zero days – Page 4 – WindowsTechs.com

SonicWall issues patch for firmware zero-day used to attack the company and its customers

Posted on February 4, 2021 by Joe Warminsky

Network security company SonicWall is offering a patch for a serious bug in one of its product lines that had attracted public warnings from cybersecurity researchers over the past week. The patch fixes a flaw that had put the Silicon Valley firm in the headlines of late. SonicWall on Jan. 22 said attackers had exploited a zero-day vulnerability in its own products to gain access to its corporate network. Then, on Jan. 31, researchers from NCC Group then said the bug was being exploited elsewhere in the wild. The bug is in SonicWall’s line of SMA 100 mobile networking gear, which is designed to add a layer of security for companies that allow employees to use their own devices to access corporate networks. SonicWall said the vulnerability allowed hackers to gain administrator-level privileges and then subsequently use a remote-code execution (RCE) on networks. The patch, posted Wednesday, applies to the […]

The post SonicWall issues patch for firmware zero-day used to attack the company and its customers appeared first on CyberScoop.

Continue reading SonicWall issues patch for firmware zero-day used to attack the company and its customers→

Bad patching practices are a breeding ground for zero-day exploits, Google warns

Posted on February 3, 2021 by Sean Lyngaas

Customers of major software vendors take comfort whenever a vendor issues a security fix for a critical software vulnerability. The clients expect that software update to keep attackers from stealing sensitive information. But new data from Google’s elite hacking team, Project Zero, suggests that assumption is misplaced. One in four “zero-day,” or previously unknown, software exploits that the Google team tracked in 2020 might have been avoided “if a more thorough investigation and patching effort were explored,” Project Zero researcher Maddie Stone said Wednesday. In some cases, the attackers only changed a line or two of code to turn their old exploit into a new one. Many of the zero-day exploits were for popular internet browsers like Chrome, Firefox or Safari, exposing an array of users around the world. Project Zero’s sample size is modest, covering just 24 exploits in all. But the data points to a need for greater […]

The post Bad patching practices are a breeding ground for zero-day exploits, Google warns appeared first on CyberScoop.

Continue reading Bad patching practices are a breeding ground for zero-day exploits, Google warns→

Fake Twitter personas, bogus blog delivered North Korea-linked malware to researchers

Posted on January 26, 2021 by Joe Warminsky

Hackers linked to North Korea targeted cybersecurity researchers through a seemingly legitimate research blog and friendly social media accounts, Google said Monday. The goal of those social engineering techniques was simple: Earn trust, and then trick researchers into interacting online with files that implanted file-stealing malware on their computers. There were also a few cases where unwitting researchers’ machines were infected simply by direct interaction with the security blog, Google said. That part of the campaign worked even if the researchers were using “fully patched and up-to-date Windows 10 and Chrome browser versions,” according to Google’s Threat Analysis Group. Google’s findings serve as a reminder that even the most security-minded people can still be vulnerable in the digital realm. The hacking campaign preyed upon the natural inclination of many researchers to collaborate on projects and share findings. For a nation-state trying to expand its arsenal of hacking tools, anyone with […]

The post Fake Twitter personas, bogus blog delivered North Korea-linked malware to researchers appeared first on CyberScoop.

Continue reading Fake Twitter personas, bogus blog delivered North Korea-linked malware to researchers→

An iOS exploit that enables iPhone takeover is described in cybersecurity researcher’s ‘work of art’

Posted on December 2, 2020 by Joe Warminsky

If there’s one thing to read this week about Apple security, it’s researcher Ian Beer’s massive, spirited and highly detailed account of how he developed a powerful tool for breaking into nearby iPhones. The piece, “An iOS zero-click radio proximity exploit odyssey,” earned Beer high praise for his persistence in working out the attack, as well as thorough reporting of how he did it. He posted the magnum opus Tuesday on the blog for Google Project Zero, the tech giant’s team of zero-day hunters. Beer — known as one of the most skilled iOS hackers around — makes some things clear up top: The vulnerability was reported to Apple before the company launched coronavirus contact-tracing technology on iPhones in May. And no one should ever be lulled into a false sense of security, he says, when it comes to mobile devices. “The takeaway from this project should not be: no one will […]

The post An iOS exploit that enables iPhone takeover is described in cybersecurity researcher’s ‘work of art’ appeared first on CyberScoop.

