Introduction
We've come to the end of another business week and as usual, it's time for another review from the world of Computer Security.
As always, I am Habdul Hazeez.
The Headlines
This week's edition is packed with news about vulnerabilities in Microsoft, Amazon, and Apple-related products, coupled with news about malware targeting US and Canadian users, and Iran citizens embracing an encryption app called Nahoft.
Now, the review in full.
A new app helps Iranians hide messages in plain sight
We all love privacy, though some might say "I have nothing to hide", (care to share your YouTube watching history? 🤔). Nah, I don't think so.
We'll in this report by the folks at Arstechnica is about an app called Nahoft "that turns up to 1,000 characters of Farsi text into a jumble of random words".
The app was created by United for Iran, a San Francisco — based human rights and civil liberties group amid Internet control, surveillance, and censorship in Iran.
Excerpt from the article:
Nahoft is designed to address multiple aspects of Iran's Internet crackdown. In addition to generating coded messages, the app can also encrypt communications and embed them imperceptibly in image files, a technique known as steganography. Recipients then use Nahoft to inspect the image file on their end and extract the hidden message
New macOS zero-day bug lets attackers run commands remotely
No System is Safe, you lock it pretty well, and someone around the globe will spend countless hours unlocking it.
Moreover, Remote Code Execution is the worst type of bug you can think of.
Excerpt from the article:
The bug, found by independent security researcher Park Minchan, is due to how macOS processes inetloc files, which inadvertently causes it to run any commands embedded by an attacker without any warnings or prompts
Remote Code Execution Vulnerability Found in AWS WorkSpaces
Yeah, yet another RCE, but this time on Amazon Web Services WorkSpaces.
You got to watch out!
Excerpt from the article:
Tracked as CVE-2021-38112, the security bug could be triggered when the user opens a malicious WorkSpaces URI from the browser, allowing a remote attacker to execute arbitrary code on the vulnerable system
Hundreds of Thousands of Credentials Leaked Due to Microsoft Exchange Protocol Flaw
The only thing you should think of when you read the article's title is: Do I have MFA enabled on my account(s)?
If your answer is No, now will be a better time to have MFA on your online accounts that support it.
Excerpt from the article:
Cybersecurity researchers have been able to capture hundreds of thousands of Windows domain and application credentials due to the design and implementation of the Autodiscover protocol used by Microsoft Exchange
Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days
No story on this one.
Update, Update and of course, Update your device.
Excerpt from the article:
The patches are available for devices running macOS Catalina and iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) running iOS 12.5.4
New Android Malware Targeting US, Canadian Users with COVID-19 Lures
Please, stay safe.
Excerpt from the article:
The malware has been given the moniker TangleBot because of its many levels of obfuscation and control over a myriad of entangled device functions, including contacts, SMS and phone capabilities, call logs, internet access, and camera and microphone
How Outlook “autodiscover” could leak your passwords – and how to stop it_
The article is a follow-up of Hundreds of Thousands of Credentials Leaked Due to Microsoft Exchange Protocol Flaw (the fourth link in this article).
Now, go read the article, but before that, here is an excerpt:
- Consider blocking external domains that start with the word
autodiscover
, using your web filtering firewall- Consider activating Outlook’s
Disable Autodiscover
protection using Group Policy
Support Me
Writing makes me thirsty. I'll appreciate a cup of coffee 😉.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, I'll see you next Friday.