Security daily (24-09-2021)

AWS achieves GSMA security certification for US East (Ohio) Region

We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that our US East (Ohio) Region (us-east-2) is now certified by the GSM Association (GSMA) under its Security Accreditation Scheme Subscription Management (SAS-SM) with scope Data Center Operations and Management (DCOM). This alignment with GSMA […] (AWS Security Blog)

S3 Ep51: OMIGOD a gaping hole, waybill scams, and Face ID hacked [Podcast]

Latest episode - listen now! (Naked Security)

100M IoT Devices Exposed By Zero-Day Bug

(News ≈ Packet Storm)

Apple Patches 3 More Zero-Days Under Active Attack

(News ≈ Packet Storm)

China Declares All Crypto-Currency Transactions Illegal

(News ≈ Packet Storm)

FBI Withheld Ransomware Key From Businesses Over A Sting

(News ≈ Packet Storm)

Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability

Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a page to show another page as an inset and "perform a seamless transition to a new state, where the (The Hacker News)

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices

Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access (SMA) 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely. Tracked as CVE-2021-20034, the arbitrary file deletion flaw is rated 9.1 out of a maximum of 10 on the CVSS scoring system, and could allow an (The Hacker News)

A New APT Hacker Group Spying On Hotels and Governments Worldwide

A new advanced persistent threat (APT) has been behind a string of attacks against hotels across the world, along with governments, international organizations, engineering companies, and law firms. Slovak cybersecurity firm ESET codenamed the cyber espionage group FamousSparrow, which it said has been active since at least August 2019, with victims located across Africa, Asia, Europe, the (The Hacker News)

Apple's New iCloud Private Relay Service Leaks Users' Real IP Addresses

A new as-yet unpatched weakness in Apple's iCloud Private Relay feature could be circumvented to leak users' true IP addresses from iOS devices running the latest version of the operating system. Introduced as a beta with iOS 15, which was officially released this week, iCloud Private Relay aims to improve anonymity on the web by employing a dual-hop architecture that effectively shields users' (The Hacker News)

Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows

Cybersecurity researchers have disclosed a novel technique adopted by a threat actor to deliberately evade detection with the help of malformed digital signatures of its malware payloads. "Attackers created malformed code signatures that are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code — which is used in a number of security scanning products," Google (The Hacker News)

Cisco Releases Patches 3 New Critical Flaws Affecting IOS XE Software

Networking equipment maker Cisco Systems has rolled out patches to address three critical security vulnerabilities in its IOS XE network operating system that remote attackers could potentially abuse to execute arbitrary code with administrative privileges and trigger a denial-of-service (DoS) condition on vulnerable devices. The list of three flaws is as follows -

CVE-2021-34770 (CVSS score: (The Hacker News)

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days

Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group's Pegasus surveillance tool to target iPhone users. <!--adsense--> Chief among them is CVE-2021-30869, a type confusion flaw (The Hacker News)

High-Severity RCE Flaw Disclosed in Several Netgear Router Models

Networking equipment company Netgear has released patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. <!--adsense--> Traced as CVE-2021-40847 (CVSS score: 8.1), the security weakness impacts the following models -

R6400v2 (fixed in firmware version R6700 (The Hacker News)

Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords

Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. (Threatpost)

TangleBot Malware Reaches Deep into Android Device Functions

The mobile baddie grants itself access to almost everything, enabling spying, data-harvesting, stalking and fraud attacks, among others. (Threatpost)

Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

Unauthenticated cyberattackers can also wreak havoc on networking device configurations. (Threatpost)

Apple Patches 3 More Zero-Days Under Active Attack

One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges. (Threatpost)


/security-daily/ 25-09-2021 23:44:19