Security news weekly round-up - 26th November 2021

Habdul Hazeez - Nov 26 '21 - - Dev Community

Introduction

Hello there. Welcome to this week's review, I am your host Habdul Hazeez.

This week's review is mostly about malware. One news is about a bug and the other, a data breach that affected GoDaddy.

Grab a cup of coffee, and let's get started.


Malware downloaded from PyPI 41,000 times was surprisingly stealthy

Always take a second look at your project dependencies. It won't hurt.

Excerpt from the article:

PyPI—the open source repository that both large and small organizations use to download code libraries—was hosting 11 malicious packages that were downloaded more than 41,000 times in one of the latest reported such incidents threatening the software supply chain.

GoDaddy Data Breach Exposes Over 1 Million WordPress Customers' Data

No system is safe.

Excerpt from the article:

GoDaddy said it's in the process of issuing and installing new certificates for the impacted customers. As a precautionary measure, the company also stated it has reset the affected passwords and it's bolstering its provisioning system with added security protections.

Over nine million Android devices infected by info-stealing trojan

In this modern age, our smartphones make us superhuman, at the same time, we need to keep them safe as much as we can.

Excerpt from the article:

A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps. 

The trojan is detected by Dr.Web as 'Android.Cynos.7.origin' and is a modified version of the Cynos malware designed to collect sensitive user data.

Stealthy new JavaScript malware infects Windows PCs with RATs

I'll advise you to invest in a good AV.

Excerpt from the article:

The infection begins with a phishing email containing a malicious JavaScript attachment named with a '.TXT.js' double-extension. As Windows hides extensions by default, if a recipient saves the file to their computer, it will appear as a harmless text file.

New Linux malware hides in cron jobs with invalid dates

Stay safe.

Excerpt from the article:

Dubbed CronRAT, the malware is currently targeting web stores and enables attackers to steal credit card data by deploying online payment skimmers on Linux servers.

Characterized by both ingenuity and sophistication, as far as malware for online stores is concerned, CronRAT is undetected by many antivirus engines.

Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

The title says it all.

Excerpt from the article:

"[T]he stealer is a PowerShell script, short with powerful collection capabilities — in only ~150 lines, it provides the adversary a lot of critical information including screen captures, Telegram files, document collection, and extensive data about the victim's environment," SafeBreach Labs researcher Tomer Bar said in a report published Wednesday.

Eavesdropping Bugs in MediaTek Chips Affect 37% of All Smartphones and IoT Globally

That is quite a scary number.

Excerpt from the article:

The discovery of the flaws is the result of reverse-engineering the Taiwanese company's audio digital signal processor (DSP) unit by Israeli cybersecurity firm Check Point Research, ultimately finding that by stringing them together with other flaws present in a smartphone manufacturer's libraries, the issues uncovered in the chip could lead to local privilege escalation from an Android application.

Support Me

Writing makes me thirsty. I'll appreciate a cup of coffee 😉.

Buy Me A Coffee

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, I'll see you next Friday.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .