Tag Archive for: urge

CERTs Urge Patching of Google Chrome, Android Flaws

/in


Application Security
,
Governance & Risk Management
,
Incident & Breach Response

Exploitation May Lead to DoS, Data Privacy Breach, RCE Attacks

Mihir Bagwe
February 10, 2022    

CERTs Urge Patching of Google Chrome, Android Flaws
CERTs say to patch Chrome and Android flaws now.

Several global Computer Emergency Response Teams have issued alerts as well as fixes for Google Chrome browser and Android operating system vulnerabilities.

See Also: Live Webinar | How to Stop the Four Horsemen of the Data Loss Apocalypse

Countries issuing the alerts include France, India and Canada.

Google Chrome Vulnerabilities

The Canadian Center for Cyber Security, in its advisory, says that all Chrome for desktop versions prior to 98.0.4758.80 are vulnerable to all flaws reported by the technology giant.

Google Chrome, in its Chrome release update, says that a total of 27 security fixes, including 10 high-, 14 medium- and 3 low-severity vulnerabilities, have been made. Of these, 19 vulnerabilities were disclosed by external security researchers, while the rest were found by internal researchers during “internal audits, fuzzing and other initiatives.”

The vulnerabilities in Google Chrome browser and OS can be used by a threat actor to execute arbitrary code, according to CERT-In. These vulnerabilities exist due to the following conditions:

High-Severity Flaws

Medium-Severity Flaws

Low-Severity Flaw

The latest stable channel update of Chrome for desktop includes fixes for all operating systems and the following version numbers: Windows (98.0.4758.80/81/82), Mac and Linux…

Source…

The Taliban’s access to data. Bangkok Airways discloses data breach. FBI and CISA urge vigilance during Labor Day weekend.

/in


The Taliban’s access to data.

The Taliban’s seizure of HIIDE (Handheld Interagency Identity Detection Equipment) biometric registration and identification devices aroused concern when it was first reported, but the risks of that loss, while real, seem likely to be limited. MIT Technology Review argues that a more serious matter is the insurgent government’s acquisition of APPS, the Afghan Personnel and Pay System used by the deposed government’s Ministries of Defense and the Interior. APPS data were unprotected by retention or deletion policies and was presumably seized intact.

Phorpiex botnet shuts down.

The Record reports that the Phorpiex botnet has shut down, and researchers at Cyjax have found that the botnet’s proprietors are offering the source code for sale. If you’re in the market, not that you would be, know that Phorpiex has a mixed reputation in the underworld. It’s been profitable, with its spam module and ability to hijack cryptocurrency clipboards being consistent moneymakers. Phorpiex has also hired its botnet out for use by ransomware operators, among them Avaddon, a gang that’s recently gone into occultation. On the other hand Phorpiex’s own security has tended toward the slipshod, with other criminals able to either uninstall it or substitute their own payloads for those the proprietors intended.

Bangkok Airways discloses data breach.

Bangkok Airways disclosed that it’s been the victim of an attack that compromised passengers’ personal information, including name, “nationality, gender, phone number, email, address, contact information, passport information, historical travel information, partial credit card information, and special meal information.” ZDNet reports that the LockBit ransomware gang has claimed responsibility and threatened to release information if their ransom demands aren’t met. That data dump, the Register wrote Tuesday, has begun, as Bangkok Airways refused to pay the ransom. The size of the data dump is assessed variously as between 103GB and more than 200GB.

BleepingComputer reports that the gang also claims to have used credentials stolen from Accenture to access and encrypt files at an unnamed airport. That last brag, however, seems not to be…

Source…

Ransomware experts urge victims not to pay, but are they listening?

/in


The number of attacks from, and payouts to, ransomware extortionists continue to rise despite only 20% saying giving into demands is the best course, Menlo Security finds.

Ransomware

Image: kaptnali, Getty Images/iStockphoto

There’s a growing reluctance to play ransomware demands, Menlo Security found in an online poll, but that reluctance may not reflect what victims are actually doing when hit by an attack. Respondents overwhelmingly agreed that ransoms shouldn’t be paid, with 79% saying so, while 20% said paying ransoms is the best way out. Sixty-nine percent said they’d like to see prison time for ransomware perpetrators, and 60% said the scheme should be treated the same as terrorist attacks. 

SEE: Security incident response policy (TechRepublic Premium)

Opinions like these are all well and good, but Menlo Security pointed out that data from Cybersecurity Ventures shows 2021 ransomware losses are expected to exceed $20 billion, rising to $265 billion by 2031. Meno Security also cited data from The Beazley Group, which said that ransomware attacks increased by more than 130% in 2020. Factor in recent high-profile and high-dollar payouts from the Colonial Pipeline ransomware attack and similar incidents and you have a clear signal to cybercriminals: Ransomware works.

“Ransomware isn’t going away any time soon and with the rise of ransomware as a service it’s an increasingly easy way for cyber criminals to launch a profitable attack,” said Mark Guntrip, Menlo Security senior director of cybersecurity strategy. “If companies continue to pay ransom demands, then these criminal groups will continue to see the technique as an easy way to make massive monetary gains.”  

Catching ransomware actors would be a way to slow them down, and with only 16% of survey respondents saying they think attackers will never be caught it seems there’s some consensus that cybercriminals aren’t immune. Not so, said Guntrip: “Given the location of the groups that have carried out ransomware attacks and the tools that they use, it is highly…

Source…