12-09-202114-09-2021

Security daily (13-09-2021)

Protect your remote workforce by using a managed DNS firewall and network firewall

More of our customers are adopting flexible work-from-home and remote work strategies that use virtual desktop solutions, such as Amazon WorkSpaces and Amazon AppStream 2.0, to deliver their user applications. Securing these workloads benefits from a layered approach, and this post focuses on protecting your users at the network level. Customers can now apply these […] (AWS Security Blog)

Apple patches against alleged NSO Group zero-click exploit used on activists

Apple released a patch Monday against two security vulnerabilities, one of which the Israeli surveillance company NSO Group has exploited, according to researchers. The updated iOS software patches against a zero-click exploit that uses iMessage to launch malicious code, which in turn allows NSO Group clients to infiltrate targets — including the phone of a Saudi activist in March, researchers at Citizen Lab said. The exploit uses a manipulated gif to crash Apple’s image rendering library. It then launches spyware that researchers say shares distinct features with NSO Group’s Pegasus spyware. Researchers have named the exploit “FORCEDENTRY.” Zero-click exploits prove especially dangerous because they don’t require users to open the malicious message or link for hackers to gain access to your phone. Researchers are urging Apple Mac, iPhone and Apple Watch users to immediately update their iOS software. The NSO Group exploit was a zero-day, or previously unknown, vulnerability. It’s […] The post Apple patches against alleged NSO Group zero-click exploit used on activists appeared first on CyberScoop. (CyberScoop)

CISA hires long-time cyber pro Kiersten Todt as chief of staff

The Cybersecurity and Infrastructure Security Agency is getting Kiersten Todt — a veteran of cyber-focused roles in the executive branch, on Capitol Hill and the private sector — as its chief of staff. Todt has been heading up the Cyber Readiness Institute, a non-profit focused on developing cybersecurity tools for small businesses. She now returns to the public sector at CISA, housed within the Department of Homeland Security. When she last worked for the federal government, it was as executive director of President Barack Obama’s Commission on Enhancing National Cybersecurity. Among the recommendations in its 2016 final report: creation of an agency just like CISA. Now, at CISA, Todt will focus on long-range objectives, allocating resources and the CISA workforce. “I look forward to shaping CISA’s long-term planning and working with industry, federal agencies, and state, local, tribal, and territorial government partners to chart the path forward for a more […] The post CISA hires long-time cyber pro Kiersten Todt as chief of staff appeared first on CyberScoop. (CyberScoop)

Olympus investigating reported ransomware attack with BlackMatter hallmarks

A Japanese technology manufacturer confirmed it is investigating a reported ransomware attack affecting business units in Europe, the Middle East and Africa dating back to Sept. 8. In a statement Saturday, Tokyo-based Olympus said it’s looking into “a potential cybersecurity incident” that resulted in the suspicion of data transfers between relevant systems. The apparent breach is in fact a ransomware incident that began on Sept. 8 carried out by a hacker who claims to be affiliated with the BlackMatter extortion group, TechCrunch first reported. The attacker included a note on infected computers promising to decrypt the relevant systems in exchange for payment, according to TechCrunch. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue,” the company said. The ransom message directed recipients to visit a page reportedly known to be affiliated […] The post Olympus investigating reported ransomware attack with BlackMatter hallmarks appeared first on CyberScoop. (CyberScoop)

Serious Security: How to make sure you don’t miss bug reports!

Hey, let's create a text file that lists our security contacts! We'll call it... security DOT txt. (Naked Security)

Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware

Apple has released iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 to fix two actively exploited vulnerabilities, one of which defeated extra security protections built into the operating system. The list of two flaws is as follows -

CVE-2021-30858 (WebKit) - A use after free issue that could result in arbitrary code execution when processing maliciously crafted web (The Hacker News)

Critical Bug Reported in NPM Package With Millions of Downloads Weekly

A widely used NPM package called 'Pac-Resolver' for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent.  The flaw, tracked as CVE-2021-23406, has a severity rating of 8.1 on the CVSS vulnerability scoring system and affects (The Hacker News)

Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches. (Threatpost)

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key?

How did Kaseya get a universal decryptor after a mind-bogglingly big ransomware attack? A REvil coder misclicked, generated & issued it, and “That’s how we sh*t ourselves.” (Threatpost)

12-09-202114-09-2021

/security-daily/ 14-09-2021 23:44:22