Wednesday Newsbytes: New Hacking Tool Steals Your Logins, False Positives for Microsoft Defender, Botnet Attacks D-Link Routers, Site Reviews Products After They Break… and more!
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature some news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
This brutal hacking tool could steal virtually all of your logins
New EvilProxy platform can reportedly topple MFA on popular sites
A new hacking tool can supposedly beat any security protections set up to prevent cyberattacks, and gain access to some of the world’s most popular websites, reports suggest.
The operator behind the EvilProxy tool says it is able to steal the authentication tokens needed to bypass the multi-factor authentication (MFA) systems used by the likes of Apple, Google, Facebook, Microsoft, and Twitter.
The service is particularly concerning as it promises to make such attacks available to all hackers, even those who may not have the precise skills or knowledge needed to attack such prominent targets.
Phishing threatThe tool was discovered by security firm Resecurity (opens in new tab), which notes that EvilProxy (also known as Moloch) is a reverse-proxy Phishing-as-a-Service (PaaS) platform being advertised on the dark web.
It offers to steal usernames, passwords, and session cookies, for a cost of $150 for ten days, $250 for 20 days, or $400 for a month-long campaign – although attacks against Google attacks will cost more, coming in at $250, $450 and $600 respectively.
Reverse proxies typically sit between a website and some form of online authentication endpoint such as a login page. EvilProxy tricks its victims using phishing lures, taking them to a legitimate page where they are asked to enter login credentials and MFA information. This data is then sent to the intended, legitimate website, logging them in, and also generating a session cookie containing an authentication token, which is sent to the victim.
Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps
A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as ‘Win32/Hive.ZY’ each time the apps are opened in Windows.
The issue started Sunday morning when Microsoft pushed out Defender signature update 1.373.1508.0 to include two new threat detections, including Behavior:Win32/Hive.ZY.
‘This generic detection for suspicious behaviors is designed to catch potentially malicious files. If you downloaded a file or received it through email, ensure that it is from a reliable source before opening it,’ reads the Microsoft detection page for Win32/Hive.ZY.
According to BornCity, the false positive is widespread, with users reporting on BleepingComputer, Twitter, and Reddit that the detections appear each time they open their browser or an Electron app.
Even though Microsoft Defender will continuously display these detections when apps are opened, it is important to note that this is a false positive, and your device is mistakenly being detected as infected.
Microsoft has since released two new Microsoft Defender security intelligence updates, the latest being 1.373.1518.0.
While this signature update does not display Win32/Hive.ZY detections in BleepingComputer’s tests, other users report that they continue to receive false positives.
Read more at Bleeping Computer
This Site Reviews Products After They Break
Don’t rely on the opinions of people who just opened the box.
We’ve come to rely on reviews when researching what products to buy. After all, everything’s getting more expensive (or getting smaller), and you want to be sure the purchases you make are smart. Reviews offer you real-life experience from someone who bought the item you’re looking at, and help inform you whether or not it’s worth the money. That said, they often suck.
Traditional reviews aren’t thorough enough
Reviews, as we’ve come to know them, are inherently flawed. When reliable, they’re a great measure of a customer’s enjoyment of the product as new, or within a recent timeframe, but most fail to advise us on how that product handles down the road. If you’re someone who writes reviews, you’re usually inspired to share your thoughts shortly after experiencing the product for the first time. You open the box, and the item either meets your expectations, surpasses them, or falls short. In any case, you have thoughts right away, and you’re ready to share them.
Moobot botnet is coming for your unpatched D-Link router
The Mirai malware botnet variant known as ‘MooBot’ has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits.
MooBot was discovered by analysts at Fortinet in December 2021, targeting a flaw in Hikvision cameras to spread quickly and enlist a large number of devices into its DDoS (distributed denial of service) army.
Today, the malware has refreshed its targeting scope, which is typical for botnets looking for untapped pools of vulnerable devices they can ensnare.
According to a report compiled by Palo Alto Network’s Unit 42 researchers, MooBot is now targeting the following critical vulnerabilities in D-Link devices:
CVE-2015-2051: D-Link HNAP SOAPAction Header Command Execution Vulnerability
CVE-2018-6530: D-Link SOAP Interface Remote Code Execution Vulnerability
CVE-2022-26258: D-Link Remote Command Execution Vulnerability
CVE-2022-28958: D-Link Remote Command Execution VulnerabilityThe vendor has released security updates to address these flaws, but not all users have applied the patches yet, especially the last two, which became known in March and May this year.
Read more at Bleeping Computer.
What Do Most People Not Realize Is Illegal? Here’s How People Responded.
The world is full of strange laws.
And a lot of those strange laws are specific to a town, or a state, or a country.
And today we’re gonna learn about a whole bunch of them!
People on AskReddit talked about what most folks don’t even know is illegal.
Let’s have a look.
1. Down South.
In Louisiana, if you bite someone with your natural teeth, that’s simple battery. But if you bite someone with false teeth, it’s aggravated battery.2. Come on, Nevada!
Double stops at stop signs is illegal in Nevada. If you roll forward and stop again, you broke a law.This is frustrating because they put stop signs really far back from the street in Nevada, so it is nearly impossible to safely turn without making a double stop.
3. It’s good for everyone.
Vermont has a law on the books (1999) that a “Good Faith” effort must be put in to serve apple pie with either a scoop of ice cream, cold milk, or a slice of cheddar cheese no less than 0.5oz.4. Stay away.
It is illegal to initiate contact with a manatee, but you’re allowed to touch them as long as they touched you first.5. That’s weird.
In Scotland, you cannot pick up roadkill that you killed with your own car. However, the car behind you can pick it up and do whatever with it.
Read more at DidYouKnowFacts.com
Thanks for reading this week’s Wednesday Newbytes. We hope you found these articles informative, interesting, fun, and/or helpful. Darcy & TC
Most of these articles are worse or equal to looking at the news on TV.
Quite depressing. Always something you watch out for. I remember when computers used to be fun. Now you always have to defend your machine.
Might I add that all these threats is all “Greek” to me. As long as we are not stupid enough to click on something we shouldn’t click on, or give information that we shouldn’t give and have a good anti-virus program like Emsisoft,, and
make good use of Last Pass, that’s about the best us seniors can do.