FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing

Original release date: April 2, 2020

The Federal Bureau of Investigation (FBI) has released an article on defending against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing” when attacks are to the Zoom VTC platform).  Many organizations and individuals are increasingly dependent on VTC platforms, such as Zoom and Microsoft Teams, to stay connected during the Coronavirus Disease 2019 (COVID-19) pandemic. The FBI has released this guidance in response to an increase in reports of VTC hijacking.

The Cybersecurity and Infrastructure Security Agency encourages users and administrators to review the FBI article as well as the following steps to improve VTC cybersecurity:

  • Ensure meetings are private, either by requiring a password for entry or controlling guest access from a waiting room.
  • Consider security requirements when selecting vendors. For example, if end-to-end encryption is necessary, does the vendor offer it?
  • Ensure VTC software is up to date. See Understanding Patches and Software Updates.

CISA also recommends the following VTC cybersecurity resources:

This product is provided subject to this Notification and this Privacy & Use policy.

MS-ISAC Releases Advisory on DrayTek Devices

Original release date: April 1, 2020

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory regarding two vulnerable command injection points in DrayTek devices (CVE-2020-8515). An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities were detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC Advisory 2020-043 and the DrayTek Security Advisory for CVE-2020-8515 and apply the necessary updates and mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Google Releases Security Updates for Chrome

Original release date: April 1, 2020

Google has released Chrome version 80.0.3987.162 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

zBang – Privileged Account Threat Detection Tool

zBang –  Privileged Account Threat Detection Tool

zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations and red teamers can utilize zBang to identify potential attack vectors and improve the security posture of the network.

The results can be analyzed with the graphic interface or by reviewing the raw output files.

The tool is built from five different scanning modules:

  • ACLight scan – discovers the most privileged accounts that must be protected, including suspicious Shadow Admins.

Read the rest of zBang – Privileged Account Threat Detection Tool now! Only available at Darknet.