Plus, Carnival Cruises gets hit by ransomware and the U.S. president spreads disinformation on mail-in voting
Cybersecurity researchers in Germany published findings this week that mailto links can be abused to covertly steal local files from victims and email them to the attacker. “Mailto” links use a special protocol that opens up a new email “compose” window when clicked. The researchers learned that attackers can use mailto links to command their victims’ systems to fill the new “compose” window with predetermined content, including the addition of attachments, as long as attackers know the file path to their targeted documents.
Not all email clients are vulnerable to the attack. Testing 20 clients, the researchers found only 4 that were susceptible – Evolution, KMail, IBM/HCL Notes, and older versions of Thunderbird. Each email provider was notified of the vulnerability, and all four have been patched.
“This is not a threat that most users should be concerned about,” commented Avast Security Evangelist Luis Corrons. “In general, people tend to use cloud email providers such as Google or Microsoft. However, this could be used in a targeted attack, where cybercriminals research the victim to take advantage of the software they use in their computers. In any case, having your programs updated will do the trick.” Read more on this story at ZDNet.
Carnival Cruises reports ransomware attack
In a filing with the U.S. Securities and Exchange Commission (SEC) this week, the CFO for Carnival Corp reported that on August 15, the company was hit with a ransomware attack that involved files being stolen. The filing states that upon discovery of the attack, the company ..
Support the originator by clicking the read the rest link below.
