Cybersecurity Weekly: RDP vulnerability, RATicate malware, Android 2FA bypass
An improper Microsoft patch leaves third-party RDP clients vulnerable to reverse RDP. RATicate drops info-stealing malware and RATs on industrial targets. A new Android banking trojan is able to bypass two-factor authentication. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. Improper Microsoft patch leaves third-party RDP clients vulnerable
Though Microsoft patched the infamous reverse RDP vulnerability in July 2019, researchers were able to bypass the patch just by replacing the backward slashes in paths with forward slashes. Microsoft acknowledged the improper fix and re-patched the flaw in its February 2020 Patch Tuesday update.
Read more »
2. RATicate drops info-stealing malware and RATs on industrial targets
Security researchers identified a hacking group that abused NSIS installers to deploy remote access tools and information-stealing malware in attacks targeting industrial companies. To infect the targets’ systems, the attackers used two infection chains, both of them involving the delivery of payloads via phishing emails.
Read more »
3. New Android banking trojan is able to bypass two-factor authentication
A new mobile-based trojan is able to compromise Android’s accessibility features in order to steal user data from banking applications and read user’s SMS messages, allowing the malware to bypass two-factor authentication. Named Eventbot, the trojan was discovered by a group of cybersecurity experts who found it targeting over 200 financial banking applications.
Read more »
For more cybersecurity news stories like these, check out the blog »
Looking for certification prep and technical skills development content? Visit our website to check out Infosec Skills! The platform has 70 learning paths, 600 courses and 150 virtual labs where you can try out new skills in a sandboxed environment. Try it free for 30 days with promo code: infoseccommunity