IT Security Newsletter - 7/16/2021
Microsoft: Israeli firm used Windows zero-days to deploy spyware
Microsoft and Citizen Lab have linked Israeli spyware company Candiru (also tracked as Sourgum) to new Windows spyware dubbed DevilsTongue deployed using now patched Windows zero-day vulnerabilities. "Candiru is a secretive Israel-based company that sells spyware exclusively to governments," Citizen Lab explained in a report published today. "Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts." READ MORE...
Iranian spies tried hacking US military personnel by posing as job recruiters on Facebook
Facebook said on Thursday it upended Iranian government-backed hackers who targeted U.S. military personnel and defense companies on its platform before trying to move conversations elsewhere to infect victims with malware. In a blog post, Facebook linked the campaign to a group known alternately as Tortoiseshell or Imperial Kitten, which primarily had focused on Middle East targets before. This time, they were mainly preoccupied with the United States. READ MORE...
Google patches 8th Chrome zero-day exploited in the wild this year
Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux to fix seven security vulnerabilities, one of them a high severity zero-day vulnerability exploited in the wild. "Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild," the company revealed. The new Chrome release has started rolling out worldwide to the Stable desktop channel and will become available to all users over the following days. READ MORE...
Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases
A critical SQL-injection security vulnerability in the WooCommerce e-commerce platform and a related plugin has been under attack as a zero-day bug, researchers have disclosed. The exploitation prompted WooCommerce to release an emergency patch for the issue late on Wednesday. The bug could allow unauthenticated cyberattackers to make off with scads of information from an online store's database - anything from customer data and payment-card info to employee credentials. READ MORE...
SonicWall warns users of "imminent ransomware campaign"
SonicWall has issued an urgent security notice warning users of unpatched End-Of-Life (EOL) SRA & SMA 8.X remote access devices that they have been made aware of an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of SonicWall firmware. In addition to the notice posted to its website, SonicWall sent out an email to anyone using SMA and SRA devices, urging some to disconnect specific devices immediately. READ MORE...
State Dept. to Pay Up to $10M for Information on Foreign Cyberattacks
The United States will pay up to $10 million for information on cyberattacks against critical infrastructure that violate the nation's anti-hacking statute, the Computer Fraud and Abuse Act (CFAA), and that are carried out "at the direction or under the control of a foreign government," the US Department of State announced on July 15. The State Department's Rewards for Justice office will run the program, operating a Tor-based tip channel to receive information on potential foreign-directed hacking. READ MORE...
Microsoft: New Unpatched Bug in Windows Print Spooler
Microsoft has warned of yet another vulnerability that's been discovered in its Windows Print Spooler that can allow attackers to elevate privilege to gain full user rights to a system. The advisory comes on the heels of patching two other remote code-execution (RCE) bugs found in the print service that collectively became known as PrintNightmare. The vulnerability "exists when the Windows Print Spooler service improperly performs privileged file operations," according to Microsoft. READ MORE...
- ...in 1790, Congress declares Washington, D.C. the new capital.
- ...in 1945, at 5:29:45 a.m., the Manhattan Project comes to an explosive end as the first atom bomb is successfully tested in Alamogordo, New Mexico.
- ...in 1951, J.D. Salinger's only novel, "The Catcher in the Rye", is published.
- ...in 1969, Apollo 11 is launched from the Kennedy Space Center in Merritt Island, FL.