Security news weekly round-up - 15th May 2020

Habdul Hazeez - May 15 '20 - - Dev Community

Cover photo by Jazmin Quaynor on Unsplash.

Introduction

Welcome to the weekly round-up of security news from around the Web. I hope your week was fine. You can check the first post in this series if you are curios what this is all about.

In this week round-up we'll go back in time (literally), talk about Malware, some research in computer security, data leaks e.t.c.

It's a lot to read but at least you can bookmark them and find time to read.

Well that's it for the introduction. Let's go!


WannaCry: A trip back in time

I mentioned it earlier that we will go back in time, literally unless we are in Terra Nova. Which year are we travelling to? Well, 2017. Why 2017 of all years? If you don't know a malware named WannaCry caused a global rampage on May 12th, 2017.

The malware destroyed and encrypted computer files but was stopped by a Twitter user using the handle @MalwareTechBlog when he registered a domain found in the malware's source code. As it turns out it was the kill switch.

MalwareTechBlog was later arrested by law enforcement, the full story about the entire scenario was not public until some few days ago at the time of writing.

In a twitter post he tweeted:

Then he tweeted a link to the full story:

The story is published on Wired and it's entitled: The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet.

It's a really long read, you might want to grab a cup of beverage.

Microsoft to drop support for Windows 10 on 32-bit systems

An excerpt from the article:

Microsoft has stated that future versions of Windows 10, starting with the May 2020 Update, will no longer be available as 32-bit builds on new OEM computers.

An update to the Windows 10 Minimum hardware requirements document, Microsoft states that starting with Windows 10 2004, new OEM computers will be required to use 64-bit builds of the operating system.

New Ramsay malware steals files from air-gapped computers

Air-gapped computers are computers isolated from the public internet. They are mostly used by security conscious individuals who work on stuff that they value so much.

You cannot communicate directly with an air-gapped computer, but the author of the new Ramsy found a way to exfiltrate files from an air-gapped computer to a destination of their chosen. Read the article for more information.

Thousands of Android Apps Leak Data Due to Firebase Misconfigurations

We all have apps on our smartphone and devices but sometime they might not behave the way we expect them to. This story is one those case.

An excerpt from the article:

Roughly 30% of all the applications in Google Play are believed to be using Google Firebase to store user data, but many of them are not properly secured. Overall, 4.8% of all mobile apps using Firebase are believed to be leaking personal information, access tokens, and other types of data.

Hackers Breach LineageOS, Ghost, DigiCert Servers Using SaltStack Vulnerability

If you use or know anyone who use custom android ROMS like LineageOS on their device take a look at the story.

An excerpt from the article:

Days after cybersecurity researchers sounded the alarm over two critical vulnerabilities in the SaltStack configuration framework, a hacking campaign has already begun exploiting the flaws to breach servers of LineageOS, Ghost, and DigiCert.

DigitalOcean Data Leak Incident Exposed Some of Its Customers Data

The title says it all. An excerpt from the article:

DigitalOcean, one of the biggest modern web hosting platforms, recently hit with a concerning data leak incident that exposed some of its customers' data to unknown and unauthorized third parties.

Another one:

According to the breach notification email that affected customers received, the data leak happened due to negligence where DigitalOcean 'unintentionally' left an internal document accessible to the Internet without requiring any password.

7 New Flaws Affect All Thunderbolt-equipped Computers Sold in the Last 9 Years

This is an attack that requires physical access to your computer if your computer is equipped with a Thunderbolt port.

Based on the information from the website about the attack an attacker only needs 5 minutes alone with the computer.

Read the linked post for more information or you can visit the website of the attack for more information.


That's it for this week, I'll see you next Friday.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .