Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet

Hot on the heels of his research into an attack that attempted to take down ESET’s website, Lukas Stefanko sheds more light on threats posed by mobile botnets

The post Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet appeared first on WeLiveSecurity

from WeLiveSecurity

Messaging / Smishing Attacks

Cyber attackers can just as easily trick or fool you in messaging apps as they can in email. Be on the look-out for scams or attacks via apps such as Slack, Skype, WhatsApp or event simple text messaging. The most common clues are tremendous sense of urgency or curioustiy.

from SANS Institute Security Awareness Tip of the Day

Microsoft Patch Tuesday, May 2020 Edition

Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. None of the vulnerabilities were labeled as being publicly exploited or detailed prior to today, but as always if you’re running Windows on any of your machines it’s time once again to prepare to get your patches on.

May marks the third month in a row that Microsoft has pushed out fixes for more than 110 security flaws in its operating system and related software. At least 16 of the bugs are labeled “Critical,” meaning ne’er-do-wells can exploit them to install malware or seize remote control over vulnerable systems with little or no help from users.

But focusing solely on Microsoft’s severity ratings may obscure the seriousness of the flaws being addressed this month. Todd Schell, senior product manager at security vendor Ivanti, notes that if one looks at the “exploitability assessment” tied to each patch — i.e., how likely Microsoft considers it that each can and will be exploited for nefarious purposes — it makes sense to pay just as much attention to the vulnerabilities Microsoft has labeled with the lesser severity rating of “Important.”

Virtually all of the non-critical flaws in this month’s batch earned Microsoft’s “Important” rating.

“What is interesting and often overlooked is seven of the ten [fixes] at higher risk of exploit are only rated as Important,” Schell said. “It is not uncommon to look to the critical vulnerabilities as the most concerning, but many of the vulnerabilities that end up being exploited are rated as Important vs Critical.”

For example, Satnam Narang from Tenable notes that two remote code execution flaws in Microsoft Color Management (CVE-2020-1117) and Windows Media Foundation (CVE-2020-1126) could be exploited by tricking a user into opening a malicious email attachment or visiting a website that contains code designed to exploit the vulnerabilities. However, Microsoft rates these vulnerabilities as “Exploitation Less Likely,” according to their Exploitability Index.

In contrast, three elevation of privilege vulnerabilities that received a rating of “Exploitation More Likely” were also patched, Narang notes. These include a pair of “Important” flaws in Win32k (CVE-2020-1054, CVE-2020-1143) and one in the Windows Graphics Component (CVE-2020-1135). Elevation of Privilege vulnerabilities are used by attackers once they’ve managed to gain access to a system in order to execute code on their target systems with elevated privileges. There are at least 56 of these types of fixes in the May release.

Schell says if your organization’s plan for prioritizing the deployment of this month’s patches stops at vendor severity or even CVSS scores above a certain level you may want to reassess your metrics.

“Look to other risk metrics like Publicly Disclosed, Exploited (obviously), and Exploitability Assessment (Microsoft specific) to expand your prioritization process,” he advised.

As it usually does each month on Patch Tuesday, Adobe also has issued updates for some of its products. An update for Adobe Acrobat and Reader covers two dozen critical and important vulnerabilities. There are no security fixes for Adobe’s Flash Player in this month’s release.

Just a friendly reminder that while many of the vulnerabilities fixed in today’s Microsoft patch batch affect Windows 7 operating systems — including all three of the zero-day flaws — this OS is no longer being supported with security updates (unless you’re an enterprise taking advantage of Microsoft’s paid extended security updates program, which is available to Windows 7 Professional and Windows 7 enterprise users).

If you rely on Windows 7 for day-to-day use, it’s time to think about upgrading to something newer. That something might be a PC with Windows 10. Or maybe you have always wanted that shiny MacOS computer.

If cost is a primary motivator and the user you have in mind doesn’t do much with the system other than browsing the Web, perhaps a Chromebook or an older machine with a recent version of Linux is the answer (Ubuntu may be easiest for non-Linux natives). Whichever system you choose, it’s important to pick one that fits the owner’s needs and provides security updates on an ongoing basis.

Keep in mind that while staying up-to-date on Windows patches is a must, it’s important to make sure you’re updating only after you’ve backed up your important data and files. A reliable backup means you’re not losing your mind when the odd buggy patch causes problems booting the system.

