Security news weekly round-up - 28th May 2021

Habdul Hazeez - May 28 '21 - - Dev Community

Yeah, it feels like last week, reality, it's 2 weeks already.

Let's get on with it.

Introduction

This week it's mostly about bugs.


Vulnerabilities in billions of Wi-Fi devices let hackers bypass firewalls

It's dubbed FragAttacks and it's bad news.

Excerpt from the article:

FragAttacks allow data to be injected into Wi-Fi traffic, but they don’t make it possible to exfiltrate anything out. That means FragAttacks can’t be used to read passwords or other sensitive information the way a previous Wi-Fi attack of Vanhoef, called Krack, did.

But it turns out that the vulnerabilities—some that have been part of Wi-Fi since its release in 1997—can be exploited to inflict other kinds of damage, particularly if paired with other types of hacks.

New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices

Bluetooth is everywhere, therefore, this article is worthy of your time.

Excerpt from the article:

Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during pairing.

Actively exploited macOS 0-day let hackers take screenshots of infected Macs

Despite it being deemed secured, macOS is still susceptible to attacks.

Excerpt from the article:

Infections came in the form of malicious projects that the attacker wrote for Xcode, a tool that Apple makes available for free to developers writing apps for macOS or other Apple OSes.

Vulnerability in VMware product has severity rating of 9.8 out of 10

It's an RCE (Remote Code Execution) in vCenter Server.

Excerpt from the article:

A VMware advisory said that vCenter machines using default configurations have a bug that, in many networks, allows for the execution of malicious code when the machines are reachable on a port that is exposed to the Internet. The vulnerability is tracked as CVE-2021-21985 and has a severity score of 9.8 out of 10.

Android Apps Expose Sensitive Data Due to Misconfigured Third-Party Services

Humans are not perfect.

Excerpt from the article:

The exposed real-time databases, which are meant to store data in the cloud and keep it continuously synchronized with the client, were not protected by any authentication mechanism, a misconfiguration that allowed anyone to access the information, without authorization.

Apple Patches macOS Big Sur Vulnerability Exploited by Malware

It's time to patch!

Excerpt from the article:

Tracked as CVE-2021-30713, the exploited bug has been described as a bypass of the Transparency Consent and Control (TCC) protections, which control what resources applications have access to. An attacker can exploit it to access data on disk, to record the screen, and gain additional permissions without user interaction.

Newly Discovered Bugs in VSCode Extensions Could Lead to Supply Chain Attacks

Hello, developers who use VSCode, you should read this.

Excerpt from the article:

Some of the extensions in question are "LaTeX Workshop," "Rainbow Fart," "Open in Default Browser," and "Instant Markdown," all of which have cumulatively racked up about two million installations between them.

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, I'll see you next Friday.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .