02-02-202104-02-2021

Security daily (03-02-2021)

Bad patching practices are a breeding ground for zero-day exploits, Google warns

Customers of major software vendors take comfort whenever a vendor issues a security fix for a critical software vulnerability. The clients expect that software update to keep attackers from stealing sensitive information. But new data from Google’s elite hacking team, Project Zero, suggests that assumption is misplaced. One in four “zero-day,” or previously unknown, software exploits that the Google team tracked in 2020 might have been avoided “if a more thorough investigation and patching effort were explored,” Project Zero researcher Maddie Stone said Wednesday. In some cases, the attackers only changed a line or two of code to turn their old exploit into a new one. Many of the zero-day exploits were for popular internet browsers like Chrome, Firefox or Safari, exposing an array of users around the world. Project Zero’s sample size is modest, covering just 24 exploits in all. But the data points to a need for greater […] The post Bad patching practices are a breeding ground for zero-day exploits, Google warns appeared first on CyberScoop. (CyberScoop)

TikTok says it will do more to slow spread of misinformation videos

TikTok says it will do more to slow down the sharing of information that can’t be completely fact-checked but potentially could be “inauthentic, misleading, or false.” The video-sharing giant says in a blog post that it will put banners over content that “has been reviewed but cannot be conclusively validated.” The clip’s creator will be notified, and then users will get an “Are you sure you want to share this video?” message before being able to amplify it to their followers. The videos may also be rendered ineligible to be included on TikTok’s For You page, a section that drives a significant amount of traffic on the app. TikTok says that it has been partnering with fact-checkers at PolitiFact, Lead Stories, and SciVerify and removing videos with information that is demonstrably false. The plan to put badges on potentially problematic content is geared toward situations where “fact checks are inconclusive […] The post TikTok says it will do more to slow spread of misinformation videos appeared first on CyberScoop. (CyberScoop)

Congress is starting to move on more cyber bills, even if few become law

Congress dramatically ratcheted up the number of cybersecurity bills introduced in the last two years compared to the prior session of Congress, but that didn’t equate to much more of it becoming law, according to a think tank study out today. And while cybersecurity legislation remained a relative oasis of bipartisanship, that tendency sharply dropped off when it came to election security, found the tally from Third Way — which CyberScoop is first reporting. The findings offer potential insights into how the issue is evolving, and where it might go next, even if the trends don’t lend themselves to a simple explanation. In all, lawmakers introduced 316 cybersecurity bills in the 116th Congress that ran from 2019 to 2020, a 40% increase from the 115th Congress. That continues a trend that took off in that session of Congress: The 114th Congress saw just 22 cybersecurity measures offered, the center-left think […] The post Congress is starting to move on more cyber bills, even if few become law appeared first on CyberScoop. (CyberScoop)

SolarWinds issues patches for two new critical bugs found in Orion software

Researchers at security firm Trustwave on Wednesday disclosed two critical vulnerabilities in the same software that suspected Russian spies have exploited to infiltrate multiple U.S. government agencies. One of the bugs could offer an attacker a similar level of control over the software made by federal contractor SolarWinds that the alleged Russians enjoyed, the researchers said. SolarWinds has issued fixes for the vulnerabilities and urged customers to apply them. There is no evidence that malicious hackers have exploited any of the bugs. The analysis of SolarWinds’ Orion software platform — which is used by numerous Fortune 500 firms  — illustrates the greater scrutiny the firm is under since disclosing the supply-chain hack. But it also shows the security benefits of having more outside researchers sift through Orion’s code. “As people were patching against the implant backdoor [used in the espionage campaign], this would provide the ability to get back into […] The post SolarWinds issues patches for two new critical bugs found in Orion software appeared first on CyberScoop. (CyberScoop)

What should you say if you have a data breach? Catch up with Jason Nurse at Sophos Evolve

Learn why it's way better to rehearse what to say if you suffer a data breach than to make it up as you go along. (Naked Security)

Agent Tesla Trojan Kneecaps MS Anti-Malware Interface

(News ≈ Packet Storm)

Crypto Crook Hired Steven Seagal To Promote Scam, Now Faces Charges

(News ≈ Packet Storm)

Three New SolarWinds Vulnerabilities Found And Patched

(News ≈ Packet Storm)

Recent Root Giving Sudo Bug Also Impacts macOS

(News ≈ Packet Storm)

Emotet’s Takedown: Have We Seen the Last of the Malware?

A week after law enforcement agencies said they took down Emotet, there has been no sign of the prolific malware. (Threatpost)

Second SolarWinds Attack Group Breaks into USDA Payroll — Report

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. (Threatpost)

New Malware Hijacks Kubernetes Clusters to Mine Monero

Researchers warn that the Hildegard malware is part of 'one of the most complicated attacks targeting Kubernetes.' (Threatpost)

Five Critical Android Bugs Patched, Part of Feb. Security Bulletin

February’s security update for the mobile OS includes a Qualcomm flaw rated critical, with a CVSS score of 9.8. (Threatpost)

SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover

The by-now infamous company has issued patches for three security vulnerabilities in total. (Threatpost)

02-02-202104-02-2021

/security-daily/ 04-02-2021 23:44:22