exploit
Latest
Google uncovers exploit-laden websites that stole data from iPhones
A small collection of hacked websites targeted iPhones using zero-day attacks for at least a couple of years, Google's Project Zero team has revealed in a newly published report. The websites don't even need a user's input to infiltrate a device: just visiting them is enough to compromise an iPhone. In the case of a successful attack, an implant makes its way to the victim's device to steal sensitive data like photos and iMessages, as well as to update the attackers on its real-time GPS location.
Apple quietly updates Macs to remove Zoom webcam exploit
It's not just Zoom scrambling to fix the exploit that allowed intruders to hijack Mac webcams. Apple has issued a silent, automatic update to macOS that removes the web server used to streamline access to the video conferencing app. The update isn't completely necessary when Zoom has already issued its own patch, but this ensures that people running older Zoom releases won't be vulnerable.
Zoom will remove server behind Mac webcam security hole
Zoom is acting quickly on the security flaw that let intruders hijack Mac users' webcams. The video conferencing firm is releasing a patch on July 9th (that's today, if you're reading in time) that removes access to the local web server behind the vulnerability. It'll also let you manually uninstall Zoom and remove all traces of the app so that there's no chance of an exploit later on. Another update, due for the weekend of July 12th, will also ensure that rookies who choose "always turn off my video" will automatically have their preferences honored in those situations where a meeting host would normally require that video switches on.
US Cyber Command warns of nation-state hackers exploiting Outlook
The recent surge in state-backed hacking campaigns isn't dying down any time soon. US Cyber Command has reported that unnamed state actors are making "active malicious use" of a 2017-era Outlook vulnerability (long since patched) to escape the email client's sandbox and run malware on a target system. While officials didn't say who was involved, some clues have hinted at a possible connection to Iran.
You should update Firefox right now to fix a critical bug
If you have Firefox on your computer, you should update it right now. Mozilla has released security updates Firefox 67.0.3 and Firefox ESR 60.7.1 to fix a critical bug, which it says hackers are actively exploiting to take control of vulnerable systems. The US Cybersecurity and Infrastructure Security Agency also issued an alert urging users and system administrators to review Mozilla's security advisory and act accordingly -- in other words, update your browser.
Indian streaming giant broke Safari support to deal with security hole
Websites tend to drop support for a particular browser due to obsolescence or just a lack of functionality, but India's biggest streaming service apparently had another reason: a piracy-friendly security hole. TechCrunch sources understand that Disney-owned Hotstar disabled Safari support (both desktop and mobile) on June 7th to limit the effects of a flaw that let people bootleg videos, including premium material.
Mac security hole reportedly lets attackers bypass app safeguards
Apple may have another Gatekeeper security flaw on its hands. Researcher Filippo Cavallarin has detailed a macOS vulnerability that he said would let attackers install malware without the usual permission request. As Gatekeeper considers network shares to be 'safe' locations that don't require permission checks, an intruder just has to trick the user into mounting one of those shares to run the apps they like. A maliciously crafted ZIP file with the right symbolic link could automatically steer you to an attacker-owned site, for example, and it would be easy to trick someone into launching a hostile app -- say, a virus masquerading as a document folder.
Over 21,000 Linksys routers leaked their device connection histories
Certain Linksys WiFi routers might be sharing far more data than their users would like. Security researcher Troy Mursch has reported that 33 models, including some Max-Stream and Velop routers, are exposing their entire device connection histories (including MAC addresses, device names and OS versions) online. They also share whether or not their default passwords have changed. Scans have shown between 21,401 and 25,617 vulnerable routers online, 4,000 of which were still using their default passwords.
Install updates now to address a vulnerability in most Intel CPUs
In January 2018, a pair of security exploits dubbed Spectre and Meltdown showed how attackers could take advantage of commonly-implemented CPU technology to access data they shouldn't have been able to. They were followed by a similar bug, Foreshadow, late last year, and now researchers have uncovered four different techniques that exploit Intel's speculative execution technology in a similar way. The website CPU.fail has collected information about each vulnerability -- they're collectively referred to as Microarchitectural Data Sampling (MDS) -- including Zombieload, RIDL & Fallout, and Store-to-Leak Forwarding. Example code shows how the attacks could be launched using malicious JavaScript, for example, and researchers state that it would be difficult for antivirus software to detect it, however they have not found evidence of anyone using the tech in attacks so far.
Old versions of Windows get a new patch to stop WannaCry-style attacks
Microsoft is trying to head off another WannaCry-style malware outbreak before it starts. The software giant has released fixes for a Remote Desktop Services (aka Terminal Services) vulnerability that could allow "wormable" malware that spreads from computer to computer without requiring any user input. The exploit affects Windows 7, Windows Server 2008 R2 and older releases. Not surprisingly, Microsoft isn't taking any chances. While it's no longer officially supporting Windows XP and Windows Server 2003, it's patching both platforms to prevent ancient PCs (like those used in some business and government scenarios) from falling prey to attacks.
