Security news weekly round-up - 11th February 2022

Habdul Hazeez - Feb 11 '22 - - Dev Community

This is the first review for this year. I had a heavy workload for the past two months. This prevented me from writing the review. However, I'll sure make time from no time to keep this review running till the end of the year.

Thank you for your understanding. Let's do some review!

Introduction

This week's review is packed with news about malware. From Android malware to ard Skimming malware. Also, we'll cover news related to bugs affecting the WebKit rendering engine and Apple iOS. Grab a cup of coffee and let's get started.

Think before you scan: How fraudsters can exploit QR codes to steal money

This story is about how scammers placed QR codes that can perform malicious activities when they are scanned by an unsuspecting user. Among the actions that such QR codes can perform include redirecting a user to a fraudulent website when making a payment.

Excerpt from the article:

In most scenarios, the attacker will need to generate a malicious QR code that will replace the original one. In other words, the attacks involve social engineering and rely on duping the victim into taking an ill-fated action.

Another Israeli Firm, QuaDream, Caught Weaponizing iPhone Bug for Spyware

iPhone's tout as a privacy-preserving phone has made it a target for Spyware. Last year, Apple patched the bug that was exploited by the Spyware in question.

Excerpt from the article:

The disclosure comes as The New York Times released an eye-opening report late last month highlighting the use of Pegasus by the Central Intelligence Agency (CIA) to help combat terrorism in Djibouti as well as its purchase by a number of countries, including India, Mexico, Saudi Arabia, and the U.A.E.

Fake Windows 11 upgrade installers infect you with RedLine malware

The article's title says it all. I'll like to add that you should download the Windows 11 installer from official channels only. However, if you can not do that, update to Windows 11 via Windows Update on your system.

Excerpt from the article:

According to researchers at HP, who have spotted this campaign, the actors used the seemingly legitimate “windows-upgraded.com” domain for the malware distribution part of their campaign.

The site appears like a genuine Microsoft site and, if the visitor clicked on the ‘Download Now’ button, they received a 1.5 MB ZIP archive named “Windows11InstallationAssistant.zip,” fetched directly from a Discord CDN

'Roaming Mantis' Android Malware Targeting Europeans via Smishing Campaigns

The campaign spreading the Android Malware has been in existence since 2018, now, their focus is on France and Germany.

Excerpt from the article:

Dubbed Roaming Mantis, the latest spate of activities observed in 2021 involve sending fake shipping-related texts containing a URL to a landing page from where Android users are infected with a banking trojan known as Wroba

Critical RCE Flaws in 'PHP Everywhere' Plugin Affect Thousands of WordPress Sites

If you have the plugin installed on your WordPress website, update it immediately.

Excerpt from the article:

WordPress security company Wordfence said it disclosed the shortcomings to the plugin's author, Alexander Fuchs, on January 4, following which updates were issued on January 12, 2022 with version 3.0.0 by removing the vulnerable code entirely.

Apple Says WebKit Zero-Day Hitting iOS, macOS Devices

Zero-day bugs are a nightmare for software vendors and Apple is not an exception with their macOS and iOS operating systems.

Excerpt from the article:

The WebKit flaw, fixed in iOS 15.3.1, iPadOS 15.3.1 and macOS Monterey 12.2.1, is a use-after-free memory corruption issue that was reported by an anonymous researcher. Apple said the WebKit code was cleaned up with improved memory management.

Hundreds of e-commerce sites booby-trapped with payment card-skimming malware

Stay safe while shopping.

Excerpt from the article:

About 500 e-commerce websites were recently found to be compromised by hackers who installed a credit card skimmer that surreptitiously stole sensitive data when visitors attempted to make a purchase.

Support Me

Writing makes me thirsty. I'll appreciate a cup of coffee 😉.

Buy Me A Coffee

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, I'll see you next Friday.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .