Security News > 2021 > May

A heap overflow vulnerability in Qualcomm's Snapdragon 855 system-on-chip modem firmware, used in Android devices, could be exploited by baddies to run arbitrary code on unsuspecting users' devices, according to Check Point. The software bug, tracked as CVE-2020-11292, can be abused to trigger a heap overflow in devices that use a Qualcomm Mobile Station Modem chip, thanks to some in-depth jiggery-pokery in the Qualcomm MSM Interface voice service API. "If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations," said some not-at-all-excitable researchers from Israeli security firm Check Point in a blog post today.

A student's attempt to pirate an expensive data visualization software led to a full-blown Ryuk ransomware attack at a European biomolecular research institute. After the research institute suffered a Ryuk ransomware attack, Sophos' Rapid Response team responded and neutralized the cyberattack.

Jack Wallen walks you through the steps of installing both Linux Malware Detection and ClamAV for a reliable one-two punch of malware and virus prevention. With your Linux servers, you might have any number of users logging in and saving files to numerous directories.

Google announced the introduction of a privacy information section on the entries of Android applications listed in its Google Play Store digital distribution service starting with Q1 2022. "Today, we're pre-announcing an upcoming safety section in Google Play that will help people understand the data an app collects or shares, if that data is secured, and additional details that impact privacy and security," Suzanne Frey, Product VP for Android Security and Privacy, said.

In a research report published Thursday, cyber threat intelligence provider Check Point Research revealed certain details on a flaw it identified in 2020 in Qualcomm mobile station modem chips, including ones used in 5G devices. Mobile phone makers must apply the patch and roll out the fix to users, which means that any device not yet updated would still be vulnerable.

Belgian ISP Belnet has restored its service after a massive distributed denial of service attack earlier this week that cut off Internet access to numerous government, public, scientific and educational agencies, including Belgium's Parliament and some law-enforcement agencies. Upon investigation, it seems the attack-a coordinated effort targeting the Belgium government-also affected other ISPs in what was the largest DDoS attack the country has seen, according to reports.

The infamous cybercrime organization known as Evil Corp may be running cyberespionage operations on behalf of a Russian intelligence agency, security consulting company Truesec reports. Evil Corp is allegedly run by Russian nationals Maksim Yakubets and Igor Turashev, who were charged by the United States in 2019.

An unknown threat actor used a new stealthy rootkit to backdoor targeted Windows systems what looks like an ongoing espionage campaign dubbed TunnelSnake going back to at least 2018. Rootkits are malicious tools designed to evade detection by burying deep into the operating system and used by attackers to fully take over infected systems while avoiding detection.

Google is marking World Password Day with a blog post summarizing the password management features it offers, and the company announced that it will automatically enroll some accounts in two-step verification. The tech giant has been offering 2SV for Google accounts for years.

I reset all my passwords the other day, since May 6 is World Password Day, a day dedicated to promoting good password management strategies. Take the phrase "I love to eat Boston seafood in the summer!" and generate a password based on that to form IlteBsins! for your password.