and Google Hangouts, and piggyback on those legitimate sessions to record video and spy on users without their knowledge or authorization. Source
October 5, Softpedia – (International) New backdoor trojan spreads through RDP brute-force attacks. GuardiCore security researchers discovered a new malware family, dubbed Trojan.sysscan was being leveraged as a backdoor trojan to collect data and credentials used for accounts on banking, gambling, and tax Websites from compromised systems and transfer the information to an attacker’s remote server by carrying out brute-force attacks on open Remote Desktop Protocol (RDP) ports. GuardiCore reported the trojan is coded in the Delphi programming language and is equipped with support for dumping passwords from locally installed applications including databases, point of sale (PoS) software, and Web browsers. Source
October 5, SecurityWeek – (International) iMessage URL preview exposes user data. A security researcher discovered that Apple’s iMessage service could leak user data including the message receivers Internet Protocol (IP) address, device type, and operating system (OS) version when the user receives a Uniform Resource Locator (URL) in a message due to a feature available in MacOS and iOS that enables the service to extract metadata from the URL and display it as an accessible link. The researcher stated the iMessage implementation sends requests from each of the devices the receiver has, which could allow an attacker sending the URL to determine the victim’s physical location based on the IP address. Source
Above Reprinted from the USDHS Daily Open Source Infrastructure Report