It’s time again for our weekly look at the latest breaking news in cybersecurity and tech. This week, we're looking at Microsoft's new "Bad Neighbor" critical vulnerability, FBI's Zerologon warning, CyberNews' own Bitexlive and Intcomex investigations, and Microsoft taking on the Trickbot ransomware group.
You can read the full article or watch the quick video below:
Microsoft's “Bad Neighbor” vulnerability
Microsoft recently announced that there’s a critical vulnerability in the Windows IPv6 stack, which would allow attackers to send malicious packets to execute arbitrary code on remote systems. The attack results in the Blue Screen of Death -- but malicious actors could potentially bind shellcode to inject code and control the machine -- and it would most likely impact Windows 10 machines.
FBI warns about Zerologon exploitation
Unspecified threat actors are currently exploiting the Windows vulnerability Zerologon that we talked about in Episode 5 of our YouTube show. This gives attackers access to domain controllers that can create new accounts on the network and manage existing ones. This issue does have a patch, by the way, but the FBI and DHS warning issued on Friday shows that not everyone has installed these fixes yet.
At CyberNews, we recently discovered that Bitexlive, a Turkish-based cryptocurrency exchange platform, was exposing every users’ customer support communication to every other user on the site. The issue was fixed after we contacted Bitexlive.
We also published our investigation on the Miami-based company Intcomex, which recently had 1 TB of their data stolen and part of it leaked for free on a popular Russian hacking forum. The leaker appears to be part of the LockBit ransomware hacking group, which is one of the largest ransomware crime rings. After we contacted Intcomex, the leaker stopped providing the stolen data. We asked Intcomex if they had indeed paid the ransom, but they have not responded yet.
Facebook bans Holocaust denial
Facebook has finally banned Holocaust denial on its site. A few years ago Zuckerberg claimed that he was protecting free speech and specifically mentioned Holocaust denial, but now they’ve decided that due to the increase in anti-Semitism, it’s time to bring down the ban hammer. It’s also banning anti-vaccine ads, by the way. Late but good. There’s speculation that Zuck is preparing for a Biden win, which would likely bring in more regulation for tech giants.
Microsoft takes down Trickbot, temporarily
This week on CyberNews, we wrote about Microsoft’s takedown of the popular and powerful TrickBot malware group. Microsoft argued in court that the TrickBot group had infringed on Microsoft’s copyright by copying and misusing the Microsoft SDK. Courts agreed and gave Microsoft control of computers that were installing the ransomware.
This sets a new legal precedent because previously companies had to show that malware groups were causing financial harm, which is a more difficult and lengthy process. Of course, TrickBot is up and running again but this precedent will make it easier for companies to take them down.
TrickBot runs a ransomware-as-a-service business, but having their operations taken down or compromised will make them less attractive to malicious buyers.