Security news weekly round-up - 6th August 2021

Habdul Hazeez - Aug 6 '21 - - Dev Community

This is the 11th week in a row, in 3 weeks, we'll equal our previous streak of 14 weeks in a row. Let's go!

Introduction

Hello and welcome to this week's security round-up. As always, I am your host Habdul Hazeez.

Our security review for this week is all about malware and software bugs.

Let's begin.

With help from Google, impersonated Brave.com website pushes malware

The lesson here is to pay attention to the URL of the website that you are visiting. Pay attention.

Excerpt from the article:

The malware detected goes under several names, including ArechClient and SectopRat. A 2019 analysis from security firm G Data found that it was a remote access trojan that was capable of streaming a user’s current desktop or creating a second invisible desktop that attackers could use to browse the Internet.

PwnedPiper PTS Security Flaws Threaten 80% of Hospitals in the U.S.

It's scary. 🙁

Excerpt from the article:

"These vulnerabilities can enable an unauthenticated attacker to take over Translogic PTS stations and essentially gain complete control over the PTS network of a target hospital," Armis researchers Ben Seri and Barak Hadad said.

"This type of control could enable sophisticated and worrisome ransomware attacks, as well as allow attackers to leak sensitive hospital information."

Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices

It does not get any better.

Excerpt from the article:

The shortcomings, collectively dubbed "INFRA:HALT," target NicheStack, potentially enabling an attacker to achieve remote code execution, denial of service, information leak, TCP spoofing, and even DNS cache poisoning

Google Patches Several Chrome Flaws That Can Be Exploited via Malicious Extensions

Update your Web browser.

Excerpt from the article:

It’s important that users update Chrome as soon as possible, considering that the web browser appears to be increasingly targeted in malicious attacks. Google this year patched more than half a dozen actively exploited zero-day flaws.

Several Malware Families Targeting IIS Web Servers With Malicious Modules

IIS is Microsoft's Internet Information Services.

Excerpt from the article:

This is far from the first time Microsoft web server software has emerged a lucrative target for threat actors. Last month, researchers from Israeli cybersecurity firm Sygnia disclosed a series of targeted cyber intrusion attacks undertaken by an advanced, stealthy adversary known as Praying Mantis targeting internet-facing IIS servers to infiltrate high-profile public and private entities in the U.S.

Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs

The title says it all.

Excerpt from the article:

This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface

New DNS vulnerability allows 'nation-state level spying' on companies

I see you from where you see not.

Excerpt from the article:

The exploitation process is quite simple, as they explained: they registered a domain and used it to hijack a DNSaaS provider's nameserver (in their case, Amazon Route 53) which enabled them to wiretap on dynamic DNS traffic streaming from Route 53 customers' networks.

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, I'll see you next Friday.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .