By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

VLC Media Player 3.0.7 was released on Friday and contained the most security updates ever in one release of the program. The president of the VideoLan non-profit organization states that this was due to their inclusion in the EU-FOSSA bug bounty program. Last year, the European Commission announced that they were expanding their Free and Open Source Software Audit (FOSSA) project to support bug bounty programs for free and open source programs that they use. As VLC Media Player is one of the products used by the EU Commission, it was added to a bug bounty program at HackerOne where they are sponsored by EU-FOSSA. Jean-Baptiste Kempf, the President of VideoLan and one of the lead developers of the VLC Media Player, says that VLC 3.0.7 has the most security fixes than any other version of their program. "We just released VLC 3.0.7, a minor update of VLC branch 3.0.x," Kempf stated in a blog post. "This release is a bit special because it has more security issues fixed than any other version of VLC." As VideoLan is a non-profit organization offering free software, being able to afford a bug bounty program that can attract security experts is not an easy task.  Being sponsored, though, by EU-FOSSA who will pay up to €60,000 in bounties for reported VLC vulnerabilities appears to have created a much greater for security researchers to analyze the program. We have more posted on OUR FORUM.

One would be forgiven for thinking Microsoft just announced a $6000 computer and $1000 stand, as the company’s share price has surged 7% in the last 5 sessions according to Bloomberg, hitting its higher ever valuation in intra-day trades, and closing at above a $1 trillion valuation for the second time ever. Over the same period, Alphabet fell 3.5% and Facebook lost 2.9%.  While Apple rose 9%, this was 18.2% below their Oct. 3, 2018, record high. Microsoft is now worth more than $100 billion more than their nearest rival. As has become common, the results are speculated to be due to Microsoft’s limited involvement in the current hostile regulatory environment surrounding large tech companies and also their heavy involvement with enterprise services, which are less liable to be affected by economic downturns. “Management noted Microsoft is better positioned than ever to maintain wallet share of customers through an economic downturn, given the broader budget exposure beyond IT,” Piper Jaffray analyst Alex J. Zukin wrote in a June 5 note. “However, they indicated they were not seeing any signs of an economic slowdown nor any weakness in the economy.” Currently, 36 analysts have a buy rating for Microsoft with an average price target of $143 (7% up from the current close of $131.40), while one rate as hold and 2 recommend selling. “We continue to have a ‘buy it and forget it’ mentality on the stock right now as the company appears to be in midst of secular fundamental growth,” Zukin wrote. Continue following this by visiting OUR FORUM on a regular basis.

US officials and Microsoft executives say older versions of the programs may be vulnerable to malware. In the advisory, NSA officials said a flaw known as "BlueKeep" exists in past editions of Microsoft Windows. Last week Microsoft warned that "some older versions of Windows" could be vulnerable to cyber-attacks. "All customers on affected operating systems [Windows 7 and earlier] should update as soon as possible," said Microsoft. US officials said the "BlueKeep" flaw could leave computers vulnerable to infection by viruses through automated attacks or by the downloading of malicious attachments. They said ransomware can often be installed quickly, holding files hostage and demanding payment from individuals. The vulnerability in the older versions of Microsoft Windows wrote the International Computer Science Institute's Nicholas Weaver, means that bad actors could "gain complete control of the remote system". Updating systems, as the Microsoft executives explained, helps to protect computer users from these kinds of cyber-attacks. Recently a ransomware attack on the city of Baltimore disrupted municipal services, knocking city workers offline and making it harder for people to pay their traffic tickets and water bills. The New York Times has reported that the NSA knew about the system flaw, EternalBlue, but kept it secret for years. EternalBlue has been implicated in a range of cyber-attacks over the past three years, including the WannaCry assault that disrupted the UK's NHS. A senior NSA adviser, Rob Joyce, tweeted on his own account that some computer users could face a "significant risk" because of the vulnerabilities in the older versions of Microsoft Windows, but that they would be protected by updates. Read more of this warning on OUR FORUM.

