Week in review: PolKit vulnerability, fake tax apps pushing malware, EU’s bug bounty for open source

Week in review

Here’s an overview of some of last week’s most interesting news, articles and interviews:

PolKit vulnerability can give attackers root on many Linux distros (CVE-2021-4034)
A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by local unprivileged users to gain full root privileges.

DazzleSpy: macOS backdoor delivered through watering hole attacks
In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites (for example, that of local radio station D100) by exploiting vulnerabilities in Webkit, the browser engine powering Safari, and XNU, the macOS and iOS kernel.

Malware resets Android devices after performing fraudulent wire transfers
If your Android phone initiates a factory reset out of the blue, there’s a chance it has been infected with the BRATA banking malware and you’ve just been ripped off.

Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials
Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to the victim organizations’ network by registering it with their Azure AD.

Stealthy Excel malware putting organizations in crosshairs of ransomware gangs
The HP Wolf Security threat research team identified a wave of attacks utilizing Excel add-in files to spread malware, helping attackers to gain access to targets, and exposing businesses and individuals to data theft and destructive ransomware attacks.

EU launches bug bounty programs for five open source solutions
The European Union is, once again, calling on bug hunters to delve into specific open source software and report bugs.

Fraud detection is great, but you also need prevention
In this interview with Help Net Security, Itay Levy, CEO of Identiq, talks about the importance of fraud detection when it comes to protecting an organization but also its customers.

Digital transformation leaders reaping the fruits of their investments
Financial services firms who invested in next-gen technologies and continued their digital transformation push in 2021 are already experiencing the positive effects of these investments, according to a global survey of 750 financial service firms, released by Broadridge Financial Solutions.

Strong security starts with the strengthening of the weakest link: passwords
Darren Siegel is a cyber security expert at Specops Software. He works as a lead IT engineer, helping organizations solve complex challenges within IT security. In this interview with Help Net Security he discusses the challenges related to password security.

What is challenging multicloud adoption?
Nutanix announced the findings of its Enterprise Cloud Index (ECI) survey and research report, which measures enterprise progress with cloud adoption.

A 2022 priority: Automated mobile application security testing
The use of mobile devices has skyrocketed in the past two years and with it the mobile app market. It’s predicted mobile apps will generate more than $935 billion in revenue by 2023.

Spike in brand abuse attacks, 3-D Secure transaction volume rising
Outseer has published its latest quarterly Fraud & Payments report, confirming a troubling and massive spike in worldwide brand abuse attacks. The Q4 installment of the report features insights from July through September of 2021 as captured and collected while authenticating consumer transactions and investigating threats.

Beware of fake tax apps pushing malware
With the self-assessment tax deadline fast approaching in the UK, self-employed individuals will be looking to take advantage of the many apps that are on the market to help make the tax return process as smooth as possible. Unfortunately, there is a real and pervasive problem of tax-related cybercrime.

COVID test related scam emails still highly popular among cybercriminals
The Omicron variant has contributed to a 521 per cent rise in COVID test related scam emails between October 2021 and January 2022, according to Barracuda Networks.

Open-source code: How to stay secure while moving fast
Open source has transformed the software world, tremendously reducing the cost of introducing new technology by enabling broad reuse across products and industries. However, organizations pulling their code from open source will often find themselves in scenarios where they have created a Frankensteined final artifact, with extremely fragmented origins.

Why organizations should consider adopting cloud governance as code
Cloud governance, in terms of enforcing cost, compliance, and security policies tends to be a pivotal inhibitor to cloud adoption (86% of the respondents) and is a top priority for organizations in the new year, a Stacklet survey reveals.

How would zero trust prevent a Log4Shell attack?
There is a seemingly trivial solution to any remote code execution attack, namely: do not to let the inbound traffic match the pattern that triggers the vulnerability of the server. Easy to say, but hard to do. There are almost endless variations of traffic patterns that could trigger the critical severity Log4j vulnerability.

53% of medical devices have a known critical vulnerability
Cynerio found that security threats related to IoT and related devices within healthcare environments have remained sorely under-addressed, despite increased investments in healthcare cybersecurity.

Buy now, pay later fraud, romance and cryptocurrency schemes top the list of threats this year
Experian released its annual forecast, which reveals five fraud threats for the new year. With consumers continuing to take a digital-first approach to everything from shopping, dating and investing, fraudsters are finding new and innovative ways to commit fraud.

Why we can’t put all our trust into AI
According to theoretical physicist Michio Kaku, “The human brain has 100 billion neurons, each neuron connected to 10,000 other neurons. Sitting on your shoulders is the most complicated object in the known universe.” Yet as fast as we can we want Artificial Intelligence (AI) to solve our problems. Across many fields this has the potential to offer considerable benefits, including the world of cybersecurity. However, caution is needed.

Product showcase: CIOs can optimize and secure hybrid IT environments with Runecast
Runecast moves organizations ahead of these challenges with automated discovery and single-platform visibility of issues for IT Security and Operations teams. Built by admins for admins, Runecast enables a proactive approach to operational transparency, vulnerability and configuration management, security compliance and remediation of issues. Teams no longer have to reactively put out fires and can work more efficiently toward business growth drivers.

New infosec products of the week: January 28, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Borderless Security, Deepfence, LiveAction, MetricStream, Panorays, Pentera, and Samsung.




Share this