Cyber Security News - September 2021
30/09/2021
Instagram Kids put on hold
Instagram has announced it is pausing the development of Instagram Kids —a version of Instagram aimed at 10-12-year-olds.
Adam Mosseri, who heads up Instagram, wrote in a blog post about the idea behind Instagram Kids:
“We started this project to address an important problem seen across our industry: kids are getting phones younger and younger, misrepresenting their age, and downloading apps that are meant for those 13 or older.”
“We firmly believe that it’s better for parents to have the option to give their children access to a version of Instagram that is designed for them—where parents can supervise and control their experience—than relying on an app’s ability to verify the age of kids who are too young to have an ID.”
The decision to freeze the development of Instagram Kids after the Wall Street Journal’s exposé regarding an internal survey within Facebook about the harmful effects of Instagram on its teen users.
While many would prefer for Instagram Kids to be scrapped entirely, Mosseri has made it clear that the project will be moving forward at some point in the future. He stresses that this kid-friendly version “was never meant for younger kids, but for tweens (aged 10-12)”, and promised parental permission would be a requirement to join. The social network will also show no ads, and only kid-friendly content will be present on the platform.
28/09/2021
New Trojan Steals Gamers' Epic Games and Steam Accounts
A new advanced trojan sold on Russian-speaking underground forums comes with capabilities to steal users' accounts on popular online video game distribution services, including Steam, Epic Games Store, and EA Origin, underscoring a growing threat to the lucrative gaming market.
Cybersecurity firm Kaspersky, which coined the malware "BloodyStealer," said it first detected the malicious tool in March 2021 as being advertised for sale at an attractive price of 700 RUB (less than $10) for one month or $40 for a lifetime subscription. Attacks using Bloody Stealer have been uncovered so far in Europe, Latin America, and the Asia-Pacific region.
23/09/2021
A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit
Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table (WPBT) affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices.
"These flaws make every Windows system vulnerable to easily-crafted attacks that install fraudulent vendor-specific tables," researchers from Eclypsium said in a report published on Monday. "These tables can be exploited by attackers with direct physical access, with remote access, or through manufacturer supply chains. More importantly, these motherboard-level flaws can obviate initiatives like Secured-core because of the ubiquitous usage of ACPI [Advanced Configuration and Power Interface] and WPBT."
22/09/2021
New Malware Infiltrates WordPress Sites and Installs Backdoor Plugin
A recently discovered wave of malware attacks has been spotted using a variety of tactics to enslave susceptible machines with easy-to-guess administrative credentials to co-opt them into a network with the goal of illegally mining cryptocurrency.
"The malware's primary tactic is to spread by taking advantage of vulnerable systems and weak administrative credentials. Once they've been infected, these systems are then used to mine cryptocurrency," Akamai security researcher Larry Cashdollar said in a write-up published last week.
21/09/2021
New Malware Infiltrates WordPress Sites and Installs Backdoor Plugin
A recently discovered wave of malware attacks has been spotted using a variety of tactics to enslave susceptible machines with easy-to-guess administrative credentials to co-opt them into a network with the goal of illegally mining cryptocurrency.
"The malware's primary tactic is to spread by taking advantage of vulnerable systems and weak administrative credentials. Once they've been infected, these systems are then used to mine cryptocurrency," Akamai security researcher Larry Cashdollar said in a write-up published last week.
20/09/2021
Windows 11 is no longer compatible with Oracle VirtualBox VMs
Windows 11 is no longer compatible with the immensely popular Oracle VirtualBox virtualization platform after Microsoft changed its hardware requirement policies for virtual machines.
When Microsoft first announced Windows 11, they stated that computers needed new system requirements to install the operating system, including a TPM 2.0 security processor and Secure Boot.
However, as the enterprise and software developers commonly use virtual machines to test new operating systems, Microsoft said that Windows 11 would not check for compatible hardware when installed or upgraded.
15/09/2021
You Can Now Sign-in to Your Microsoft Accounts Without a Password
Microsoft on Wednesday announced a new passwordless mechanism that allows users to access their accounts without a password by using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email.
The change is expected to be rolled out in the coming weeks.
