Security News > 2021 > January
Google has added a new feature to the Chrome web browser that will make it easier to check if their stored passwords are weak and easy to guess, exposing users to brute force attacks or password cracking attempts. Google Chrome allows creating, storing, and filling your passwords with a mouse click while browsing the web using a built-in password manager.
A recently identified piece of malware is targeting Linux devices to ensnare them into a botnet capable of malicious activities such as distributed denial of service and crypto-mining attacks. Dubbed FreakOut, the malware is infecting devices that haven't yet received patches for three relatively new vulnerabilities, including one that was made public earlier this month.
Cybersecurity firm Malwarebytes on Tuesday revealed that it too was targeted by the hackers who breached the systems of Texas-based IT management company SolarWinds as part of a sophisticated supply chain attack. Malwarebytes says it has not used any SolarWinds products, but its investigation revealed that the threat actor gained access to some of its systems by abusing applications with privileged access to Microsoft 365 and Azure environments.
Element Matrix Services is adding a bridge between hipster chat platform Slack and the open-source world of Matrix messaging. To ease the journey from the centralised world of Slack, Element Matrix Services - a hosting platform for Matrix - is adding a managed bridge for connecting Slack to the Matrix ecosystem.
The 14GB leaked database contains 77,159,696 records with users' email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information. Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that Nitro Software claims to have over 10,000 business customers and roughly 1.8 million licensed users.
Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers. The hackers delivered the exploits through watering-hole attacks, which compromise sites frequented by the targets of interest and lace the sites with code that installs malware on visitors' devices.
Researchers at Israel-based boutique cybersecurity consultancy JSOF this week disclosed the details of seven potentially serious DNS-related vulnerabilities that could expose millions of devices to various types of attacks. Its DNS subsystem "Provides a local DNS server for the network, with forwarding of all query types to upstream recursive DNS servers and caching of common record types."
A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers' ingenous lateral movement techniques and the release of an auditing script by FireEye researchers that organizations can use to check their Microsoft 365 tenants for signs of intrusion. On Tuesday, Malwarebytes CEO Marcin Kleczynski disclosed that the same attackers targeted and breached the company, but not through the compromised SolarWinds Orion platform.
The 2020-2021 State of Web Application Security Report is out from cybersecurity vendor Radware, and it paints a grim picture of security over the past 12 months and a similarly bleak view for the rest of 2021. Among the findings Radware uncovered in its survey of 205 IT security decision-makers are such startling statistics as 98% of respondents saying their apps were subject to an attack in 2020, 92% of organizations are excluding security teams from CI/CD workflows, only 36% of mobile applications have integrated security into their development, and only 27% completely trust the security of their public cloud platforms despite 70% of apps being hosted in the cloud.
Although a majority of the messaging apps today rely on WebRTC for communication, the connections themselves are created by exchanging call set-up information using Session Description Protocol between peers in what's called signaling, which typically works by sending an SDP offer from the caller's end, to which the callee responds with an SDP answer. Not only did the flaws in the apps allow calls to be connected without interaction from the callee, but they also potentially permitted the caller to force a callee device to transmit audio or video data.