Security news weekly round-up - 24th September 2021

Habdul Hazeez - Sep 24 '21 - - Dev Community

Introduction

We've come to the end of another business week and as usual, it's time for another review from the world of Computer Security.

As always, I am Habdul Hazeez.

The Headlines

This week's edition is packed with news about vulnerabilities in Microsoft, Amazon, and Apple-related products, coupled with news about malware targeting US and Canadian users, and Iran citizens embracing an encryption app called Nahoft.

Now, the review in full.


A new app helps Iranians hide messages in plain sight

We all love privacy, though some might say "I have nothing to hide", (care to share your YouTube watching history? 🤔). Nah, I don't think so.

We'll in this report by the folks at Arstechnica is about an app called Nahoft "that turns up to 1,000 characters of Farsi text into a jumble of random words".

The app was created by United for Iran, a San Francisco — based human rights and civil liberties group amid Internet control, surveillance, and censorship in Iran.

Excerpt from the article:

Nahoft is designed to address multiple aspects of Iran's Internet crackdown. In addition to generating coded messages, the app can also encrypt communications and embed them imperceptibly in image files, a technique known as steganography. Recipients then use Nahoft to inspect the image file on their end and extract the hidden message

New macOS zero-day bug lets attackers run commands remotely

No System is Safe, you lock it pretty well, and someone around the globe will spend countless hours unlocking it.

Moreover, Remote Code Execution is the worst type of bug you can think of.

Excerpt from the article:

The bug, found by independent security researcher Park Minchan, is due to how macOS processes inetloc files, which inadvertently causes it to run any commands embedded by an attacker without any warnings or prompts

Remote Code Execution Vulnerability Found in AWS WorkSpaces

Yeah, yet another RCE, but this time on Amazon Web Services WorkSpaces.

You got to watch out!

Excerpt from the article:

Tracked as CVE-2021-38112, the security bug could be triggered when the user opens a malicious WorkSpaces URI from the browser, allowing a remote attacker to execute arbitrary code on the vulnerable system

Hundreds of Thousands of Credentials Leaked Due to Microsoft Exchange Protocol Flaw

The only thing you should think of when you read the article's title is: Do I have MFA enabled on my account(s)?

If your answer is No, now will be a better time to have MFA on your online accounts that support it.

Excerpt from the article:

Cybersecurity researchers have been able to capture hundreds of thousands of Windows domain and application credentials due to the design and implementation of the Autodiscover protocol used by Microsoft Exchange

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days

No story on this one.

Update, Update and of course, Update your device.

Excerpt from the article:

The patches are available for devices running macOS Catalina and iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) running iOS 12.5.4

New Android Malware Targeting US, Canadian Users with COVID-19 Lures

Please, stay safe.

Excerpt from the article:

The malware has been given the moniker TangleBot because of its many levels of obfuscation and control over a myriad of entangled device functions, including contacts, SMS and phone capabilities, call logs, internet access, and camera and microphone

How Outlook “autodiscover” could leak your passwords – and how to stop it_

The article is a follow-up of Hundreds of Thousands of Credentials Leaked Due to Microsoft Exchange Protocol Flaw (the fourth link in this article).

Now, go read the article, but before that, here is an excerpt:

  • Consider blocking external domains that start with the word autodiscover, using your web filtering firewall
  • Consider activating Outlook’s Disable Autodiscover protection using Group Policy

Support Me

Writing makes me thirsty. I'll appreciate a cup of coffee 😉.

Buy Me A Coffee

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, I'll see you next Friday.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .