Security News > 2021 > September

Cybersecurity researchers on Tuesday disclosed details about a zero-click security vulnerability in Linphone Session Initiation Protocol stack that could be remotely exploited without any action from a victim to crash the SIP client and cause a denial-of-service condition. Linphone is an open-source and cross-platform SIP client with support for voice and video calls, end-to-end encrypted messaging, and audio conference calls, among others.

Threat actors are capitalizing on the growing popularity of proxyware platforms like Honeygain and Nanowire to monetize their own malware campaigns, once again illustrating how attackers are quick to repurpose and weaponize legitimate platforms to their advantage. "Malware is currently leveraging these platforms to monetize the internet bandwidth of victims, similar to how malicious cryptocurrency mining attempts to monetize the CPU cycles of infected systems," researchers from Cisco Talos said in a Tuesday analysis.

Network-attached storage appliance maker QNAP said it's currently investigating two recently patched security flaws in OpenSSL to determine their potential impact, adding it will release security updates should its products turn out to be vulnerable. "A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash," according to the advisory for CVE-2021-3711.

New vulnerabilities have been discovered in Fortress S03 Wi-Fi Home Security System that could be potentially abused by a malicious party to gain unauthorized access with an aim to alter system behavior, including disarming the devices without the victim's knowledge. The Fortress S03 Wi-Fi Home Security System is a do-it-yourself alarm system that enables users to secure their homes and small businesses from burglars, fires, gas leaks, and water leaks by leveraging Wi-Fi and RFID technology for keyless entry.

Offboarding employees securely is a key problem for business leaders, with 40% concerned that employees who leave a company retain knowledge of passwords that grant access to corporate data. This is according to A research by My1Login, which found few organizations are implementing access management solutions that work with all applications, meaning most lack the ability to revoke access to all corporate data as soon as an employee leaves.

A dropper-as-a-service, which cyber-crime newbies can use to easily get their malware onto thousands of victims' PCs, has been dissected and documented this week. The dropper is similar to a trojan, and it can sometimes have other functionality, but its main purpose is to get malware - which could be fetched from the internet, or unpacked from data within the dropper - running on a victim's computer.

Among key findings, an external attacker can penetrate the corporate network at 91% of industrial organizations, and penetration testers gained access to the industrial control system networks at 75% of these companies. Once criminals have obtained access to ICS components, they can shutdown entire productions, cause equipment to fail, trigger chemical spills and even industrial accidents that could cause series harm to industrial employees or even death.

The global network traffic analysis market size is anticipated to reach $5.69 billion by 2028, expanding at a CAGR of 9.7% from 2021 to 2028, according to a study conducted by Grand View Research. Network Traffic Analysis comprises general network operations and management; recording, reviewing, and analyzing the network traffic for performance and security; and identifying the anomalies.

A now-patched high-severity security vulnerability in WhatApp's image filter feature could have been abused to send a malicious image over the messaging app to read sensitive information from the app's memory. Tracked as CVE-2020-1910, the flaw concerns an out-of-bounds read/write and stems from applying specific image filters to a rogue image and sending the altered image to an unwitting recipient, thereby enabling an attacker to access valuable data stored the app's memory.

Investment in technology and data infrastructure sit at the top of asset managers' priorities as they position themselves to deliver business growth in the recovery from the COVID-19 pandemic. 56% say their investment will focus on these areas over the next 12 months and for 47% on ensuring ESG compliance across their product range.