Security news weekly round-up - 5th February 2021

Habdul Hazeez - Feb 5 '21 - - Dev Community

Introduction

This week is mostly about staying safe online.


Scammers posing as FBI agents threaten targets with jail time

The title says it all.

Excerpt from the article:

As the FBI warns, the agency has received multiple reports of such scam attempts where the fraudsters are targeting North Florida residents attempting to steal their personal info.

Additionally, "[m]ultiple versions of the government impersonation scam have been reported in recent days, all of which exploit intimidation tactics," the FBI Jacksonville report added.

Malicious Chrome and Edge add-ons had a novel way to hide on 3 million devices

Do not trust any software, and if you can run your browser in a Sandbox.

Excerpt from the article:

Researchers from Prague-based Avast said on Wednesday that the extension developers employed a novel way to hide malicious traffic sent between infected devices and the command and control servers they connected to.

Specifically, the extensions funneled commands into the cache-control headers of traffic that was camouflaged to appear as data related to Google analytics, which websites use to measure visitor interactions.

A New Linux Malware Targeting High-Performance Computing Clusters

Documented by ESET who named it Kobalos.

Excerpt from the article:

Kobalos is a generic backdoor in the sense that it contains broad commands that don't reveal the intent of the attackers.

In short, Kobalos grants remote access to the file system, provides the ability to spawn terminal sessions, and allows proxying connections to other Kobalos-infected servers.

Latest macOS Big Sur also has SUDO root privilege escalation flaw

The title says it all.

Excerpt from the article:

This week, multiple security researchers have noticed that the sudo privilege escalation vulnerability CVE-2021-3156 also impacts the latest version of Apple macOS, Big Sur 11.2.

While the vulnerability was patched in multiple Linux distributions including Ubuntu, Debian, and Fedora, according to Qualys Research Team's original blog disclosure, a fix is not yet available for macOS.

New Chrome Browser 0-day Under Active Attack—Update Immediately!

Kindly update your browser.

Excerpt from the article:

Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.

While it's typical of Google to limit details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft disclosed attacks carried out by North Korean hackers against security researchers with an elaborate social engineering campaign to install a Windows backdoor.

Ransomware attacks increasingly destroy victims’ data by mistake

The title says it all.

Excerpt from the article:

In the last quarter of 2020, Coveware received an increasing number of reports about entire clusters of servers and data shares being wiped out in ransomware attacks.

Typically, ransomware attacks target backup systems and encrypt high-value machines. In these cases, though, there was nothing to recover and victims had to rebuild the systems.

New supply chain attack uses poisoned updates to infect gamers’ computers

Gamers beware.

Excerpt from the article:

The unknown attackers are targeting select users of NoxPlayer, a software package that emulates the Android operating system on PCs and Macs. People use it primarily for playing mobile Android games on these platforms. NoxPlayer-maker BigNox says the software has 150 million users in 150 countries.

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, I'll see you next Friday.---
title: Security news weekly round-up - 5th February 2021
published: false
description: Curated links about computer security from around the web
tags: security
cover_image: https://dev-to-uploads.s3.amazonaws.com/i/0jupjut8w3h9mjwm8m57.jpg

series: Security news weekly round-up

Introduction

This week is mostly about staying safe online.


Scammers posing as FBI agents threaten targets with jail time

The title says it all.

Excerpt from the article:

As the FBI warns, the agency has received multiple reports of such scam attempts where the fraudsters are targeting North Florida residents attempting to steal their personal info.

Additionally, "[m]ultiple versions of the government impersonation scam have been reported in recent days, all of which exploit intimidation tactics," the FBI Jacksonville report added.

Malicious Chrome and Edge add-ons had a novel way to hide on 3 million devices

Do not trust any software, and if you can run your browser in a Sandbox.

Excerpt from the article:

Researchers from Prague-based Avast said on Wednesday that the extension developers employed a novel way to hide malicious traffic sent between infected devices and the command and control servers they connected to.

Specifically, the extensions funneled commands into the cache-control headers of traffic that was camouflaged to appear as data related to Google analytics, which websites use to measure visitor interactions.

A New Linux Malware Targeting High-Performance Computing Clusters

Documented by ESET who named it Kobalos.

Excerpt from the article:

Kobalos is a generic backdoor in the sense that it contains broad commands that don't reveal the intent of the attackers.

In short, Kobalos grants remote access to the file system, provides the ability to spawn terminal sessions, and allows proxying connections to other Kobalos-infected servers.

Latest macOS Big Sur also has SUDO root privilege escalation flaw

The title says it all.

Excerpt from the article:

This week, multiple security researchers have noticed that the sudo privilege escalation vulnerability CVE-2021-3156 also impacts the latest version of Apple macOS, Big Sur 11.2.

While the vulnerability was patched in multiple Linux distributions including Ubuntu, Debian, and Fedora, according to Qualys Research Team's original blog disclosure, a fix is not yet available for macOS.

New Chrome Browser 0-day Under Active Attack—Update Immediately!

Kindly update your browser.

Excerpt from the article:

Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild.

While it's typical of Google to limit details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft disclosed attacks carried out by North Korean hackers against security researchers with an elaborate social engineering campaign to install a Windows backdoor.

Ransomware attacks increasingly destroy victims’ data by mistake

The title says it all.

Excerpt from the article:

In the last quarter of 2020, Coveware received an increasing number of reports about entire clusters of servers and data shares being wiped out in ransomware attacks.

Typically, ransomware attacks target backup systems and encrypt high-value machines. In these cases, though, there was nothing to recover and victims had to rebuild the systems.

New supply chain attack uses poisoned updates to infect gamers’ computers

Gamers beware.

Excerpt from the article:

The unknown attackers are targeting select users of NoxPlayer, a software package that emulates the Android operating system on PCs and Macs. People use it primarily for playing mobile Android games on these platforms. NoxPlayer-maker BigNox says the software has 150 million users in 150 countries.

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, I'll see you next Friday.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .