Threatpost

21 January 2020

• Citrix Accelerates Patch Rollout For Critical RCE Flaw
  Citrix has issued the first of several updates fixing a critical vulnerability in various versions of its Citrix Application Delivery Controller (ADC) and Citrix Gateway products.
• FTCODE Ransomware Now Steals Chrome, Firefox Credentials
  New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook.
• Microsoft Zero-Day Actively Exploited, Patch Forthcoming
  CVE-2020-0674 is a critical flaw for most Internet Explorer versions, allowing remote code execution and complete takeover.
• Hacker Leaks More Than 500K Telnet Credentials for IoT Devices
  Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.
• New JhoneRAT Malware Targets Middle East
  Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
• Feds Cut Off Access to Billions of Breached Records with Site Takedown
  The WeLeakInfo "data breach notification" domain is no more.
• Mobile Carrier Customer Service Ushers in SIM-Swap Fraud
  Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.
• Threatpost Poll: Are Published PoC Exploits a Good or Bad Idea?
  Are publicly released proof-of-concept exploits more helpful for system defenders -- or bad actors?
• News Wrap: PoC Exploits, Cable Haunt and Joker Malware
  Are publicly-released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week's news wrap.
• FBI Plans to Inform States of Election Breaches
  The agency changed its policy to provide more timely and actionable information to state and local election officials in the case of a cybersecurity breach to election infrastructure.