Cyber-Harassment Expert Wins MacArthur Genius Grant

Cyber-Harassment Expert Wins MacArthur Genius Grant

Lawyer, law professor, and civil rights advocate Danielle Keats Citron has been awarded a MacArthur grant for her efforts to address the scourge of cyber-harassment. 



Citron, a professor at Boston University Law School, is one of 26 individuals this year to receive a so-called genius grant from the John D. and Catherine T. MacArthur Foundation. Citron was awarded $625,000 to support her ongoing mission to study and write about online abuse and invasions of sexual privacy, the harm that they inflict, and how law and society should respond to them.



Through her work, Citron has found that cyber-harassment can have a devastating and long-lasting effect on victims, making it difficult for them to go about their daily lives. 



“Cyber-harassment is the targeting of specific individuals with a course of conduct that causes severe emotional distress and often the fear of physical harm, and it impacts them in a way that takes away what we consider crucial ability to make the most out of their lives in the 21st century; to get employment, keep a job, engage with other people, and go to school free from the fear of online abuse,” said Citron.



She continued: “We wouldn’t accept people walking down the street and being screeched at and threatened and humiliated and hurt, and we shouldn’t find it an acceptable part of online life.”



Citron has been studying and writing about online abuse for 15 years. During that period, she has worked with tech companies to update safety and privacy policies. She has also advised US legislators and state attorneys general on how to combat the most extreme forms of cyber-abuse, including cyber-stalking and revenge porn—the posting of intimate photos or videos without consent. 



The situation is improving, with the number of states to pass cyber-stalking laws rising from 4 in 2009 to 46 today.



Currently, Citron is focused on studying and writing about deep fake technology, which is machine learning technology that lets you manipulate or fabricate audio and video to show people doing and saying things that they’ve never done or said. 



She said: “The technology is advancing so rapidly that soon—within months—technologists expect that the state of the art will become so sophisticated that it will become impossible to distinguish fakery from what’s real. The impact that it has is not just on individuals; it has an impact on the truth and more broadly on our trust in democratic institutions.”


Source: Infosecurity
Cyber-Harassment Expert Wins MacArthur Genius Grant

CVE-2019-9853

LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categorized, resulting in the possibility to construct a document where macro execution bypassed the security settings. The documents were correctly detected as containing macros, and prompted the user to their existence within the documents, but macros within the document were subsequently not controlled by the security settings allowing arbitrary macro execution This issue affects: LibreOffice 6.2 series versions prior to 6.2.7; LibreOffice 6.3 series versions prior to 6.3.1.
Source: NIST
CVE-2019-9853

CVE-2018-19592

The “CLink4Service” service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITYSYSTEM, leading to total system takeover, a similar issue to CVE-2018-12441.
Source: NIST
CVE-2018-19592

CVE-2019-8075

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
Source: NIST
CVE-2019-8075

CVE-2019-8074

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. Successful exploitation could lead to Access Control Bypass in the context of the current user.
Source: NIST
CVE-2019-8074

CVE-2019-8073

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Command Injection via Vulnerable component vulnerability. Successful exploitation could lead to Arbitrary code execution in the context of the current user.
Source: NIST
CVE-2019-8073

CVE-2019-8072

ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Security bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
Source: NIST
CVE-2019-8072

New Spyware Threatens Telegram's 200 Million Users

New Spyware Threatens Telegram’s 200 Million Users

A new piece of spyware, designed to steal sensitive information from users of the messaging app Telegram, is for sale on the black market.  



Trojan-delivered Masad Stealer and Clipper was clocked by researchers at Juniper Threat Labs. The spyware uses Telegram as a command and control (CnC) channel to cloak itself in a veil of anonymity. 



After installing itself on the computer of a Telegram user, Masad Stealer busies itself collecting information stored on the system, such as browser passwords, autofill browser field data, and desktop files. The spyware also automatically replaces cryptocurrency wallets from the clipboard with its own.



Other information vulnerable to an attack perpetrated through Masad Stealer includes credit card browser data, FileZilla files, steam files, browser cookies, PC and system information, and installed software and processes. 



Masad Stealer is being advertised for sale in several hack forums, making it an active and ongoing threat. Buyers can pick up a variety of versions, ranging from a free one to a premium package costing $85, with each tier of the malware offering different features.



Researchers at Juniper said: “Masad Stealer sends all of the information it collects—and receives commands from—a Telegram bot controlled by the threat actor deploying that instance of Masad. Because Masad is being sold as off-the-shelf malware, it will be deployed by multiple threat actors who may or may not be the original malware writers.”



Masad Stealer is written using Autoit scripts and then compiled into an executable Windows file. Most of the samples discovered by Juniper were 1.5 MiB in size; however, the spyware has also been strutting around in larger executables and has been spotted bundled into other software.



Telegram, which celebrated its sixth birthday in August, has over 200 million monthly active users. While its platform may have been breached, the app is fully confident in its ability to protect the privacy of messages sent by its users. 



The app claims on its website to be “more secure than mass market messengers like WhatsApp and Line” and offers anyone who can decipher a Telegram message up to $300,000 in prize money. 


Source: Infosecurity
New Spyware Threatens Telegram’s 200 Million Users