WhatsApp call exploit let attackers slip spyware on to phones
WhatsApp appears to have been the inadvertent conduit for a surveillance campaign. Both WhatsApp and Israeli software developer NSO Group have confirmed that an exploit in WhatsApp's voice calling allowed attackers to load NSO's Pegasus spyware on to Android and iOS devices. The tool could infect a device even if a user didn't answer, and the malicious calls would frequently disappear from logs. Pegasus can use the camera and mic in addition to scooping up location and message info.
Chrome exploit uses a fake address bar for phishing attacks
Cyberattackers don't need to find obscure technical flaws to launch phishing attacks -- they might just need a screen capture and some clever web coding. Developer James Fisher has found a relatively simple exploit in Chrome for mobile that takes advantage of how the app displays the address bar. When you scroll down from the top of a page, the approach displays a fake address bar that won't disappear until you visit another site. The attacker can even craft the page to prevent you from seeing the real address bar when you scroll up.
Internet Explorer security flaw allows hackers to steal files
Microsoft's Internet Explorer has a longstanding reputation for poor security, but it's now bad enough that you could be attacked just by having it on your PC. Security researcher John Page has revealed an unpatched exploit in the web browser's handling of MHT files (IE's web archive format) that hackers can use to both spy on Windows users and steal their local data. As Windows opens MHT files using IE by default, you don't even have to run the browser for this to be a problem -- all you have to do is open an attachment sent through chat or email.
Researchers find 36 security flaws in LTE
Security experts aren't done poking holes in LTE's armor -- not by a long shot. South Korean researchers have found 36 vulnerabilities in LTE that enable a range of attacks, some more sinister than others. They include temporary inconveniences like disconnecting someone from the cell network through to eavesdropping and controlling the data itself. The team found the abundance of exploits by using a custom "fuzzing" (feeding large chunks of random data to look for irregularities) tool.
ASUS releases fix for ShadowHammer malware attack
ASUS may have inadvertently pushed malware to some of its computers through its update tool, but it at least has a fix ready to go. The PC maker has released a new version of its Live Update software for laptops that addresses the ShadowHammer backdoor attack. It also promised "multiple security verification mechanisms" to reduce the chances of further attacks, and started using an "enhanced end-to-end encryption mechanism." There are upgrades to the behind-the-scenes server system to prevent future attacks, ASUS added.
Google: Update Chrome now as attackers are 'actively exploiting' a bug
Google Chrome tends to auto update quickly and silently, but you may want to make sure you're on the latest version right now, as the company announced a zero-day vulnerability that it said attackers are "actively exploiting." As Chrome security engineer Justin Schuh explained in a series of tweets, the thing that makes this different from previous exploits that usually targeted Flash, is that the browser needs to be restarted for the fix to take effect. If you're on Chrome's stable channel, then the latest update should install version 72.0.3626.121 with the fix. Google also alerted users that the bug was being used in concert with a second exploit attacking the Windows operating system. According to its blog post, it may only impact people running Windows 7 32-bit systems, and those people are encouraged to upgrade to a newer version of the OS, or install patches when/if Microsoft makes them available (seriously, it's time to move on).
Google discloses 'high severity' Mac security flaw ahead of patch
Google's Project Zero security disclosure program is once again proving to be a double-edged sword. The company has detailed a "high severity" macOS kernel flaw that lets people modify a user-mounted file system image without the virtual management subsystem being any the wiser, theoretically letting an attacker go unnoticed by users. Apple is working on a patch, but the disclosure ahead of the fix could leave Mac users vulnerable until it's ready.
Security flaws in 4G and 5G allow snooping on phone users
Security researchers are already poking holes in 5G mere months into its existence. They've discovered three flaws in 4G and 5G that could be used to intercept phone calls and track someone's location. The first and most important, Torpedo, relies on a flaw in the paging protocol that notifies phones of incoming calls and texts. If you start and cancel several calls in a short period, you can send a paging message without alerting the device to a call. That not only lets you track the device's location, but opens the door to two other attacks.
Hacker hijacks 50,000 printers to tell people to subscribe to PewDiePie
Over the course of this week, some printers have been printing out a strange message asking people to subscribe to PewDiePie's YouTube channel. The message appears to be the result of a simple exploit that allows printers to receive data over the internet, including print commands. A person with the online handle TheHackerGiraffe has claimed responsibility for the attack.
Google refutes reported Home Hub security flaw
A security researcher discovered a series of commands that could be used to brick the Google Home Hub. According to Jeremy Gamblin, it's possible to exploit a "undocumented (and amazingly unsecured)" API. It can be used to force the device to reboot or reveal data about a victim's network.