"Except for auto-generated passwords that are nearly impossible to remember, we largely create our own passwords," said Vasu Jakkal, Microsoft's corporate vice president for Security, Compliance, and Identity. "But, given the vulnerability of passwords, requirements for them have gotten increasingly complex in recent years, including multiple symbols, numbers, case sensitivity, and disallowing previous passwords."
Customers can use the new feature to sign in to Microsoft services such as Microsoft 365, Teams, Outlook, OneDrive, and Family Safety, but after linking their personal accounts to an authenticator app like Microsoft Authenticator, and turning on the "Passwordless Account" setting under Advanced Security Options > Additional Security Options.
13/09/2021
WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud
WhatsApp have announced they will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner.
The optional feature, which will go live to all of its two billion users in the coming weeks, is expected to only work on the primary devices tied to their accounts, and not companion devices such as desktops or laptops that simply mirror the content of WhatsApp on the phones.
"With end-to-end encrypted backups enabled, before storing backups in the cloud, the client encrypts the chat messages and all the messaging data (i.e. text, photos, videos, etc.) that is being backed up using a random key that's generated on the user's device" .
09/09/2021
Hackers leak passwords for 500,000 Fortinet VPN accounts
A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer.
While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid.
08/09/2021
Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows
Attackers are actively attempting to exploit a vulnerability in MSHTML that allows them to craft a malicious ActiveX control to be used by Microsoft Office files.
Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution (RCE) vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents.
Microsoft has not revealed much about the MSHTML bug, tracked as CVE-2021-40444, beyond that it is “aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,” according to an advisory released Tuesday.
07/09/2021
UK data watchdog brings cookies to G7 meeting
Cookies are on the menu today for the G7 as the UK's Information Commissioner's Office (ICO) proposes to the group of leading global economies that consent pop-ups should be reduced.
The ICO said it would call on fellow G7 data protection and privacy authorities – three of which used to be its fellow EU member states – to work together to overhaul cookie consent pop-ups to make people's privacy "more meaningfully protected" and help businesses offer "a better web browsing experience."
Information commissioner Elizabeth Denham, who is set to chair today's virtual meeting of G7 data protection authorities, plans to present an idea on how to improve the current cookie consent mechanism, making web browsing smoother and more business-friendly while better protecting personal data, an official statement said.
07/09/2021
Traffic Exchange Networks Distributing Malware Disguised as Cracked Software
An ongoing campaign has been found to leverage a network of websites acting as a "dropper as a service" to deliver a bundle of malware payloads to victims looking for "cracked" versions of popular business and consumer applications.
"These malware included an assortment of click fraud bots, other information stealers, and even ransomware," researchers from cyber security firm Sophos said in a report published last week.
The attacks work by taking advantage of a number of bait pages hosted on WordPress that contain "download" links to software packages, which, when clicked, redirect the victims to a different website that delivers potentially unwanted browser plug-ins and malware, such as installers for Raccoon Stealer, Stop ransomware, the Glupteba backdoor, and a variety of malicious cryptocurrency miners that masquerade as antivirus solutions.
06/09/2021
Netgear fixes severe security bugs in over a dozen smart switches
Netgear has released firmware updates for more than a dozen of its smart switches used on corporate networks to address high-severity vulnerabilities.
The company fixed three security flaw that affect 20 Netgear products, mostly smart switches. Technical details and proof-of-concept (PoC) exploit code for two of the bugs are publicly available.
03/09/2021
Apple delays controversial photo scanning plan
Apple is delaying plans for an update that would use detect controversial photos as they’re uploaded to iCloud Photos from iPhones, the company announced.
The reversal comes less than a month after Apple announced the change, during which the company came under heavy criticism from privacy advocates who contended it could enable government surveillance requests. Apple also delayed the rollout of a feature that would scan iMessage images sent or received by children, and notify parents if the children are young enough.
The plans stood to jeopardize Apple’s positioning as the tech giant that most valued privacy, but came as it faced pressure from governments and child advocacy groups to do more to combat sensetive materials.
“Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features,” the company said in a brief statement.
Critics said the client-side scanning plans amounted to a backdoor into its systems that could lead to further abuses, and threatened end-to-end encryption.
Follow Us
Be the first to know
You might also like
