Options

Cybersecurity Weekly: LokiBot spearphish, Marriott breach, Zoom vulnerability

Infosec_SamInfosec_Sam Admin Posts: 527 Admin
edited April 2020 in Security News & Breaches

A spearphishing campaign exploits COVID-19 to spread LokiBot infostealer. Marriott suffers a second breach, exposing data of 5.2 million hotel guests. A new Zoom hack lets attackers compromise Windows and its login password. All this, and more, in this week’s edition of Cybersecurity Weekly.


1. Spearphishing campaign exploits COVID-19 to spread LokiBot infostealer

Researchers discovered threat actors harnessing a new spearphishing campaign designed to spread the LokiBot trojan. Using the WHO trademark as a lure, this new attack claims to address misinformation about the pandemic, but actually sends an attachment that unleashes LokiBot if downloaded and executed.
Read more »

 

2. Marriott suffers second breach, exposing data of 5.2 million hotel guests

Last week, international hotel chain Marriott disclosed a data breach impacting 5.2 million hotel guests — the second security incident to hit the company in recent years. The company believes guest data was accessed between January and February 2020, but found no evidence of compromised passwords or payment information.
Read more »

 

3. New Zoom hack lets attackers compromise Windows and its login password

According to cybersecurity researchers, the Zoom video conferencing software for Windows is vulnerable to a UNC path injection vulnerability that could allow remote attackers to steal victims’ Windows login credentials. Once the malicious link is clicked, the attack allows the attacker-controlled SMB share to automatically capture authentication data.
Read more »


For more cybersecurity news stories like these, check out the blog »

Community Manager at Infosec!
Who we are | What we do
· Share on FacebookShare on Twitter
Sign In or Register to comment.