![]() ![]() ![]() This lack of security on the miscreants’ part opens up a window to perform target analysis of the infected machines.īy leveraging the visibility within AutoFocus along with KeyBase web panels identified through information sharing groups, 64 websites have been identified hosting 82 active KeyBase web panels with a total of 933 infected Windows systems accounting for 125,083 screenshots. ![]() One interesting discovery, identified by Unit 42 malware researcher Josh Grunzweig was that while the KeyBase web panel requires authentication for access, the part of the KeyBase web panel which saves screenshots from the infected computers is not properly locked down, thus requiring no authentication and allowing anyone on the Internet to freely access it. In our initial report, we identified approximately 1,500 sessions carrying KeyBase and approximately six months later we have seen over 4,900 different samples and 44,200 sessions within Palo Alto Networks AutoFocus. What’s more, while development of KeyBase appears to have stopped, the usage of this malware has increased significantly since June. However, as of this writing, the software is still readily available for download with minimal effort on multiple websites. The author has since taken down its website and supposedly ceased selling the software, while also renouncing the tool’s use for any malicious purposes. ![]() In June 2015, Unit 42 reported on a keylogger malware family known as KeyBase, which had first appeared in February 2015. The vast majority are security engineers.Be the first to receive the latest news, cyber threat intelligence and research from Unit 42. The other almost two dozen employees will become Zoom employees. Under the terms of the deal, the Keybase will become a subsidiary of Zoom and co-founder and Max Krohn will lead the Zoom security engineering team, reporting directly to Yuan to help build the security product. Logged-in users will generate public cryptographic identities that are stored in a repository on Zoom’s network and can be used to establish trust relationships between meeting attendees,” he wrote. “Zoom will offer an end-to-end encrypted meeting mode to all paid accounts. He added that that tools will be available for all paying customers as soon as it is incorporated into the product. “This acquisition marks a key step for Zoom as we attempt to accomplish the creation of a truly private video communications platform that can scale to hundreds of millions of participants, while also having the flexibility to support Zoom’s wide variety of uses,” Yuan wrote. In a blog post announcing the deal, CEO Eric Yuan said they acquired Keybase to give customers a higher level of security, something that’s increasingly important to enterprise customers as more operations are relying on the platform, working from home during the pandemic. As the company has moved to address these issues, having a team of encryption experts on staff should help the company build a more secure product. The company has faced a number of security issues in the last couple of months as demand as soared and exposed some security weaknesses in the platform. Keybase, which has been building encryption products for several years including secure file sharing and collaboration tools, should give Zoom some security credibility as it goes through pandemic demand growing pains. Zoom announced this morning that it has acquired Keybase, a startup with encryption expertise. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |