Introduction
This week it's all about bugs with an addition of malware related news.
PoC Released for Unpatched Windows Vulnerability Present Since 2006
PoC stands for Proof-of-Concept which is a piece of code or techniques that demonstrates a vulnerability or bug.
Though this bug is over 14 years old, Microsoft has said it requires an attacker to have already compromised a system.
Excerpt from the article:
The vulnerability was discovered by Tenable researcher David Wells and it was disclosed this week after Microsoft failed to release a patch within 90 days.
According to Wells, the vulnerability is a local privilege escalation issue that can be exploited by a non-admin process to elevate privileges to SYSTEM when PsExec is executed remotely or locally on the targeted computer.
The security hole has been found to impact Windows versions between Windows XP and Windows 10, and PsExec versions between 2.2 (the latest) and 1.7.2 (released in 2006).
Vendors Respond to Method for Disabling Their Antivirus Products via Safe Mode
Safe mode is no longer safe.
Excerpt from the article:
Researcher Roberto Franceschetti last week published an advisory, a blog post, a video and proof-of-concept (PoC) exploits demonstrating a method that could be used by an attacker to disable anti-malware products from Microsoft (Windows Defender), Avast, Bitdefender, F-Secure and Kaspersky.
The researcher showed how an attacker with elevated privileges could run a script that locally or remotely disables an antivirus by rebooting the device in safe mode and renaming its application directory before its associated service is launched.
New 5G Network Flaws Let Attackers Track Users' Locations and Steal Data
The title says it all.
Excerpt from the article:
As 5G networks are being gradually rolled out in major cities across the world, an analysis of its network architecture has revealed a number of potential weaknesses that could be exploited to carry out a slew of cyber assaults, including denial-of-service (DoS) attacks to deprive subscribers of Internet access and intercept data traffic.
Malicious Chrome, Edge extensions with 3M installs still in stores
Yeah, you read that right.
Excerpt from the article:
Malicious Chrome and Edge browser extensions with over 3 million installs, most of them still available on the Chrome Web Store and the Microsoft Edge Add-ons portal, are capable of stealing users' info and redirecting them to phishing sites.
RAM-Generated Wi-Fi Signals Allow Data Exfiltration From Air-Gapped Systems
It's Air-Gapped that means it's disconnected from the public facing internet but still, humans are crafty creatures.
Excerpt from the article:
In a newly published paper, Mordechai Guri from the Ben-Gurion University of the Negev in Israel details AIR-FI, a new data exfiltration technique in which malware installed on a compromised air-gapped system can generate Wi-Fi signals that a nearby device intercepts and sends to the attacker, over the Internet.
The technique leverages memory buses for the generation of covert signals, thus eliminating the need of Wi-Fi hardware. For the interception of these signals, Wi-Fi capable devices such as smartphones, IoT devices, and laptops are used.
Apple Patches Tens of Code Execution Vulnerabilities in macOS
No system is safe.
Excerpt from the article:
An attacker able to exploit the most severe of these issues would execute code within the context of the application, with the same privileges as the current user. Some of the bugs, Apple explains in its advisory, could be exploited to execute code with system or kernel privileges.
WordPress plugin with 5 million installs has a critical vulnerability
Do you use Contact Form 7? Please, update.
Excerpt from the article:
An attacker can upload a crafted file with arbitrary code on the vulnerable server using the plugin.
Then, by exploiting this severe vulnerability, the file can be executed as a script by the attacker to run the code within.
Credits
Cover photo by Jazmin Quaynor on Unsplash.
That's it for this week, I'll see you next Friday.
Top comments (0)