The U.S. Justice Department has jurisdiction for a potential probe of Apple Inc as part of a broader review of whether technology giants are using their size to act in an anti-competitive manner, two sources told Reuters. The Justice Department’s Antitrust Division and the Federal Trade Commission (FTC) met in recent weeks and agreed to give the Justice Department the jurisdiction to undertake potential antitrust probes of Apple and Google, owned by Alphabet Inc, the sources said. The FTC was given jurisdiction to look at Inc and Facebook Inc, the sources said. The sources did not say what the government’s potential concern might be regarding Apple. Streaming music leader Spotify Technology SA and others have criticized the iPhone maker’s practices, describing the company as anti-competitive in a complaint to the European Union’s antitrust regulators. Central to Spotify’s complaint is a 30% fee Apple charges content-based service providers to use Apple’s in-app purchase system. Apple did not immediately respond to a request for comment. The company has defended its practices in the past, saying it only collects a commission if a good or service is sold through an app. “Our users trust Apple - and that trust is critical to how we operate a fair, competitive store for developer app distribution,” it has said previously. Stay abreast of these developments by visiting OUR FORUM on a regular basis.

A new phishing campaign is underway that pretends to be a list undelivered email being held for you on your Outlook Web Mail service. Users are then prompted to decide what they wish to do with each mail, with the respective links leading to a fake login form. Recently, we have seen quite a few interesting spam campaigns such as account cancellation notices and alerts about unusual volumes of file deletions. This campaign is just as interesting as it uses the subject line of "Notifications | undelivered emails to your inbox" and pretends to be a list of email being held on the server for you. This phishing email then prompts you to decide whether you want to delete all of the emails, deny them, allow them to be delivered, or to whitelist them for the future. Regardless of the link you click on, you will be brought to a fake "Outlook Web App" landing page that asks you to enter your login credentials. Once you enter your credentials, the page will save them so that they can be retrieved by the scammer at a later date. Thankfully, unlike recent phishing landing pages hosted on Excel Online or Microsoft Azure, this phishing scam utilizes a landing page hosted on a hacked site. This makes it easier to detect as suspicious as the URL will not be the correct one for your email server. As always, when receiving emails that lead to login forms, make sure to examine the URL where the form resides before entering your login credentials. If there is any doubt, always ask your system administrators. We have the text of the mail posted on OUR FORUM.

Microsoft’s Azure cloud services have become an attractive option for cybercriminals to store malicious content. From phishing templates to malware and command and control services, it seems that crooks found a new place for them. Just this month, BleepingComputer reported on two incidents related to malware on Azure. In one case there were about 200 websites showing tech-support scams that were hosted on the platform. Another article, published this week, informs of Azure being used of hosting a phishing template for Office 365. Being both products from Microsoft, the scam appears as a legitimate login request, increasing the success rate. It appears that these are not isolated incidents. Security researchers JayTHL and MalwareHunterTeam found malware on Azure and reported it to Microsoft on May 12. According to AppRiver cybersecurity company, the reported piece of malware along with other samples that were uploaded at a later time was still present on Microsoft’s Azure infrastructure on May 29. “It's evident that Azure is not currently detecting the malicious software residing on Microsoft's servers,” says David Pickett of AppRiver. One of the samples, ‘searchfile.exe,’ was indexed by VirusTotal scanning service on April 26, and Windows Defender detects it. The same goes for the malware found by the two researchers, ‘printer/prenter.exe,’ which is an uncompiled portable executable file, specifically so to avoid gateway and endpoint security solutions detecting it upon download. However, Windows Defender will kick in and block the malicious file when users try to download them on the machine. JayTHL details that the sample appears to be a simple agent that runs any command it receives from the command and control server. He determined that there could be as many as 90 bots under control if their ID numbers were generated in sequential order. Follow this security threat on OUR FORUM.