<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 5/8/2020

SHARE

Hacking

Search Company Algolia Hacked via Recent Salt Vulnerabilities

A couple of Salt vulnerabilities addressed last week were abused over the weekend to hack Algolia's infrastructure, the search-as-a-service startup revealed. An open-source configuration tool designed for monitoring and updating the state of servers deployed in datacenters and in the cloud, Salt was recently found to be impacted by two issues that could allow attackers to execute arbitrary commands. READ MORE...


Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

A Monero cryptocurrency-mining campaign has emerged that exploits a known vulnerability in public-facing web applications built on the ASP.NET open-source web framework. The campaign has been dubbed Blue Mockingbird by the analysts at Red Canary that discovered the activity. Research uncovered that the cybercriminal gang is exploiting a deserialization vulnerability, CVE-2019-18935, which can allow remote code execution. READ MORE...

Software Updates

For six years Samsung smartphone users have been at risk from critical security bug. Patch now

Samsung has released a security update for its popular Android smartphones which includes a critical fix for a vulnerability that affects all devices sold by the manufacturer since 2014. On its Android security update page Samsung thanks researcher Mateusz Jurczyk of Google Project Zero for the discovery of the vulnerability that could - he claims - be exploited to run malicious code on a targeted device, without alerting the user. READ MORE...


Cisco Patches High Severity Vulnerabilities in Security Products

Cisco this week released security updates to address more than 30 vulnerabilities in various products, including 12 high severity flaws impacting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD). The most important of these issues is tracked as CVE-2020-3187 (CVSS score of 9.1) and could be exploited to conduct directory traversal attacks and then read or delete sensitive files on a vulnerable system. READ MORE...

Malware

A discovered malware sample uses code from the NSA and a Chinese hacking group

According to new research from ESET, a code obfuscation tool that's been linked to Chinese-based hackers has been used in tandem with an implant that has been attributed to Equation Group, a hacking faction that is broadly believed to have ties to the National Security Agency. ESET says the obfuscation tool is linked with Winnti Group, while the implant, known as PeddleCheap, appeared in an April 2017 leak from the mysterious group known as the Shadow Brokers. READ MORE...


How a favicon delivered a web credit card skimmer to victims

Cyber crooks deploying web credit card skimmers on compromised Magento websites have a new trick up their sleeve: favicons that "turn" malicious when victims visit a checkout page. Favicons is a file containing one or more small icons associated with a website and are usually displayed in the browser's address bar, on the tab in which a website has been opened, and in the bookmarks. READ MORE...

Information Security

A mistake at Facebook broke Spotify, Venmo, TikTok, and other iPhone apps

Users of numerous popular iPhone apps such as Spotify, Venmo, Tinder, TikTok, DoorDash, and Pinterest experienced persistent app crashes as a result of a bug in Facebook's SDK this week. The crash reports began coming in around 6:30pm Eastern yesterday, but the issue has since been resolved. Not long after the problem emerged, it was revealed to have been caused by a server-side change by Facebook. READ MORE...

Exploits/Vulnerabilities

New "Aria-body" backdoor gets advanced hackers back in the spy game

An advanced hacker group running cyber-espionage campaigns since at least 2010 has been operating stealthily over the past five years. They deliver a new backdoor called Aria-body and use victims' infrastructure to carry attacks against other targets. Multiple variants of the malware have been discovered and one of them was recently delivered to the Australian government via a malicious email. READ MORE...

On This Date

  • ...in 1886, pharmacist John Pemberton first sells his new patent medicine, a drink he calls "Coca-Cola".
  • ...in 1911, blues legend and rock inspiration Robert Johnson ("Sweet Home Chicago", "Cross Road Blues") is born in Hazlehurst, MS.
  • ...in 1914, Paramount Pictures is founded. The stars in the famous mountain logo represent the first 22 performers signed by the studio.
  • ...in 1945, the Allies celebrate VE day, after the unconditional surrender of the European Axis powers.