So backup your files before installing any patches. Windows 10 even has some built-in tools to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.

And if you wish to ensure Windows has been set to pause updating so you can back your files and/or system before the operating system decides to reboot and install patches on its own schedule, see this guide.

As always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there’s a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips. Also, keep an eye on the AskWoody blog from Woody Leonhard, who keeps a reliable lookout for buggy Microsoft updates each month.

Further reading:

SANS Internet Storm Center breakdown by vulnerability and severity.

Microsoft’s Security Update catalog

BleepingComputer on May 2020 Patch Tuesday

from Krebs on Security

Si tienes un Xiaomi, ya puedes activar el cajón de aplicaciones, ¡te enseñamos cómo!

Hoy te vamos a enseñar cómo puedes activar el cajón de aplicaciones en un Xiaomi, ya que la compañía introdujo esta opción en una actualización de MIUI 11, y es algo bastante curioso, y que bajo mi punto de vista, forma parte de ese acercamiento continuo a Google por parte de la compañía china, que, tradicionalmente, no se ha valido de este box de aplicaciones para gestionar su launcher.

Y es que, Xiaomi sigue añadiendo nuevas maneras de ofrecernos personalización a los usuarios, algo que vemos bien, ya que, lejos de establecer el cajón de aplicaciones como el nuevo estándar, lo ha puesto como una opción más, para que cada uno pueda elegir qué es lo que prefiere, que, en mi opinión, es la opción más inteligente. Y ahora vamos a enseñarte cómo puedes elegir.

MIUI 11, launcher

Cómo activar el cajón de aplicaciones en un Xiaomi

Como he comentado antes, ahora Xiaomi permite que los usuarios decidan entre tener todas las aplicaciones en el launcher, o bien utilizar cajón de aplicaciones, tal y como lleva haciendo Google en los móviles Android desde hace una buena cantidad de años, y activar esta opción es sumamente fácil:

  • Abre la aplicación “Ajustes”
  • Ve hasta “Pantalla de Inicio”, y pulsa ahí
  • Ahora pulsa en “Pantalla de Inicio”
  • Selecciona “Con el Cajón de aplicaciones”

Una vez hayas hecho esto, te encontrarás con que tienes sólo unas pocas aplicaciones en el launcher, y si deslizas desde la barra inferior mostrarás el box de aplicaciones con todas las aplicaciones que tengas instaladas. Tal como ocurre en una versión de Android stock. Aunque la cosa no acaba aquí.

Cajon de aplicaciones miui

Y es que, este cajón de aplicaciones en Xiaomi es personalizable, y si estando en este, pulsas en el icono que aparece en la esquina superior derecha, accederás a unas opciones en las que podrás modificar aspectos como los siguientes:

  • Mostrar u ocultar cajón de aplicaciones
  • Gestionar las categorías de aplicaciones que aparecen en el cajón
  • Modificar el fondo del cajón de aplicaciones y la transparencia
  • Cambiar el aspecto de la barra de desplazamiento

Como ves, son bastantes las opciones que da MIUI para personalizar el cajón de aplicaciones en un Xiaomi, y lo cierto es que de esta manera, es posible que muchos usuarios empiecen a utilizar el launcher nativo de la compañía, en lugar de buscar otras alternativas como el mítico Nova Launcher. Al fin y al cabo, hay ocasiones en las que las aplicaciones nativas pueden evitar el uso de aplicaciones de terceros.

opciones cajon aplicaciones miui

Además, si así lo deseas, como opción complementaria a estas opciones, puedes también cambiar el tamaño de los iconos en tu Xiaomi y personalizar otros aspectos, como el número de filas y de columnas que hay en el launcher a través de los ajustes.

Esto, y un buen fondo de pantalla, y ya tendrás tu móvil Xiaomi con cajón de aplicaciones y personalizado a tu gusto, y, como ves, no se tarda prácticamente ni un minuto en hacerlo.

Entra en Andro4all para leer el artículo completo

Puedes unirte a nosotros en Twitter, Facebook o en Google+

¡Suscríbete a nuestro canal de YouTube!

Publicado recientemente en Andro4all

La entrada Si tienes un Xiaomi, ya puedes activar el cajón de aplicaciones, ¡te enseñamos cómo! se publicó primero en Andro4all.

from Andro4all