Continue reading An iOS exploit that enables iPhone takeover is described in cybersecurity researcher’s ‘work of art’→

Chrome Gets Patched Again—But 83% of Users Aren’t Running the Latest Version

Posted on November 19, 2020 by Mehul Patel

Isolation Provides Malware-Free Browsing Regardless of Patch Status
Imagine your life today without being able to freely browse the web. Browsers have put the entire world on our devices and in the palm of our hand—easily searchable in a powerful … Continue reading Chrome Gets Patched Again—But 83% of Users Aren’t Running the Latest Version→

Apple releases patches for 3 iOS zero days that hackers used for targeted attacks

Posted on November 6, 2020 by Sean Lyngaas

Apple has issued fixes for three critical bugs in its software for iPhones, iPads and iPods that could allow an attacker to burrow into the inner sanctum of a device’s operating system and steal data. The researchers who found the flaws said that attackers were actively exploiting them. Two of the bugs affect the kernel, the core of the device’s operating system which handles interactions between hardware and software. Apple users are protected if they update their software, which the company encouraged them to do on Thursday. Project Zero, Google’s team of security researchers that found the vulnerabilities, said hackers exploited the flaws in targeted attacks, but did not disclose the victims or perpetrators. Shane Huntley, of Google’s Threat Analysis Group, said the activity was not related to the U.S. election. Vulnerabilities in iPhone software are coveted by spies and criminals alike because of the popularity of the phones around the world, and the resources […]

The post Apple releases patches for 3 iOS zero days that hackers used for targeted attacks appeared first on CyberScoop.

Continue reading Apple releases patches for 3 iOS zero days that hackers used for targeted attacks→

Update on DoD’s Cloud-Based Internet Isolation

Posted on October 28, 2020 by Kowsik Guruswamy

I’m very proud of what we do at Menlo Security. We work very hard to make sure organizations and users around the world can safely access the tools and information they need to keep businesses running. We prevent confidential data from falling int… Continue reading Update on DoD’s Cloud-Based Internet Isolation→

Router vendor has patched some zero-days, but leaves others wide open

Posted on September 2, 2020 by Sean Lyngaas

In April, security researcher Rich Mirch got a text from a friend who had just switched to a new wireless router and was raving about its high-speed internet. You have to try it, the friend told Mirch. Curious, Mirch downloaded the router’s firmware and started picking it apart. He found that the device, made by an obscure Canada-based company called MoFi Network, had multiple password-related vulnerabilities packed into its code. But Mirch wanted to delve deeper. So the senior adversarial engineer at Texas-based security firm CriticalStart ordered the router online and rolled up his sleeves. He ended up finding 10 previously undisclosed vulnerabilities in the device that, if exploited, could allow attackers to steal passwords and data from networks running the vulnerable routers, including VPN credentials and API keys. “Some of these vulnerabilities have probably existed since 2015,” said Mirch, who published his findings on Wednesday. The research points to a longstanding […]

The post Router vendor has patched some zero-days, but leaves others wide open appeared first on CyberScoop.

Continue reading Router vendor has patched some zero-days, but leaves others wide open→

Researchers found another way to hack Android cellphones via Bluetooth

Posted on August 5, 2020 by Shannon Vavra

Attackers looking to steal sensitive information like contacts, call history, and SMS verification codes from Android devices only need to target Bluetooth protocols, according to new DBAPPSecurity research presented at the 2020 Black Hat conference Wednesday. These exploits, one of which takes advantage of a zero-day vulnerability, could also allow hackers to send fake text messages if manipulated properly, researchers found. It works by allowing attackers to disguise themselves as a trusted application, requesting permissions that allow one Bluetooth-enabled device to share data with another device, such as a headset or car’s “infotainment” system. For the attack to run successfully, Bluetooth must be enabled on the target device and victims must approve the attackers’ request for privileges. In the end, this action gives attackers access to data on the victim’s device, according to the California-based company. The other attack allows researchers to take advantage of an authentication bypass vulnerability, dubbed “BlueRepli.” Would-be attackers […]

The post Researchers found another way to hack Android cellphones via Bluetooth appeared first on CyberScoop.

Continue reading Researchers found another way to hack Android cellphones via Bluetooth→

Zero-day flaw found in Zoom for Windows 7

Posted on July 9, 2020 by Sean Lyngaas

A previously unknown flaw in the videoconferencing software Zoom could allow a hacker to remotely commandeer computers running old versions of the Microsoft Windows operating system, security researchers said Thursday. A hacker who successfully exploits the vulnerability could access files on the vulnerable computer, said Mitja Kolsek, chief executive of ACROS Security, the Slovenian cybersecurity firm that highlighted the issue. “If the user is a local administrator, the attacker could completely take over the computer,” Kolsek told CyberScoop. The “zero-day” vulnerability applies to Zoom software running on Windows 7, or even older operating systems. Microsoft has tried to phase technical support out for Windows 7 in an effort to encourage users to upgrade to more secure operating systems. But Windows 7 is still widely used, and some organizations have struggled to move their computers to the latest Windows software en masse. Kolsek said he is holding off on publishing a full […]

The post Zero-day flaw found in Zoom for Windows 7 appeared first on CyberScoop.

Continue reading Zero-day flaw found in Zoom for Windows 7→