02-05-202104-05-2021

Security daily (03-05-2021)

How to confirm your automated Amazon EBS snapshots are still created after the TLS 1.2 uplift on AWS FIPS endpoints

We are happy to announce that all AWS Federal Information Processing Standard (FIPS) endpoints have been updated to only accept a minimum of Transport Layer Security (TLS) 1.2 connections. This ensures that our customers who run regulated workloads can meet FedRAMP compliance requirements that mandate a minimum of TLS 1.2 encryption for data in transit. Attempts […] (AWS Security Blog)

Apple issues security update for WebKit flaws

Apple released a series of security updates Monday to counter hackers actively exploiting two flaws affecting some later-generation iPhones, as well as a whole host of iPad and iPod models. The update includes a fix for one of the flaws, a memory corruption issue, would have allowed hackers to arbitrarily execute code on victim devices, Apple said. The other flaw that Apple fixed would have allowed external actors to execute arbitrary code, too. Both of the issues affected WebKit, Apple’s web browser engine. Apple acknowledged that there are reports that hackers have been exploiting both issues in the wild to hack victims’ devices. Apple does not identify which hackers have been taking advantage of the vulnerabilities. It’s just the latest vulnerability cleanup Apple has had to grapple with in the past several months. Last week Apple pushed a security update that addressed a logic bug that made it so hackers […] The post Apple issues security update for WebKit flaws appeared first on CyberScoop. (CyberScoop)

Magecart scammers aim at restaurants' online delivery systems

Cybercriminals are increasingly targeting third-party infrastructure that restaurants across the U.S. use to place online orders, private investigators have found. The last six months have seen hacks of five online ordering platforms, exposing some 343,000 payment cards, threat intelligence firm Gemini Advisory said on April 29. Hundreds of restaurants use the platforms — which include services with names like Easy Ordering, MenuSifu, Food Dudes Delivery, Grabull and E-Dining Express, according to Gemini Advisory researchers — and crooks seem to know it. The coronavirus pandemic has only heightened criminals’ interest in online payment systems as people order delivery from restaurants in droves. “Attacks such as these are appealing because breaching the website of a single online ordering platform can compromise transactions at dozens or even hundreds of restaurants,” Gemini Advisory analysts wrote in a blog post. One of the breaches tracked by Gemini Advisory saw the attacker use an attack technique […] The post Magecart scammers aim at restaurants' online delivery systems appeared first on CyberScoop. (CyberScoop)

Naked Security Live – Beware ‘Flubot’: the home delivery scam with a difference

Here's the latest Naked Security talk - watch now! (Naked Security)

New Buer Malware Downloader Rewritten In E-Z Rust Language

(News ≈ Packet Storm)

Experian API Leaks Most Americans' Credit Scores

(News ≈ Packet Storm)

An Ambitious Plan To Tackle Ransomware Faces Long Odds

(News ≈ Packet Storm)

You Should Update Your iPhone And iPad To iOS 14.5.1 Right Away

(News ≈ Packet Storm)

Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks

Apple on Monday released security updates for iOS, macOS, and watchOS to address three zero-day flaws and expand patches for a fourth vulnerability that the company said might have been exploited in the wild. <!--adsense--> The weaknesses all concern WebKit, the browser engine which powers Safari and other third-party web browsers in iOS, allowing an adversary to execute arbitrary code on target (The Hacker News)

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Most mobile app users tend to blindly trust that the apps they download from app stores are safe and secure. But that isn't always the case. To demonstrate the pitfalls and identify vulnerabilities on a large scale, cybersecurity and machine intelligence company CloudSEK recently provided a platform called BeVigil where individuals can search and check app security ratings and other security (The Hacker News)

A Rust-based Buer Malware Variant Has Been Spotted in the Wild

Cybersecurity researchers on Monday disclosed a new malspam campaign distributing a fresh variant of a malware loader called "Buer" written in Rust, illustrating how adversaries are constantly honing their malware toolsets to evade analysis. Dubbed "RustyBuer," the malware is propagated via emails masquerading as shipping notices from DHL Support, and is said to have affected no fewer than 200 (The Hacker News)

New Chinese Malware Targeted Russia's Largest Nuclear Submarine Designer

A threat actor believed to be working on behalf of Chinese state-sponsored interests was recently observed targeting a Russia-based defense contractor involved in designing nuclear submarines for the naval arm of the Russian Armed Forces. The phishing attack, which singled out a general director working at the Rubin Design Bureau, leveraged the infamous "Royal Road" Rich Text Format (RTF) (The Hacker News)

Scripps Health Cyberattack Causes Widespread Hospital Outages

The San Diego-based hospital system diverted ambulances to other medical centers after a suspected ransomware attack. (Threatpost)

New Attacks Slaughter All Spectre Defenses 

The 3+ years computer scientists spent concocting ways to defend against these supply-chain attacks against chip architecture? It's bound for the dustbin. (Threatpost)

Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool

Researchers warned that unpatched versions of HPE’s Edgeline Infrastructure Manager are open to remote authentication-bypass attacks. (Threatpost)

Deepfake Attacks Are About to Surge, Experts Warn

New deepfake products and services are cropping up across the Dark Web. (Threatpost)

02-05-202104-05-2021

/security-daily/ 04-05-2021 23:44:23