CyberIntelMag's Threat report

Weekly Cyber Threat Report, September 13-September 17

Welcome to CyberIntelMag’s weekly roundup! A place where you can find the most important stories in the cybersecurity world from the past week.

From the good news:

We’ve learned this week about Microsoft’s progress toward password elimination, Apple’s fixes for Pegasus spyware, Microsoft’s resolution of the PrintNightmare vulnerabilities, Google’s support for open source projects, and more.

  • Microsoft has released a new feature that makes it simple for consumer account holders to create a passwordless account on Windows 10 and 11 for Microsoft apps such as Office, OneDrive, and Outlook. It’s a significant advancement in the battle against hacking.
  • The United States, United Kingdom, and Australia have announced the AUKUS pact under which they’ll collaborate even more closely on artificial intelligence, quantum computing critical technology, cyber capabilities, defense-related industrial bases, and supply networks, among other areas.
  • Apple has released a solution to Pegasus Spyware’s zero-day attack and included it in its latest update. Users of Apple’s Mac, iPhone, iPad, and Watch must update to the most recent version and get protection from this threat.
  • The PrintNightmare flaws are no longer exploitable, according to Microsoft’s most recent update, which includes a security fix for the third and final PrintNightmare vulnerability, CVE-2021-36958.
  • Google has committed to supporting eight open-source projects with a $100 million investment. This support will help the Open Source Technology Improvement Fund (OSTIF) launch Managed Audit Programs (MAP) and then expand in-depth security evaluations to important open source projects.
  • The Federal Trade Commission (FTC) has reminded health app and connected device developers that data breaches must be disclosed. It’s part of a more considerable effort to ensure that IoT security gets enforced more effectively.

From the bad news:

This week was about the REvil ransomware gang’s return, the use of social media for cyber-attacks, Microsoft unveiling Windows MSHTML zero-day vulnerabilities, COVID-19 being used to steal financial information, exploitation of NETGEAR Smart Switches, and more.

  • Hacking gangs like Kumsong 121 from North Korea are using social media to befriend victims before hacking their computers and gaining access to their contacts. After invading the smartphones of several famous personalities, Android smartphone users are becoming easy prey for this gang.
  • The CVE-2021-26333 vulnerability, which can bypass Kernel ASLR and reveal passwords, poses a hazard to Windows users using AMD processors. However, patches are issued for Windows users.
  • An RCE vulnerability in Motorola’s Halo+ child-oriented monitor allows it to be hacked. Worst of all, the firm still hasn’t released essential security fixes.
  • According to Microsoft, the zero-day vulnerability in Windows MSHTML allows hackers to execute malicious documents and remotely hijack the victim’s machine. Despite the fact that security programs such as Microsoft Defender can detect the issue, a security fix has yet to be released.
  • A critical vulnerability, Seventh Inferno, exploits NETGEAR Smart Switches. It lets full device penetration by allowing attackers to create fake session files and combine them with a reboot DoS and a post-authentication shell injection.
  • Mexican hackers are using COVID-19 as a pretext to steal financial information from Android users. They run a phishing campaign and gain access to the victims’ phones using Android malware.
  • The number of bot attacks has increased by 41% in the first half of 2021. Financial institutions suffered around 683 million bot intrusions from January to June 2021, while media businesses faced 351 million.
  • The GetHealth database has been leaked, which contains over 60 million records from applications, wearables, and medical devices. Anyone with access to the disclosed dataset, which is 16.71 GB in size, may use it to launch attacks against compromised people.
  • A security flaw, CVE-2021-3437, has affected millions of HP OMEN devices. This vulnerability is in the driver used by the OMEN Gaming Hub software. When attackers gain system rights on targeted HP OMEN devices, they may disable security products, damage the underlying operating system, and conduct any other harmful operations of their choice.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.