Security News > 2021

Project Zero, Google's 0day bug-hunting team, shared technical details and proof-of-concept exploit code for a critical remote code execution bug affecting a Windows graphics component. The Project Zero researchers discovered the vulnerability, tracked as CVE-2021-24093, in a high-quality text rendering Windows API named Microsoft DirectWrite.

With browser makers steadily clamping down on third-party tracking, advertising technology companies are increasingly embracing a DNS technique to evade such defenses, thereby posing a threat to web security and privacy. In other words, CNAME cloaking makes tracking code look like it's first-party when in fact, it is not, with the resource resolving through a CNAME that differs from that of the first party domain.

Researchers have uncovered gaps in Amazon's skill vetting process for the Alexa voice assistant ecosystem that could allow a malicious actor to publish a deceptive skill under any arbitrary developer name and even make backend code changes after approval to trick users into giving up sensitive information. Amazon Alexa allows third-party developers to create additional functionality for devices such as Echo smart speakers by configuring "Skills" that run on top of the voice assistant, thereby making it easy for users to initiate a conversation with the skill and complete a specific task.

The number of attacks had slowed down after the winter holidays, but after the past two weeks, it's evident that the ransomware attacks are back at full speed. Canadian Discount Car and Truck Rentals has been hit with a DarkSide ransomware attack where the hackers claim to have stolen 120GB of data.

What many incorrectly call RS232 is supposed to be seven bits of data a parity bit and a start bit and one or one and a half stop bits That means much of the time you have ten bits on the line for every seven data bits sent thus 70% -or worse- bandwidth utilization. There are two basic solutions use a lower level physical "Manchester Encoding" or split the data into 8bit bytes and send them asynchronously as is seen in early protocols prior to and including PPP still used for dialup data connections to the Internet.

Cryptocurrency scammers have made at least $145,000 this week by promoting fake giveaways through hacked verified Twitter accounts. At the time, these scams pulled in a massive $580,000 in cryptocurrency over a one-week period.

An Amazon spokesperson told Threatpost that the company conducts security reviews as part of skill certification, and has systems in place to continually monitor live skills for potentially malicious behavior. Finally, before the skills can be actively made public to Alexa users, developers must submit their skills to be vetted and verified by Amazon.

Tired of keeping up with security alerts from your system? Worried that your Security Operations Centre is getting deluged in low-level reporting? Fear not: Imperva has produced an aggregator aggregation product that sits over the top of all your other alert-generating security software. The Imperva Sonar platform, billed by the firm as wiping out "The need for siloed point solutions," hangs above Security Orchestration, Automation and Response and Security Information and Event Management products, the idea being to reduce the number of different things that your company's SOC needs to keep an eye on.

The benefits of working remotely are numerous, but there are significant hidden costs that need to be factored in. "As we approach a year of working from kitchen tables or makeshift offices, it's time for organizations to consider the human impact of long-term remote working and what this means for security," said Tony Pepper, CEO of Egress.

HYAS, a Victoria, Canada-based provider of threat intelligence based on adversary infrastructure, announced this week that it has closed a $16 million Series B round of funding led by S3 Ventures. HYAS says it has created a massive data lake of attacker infrastructure, including domain-based intelligence that can be connected to other security tools using an API, and also offers its own cloud-based DNS security solution.