Apple issues urgent updates to fix new zero-day linked to Pegasus spyware
Apple released emergency security updates Monday after it was discovered that an Israeli cyber surveillance company’s spyware could infect iPhones and other devices without the owner even clicking on a link. Apple has released iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 to fix two actively exploited vulnerabilities, one of which defeated extra security protections built into the operating system. The updates are in response to a zero-day exploit called “FORCEDENTRY” (aka Megalodon) that was weaponized by Israeli surveillance vendor NSO Group and allegedly used to install Pegasus spyware on the phones of activists in Bahrain. Apple iPhone, iPad, Mac, and Apple Watch users are advised to immediately update their software to mitigate any potential threats arising out of active exploitation of the flaws.
Update Google Chrome to patch 2 new zero-day flaws under attack
New Zloader attacks disable Windows Defender to evade detection
According to Microsoft’s stats, Microsoft Defender Antivirus (formerly Windows Defender) is the anti-malware solution pre-installed on more than 1 billion systems running Windows 10. An ongoing campaign using the banking trojan Zloader uses a new infection chain to disable it to evade detection. The attackers have also changed the malware delivery vector from spam or phishing emails to TeamViewer Google ads published through Google Adwords, redirecting the targets to fake download sites. From there, they are tricked into downloading signed and malicious MSI installers designed to install Zloader malware payloads on their computers.
Walmart hoax causes Litecoin to spike 20%
A fake press release, issued by GlobeNewswire, claimed Walmart had announced a significant partnership with Litecoin. The news caused Litecoin to spike and quickly tank after the news was exposed as a hoax. According to some reports, Litecoin (LTC-USD) spiked at 25% in under half an hour, spurring LTC up from $174 to a “session high of $232.” Experts quickly pointed out inconsistencies in the press release, noting how critical it is to conduct thorough research before falling for entirely fabricated news presented as factl.
Thanks to our episode sponsor, Sonrai
WooCommerce multi-currency bug allows shoppers to change ecommerce pricing
WooCommerce is a popular eCommerce plugin for WordPress-powered websites; the Multi Currency plugin from Envato allows e-tailers using WooCommerce to set pricing for international shoppers. It automatically detects a customer’s location and displays pricing in the appropriate currency, with the exchange rate set manually or automatically using current exchange rates. According to the Ninja Technologies Network (NinTechNet), the issue is a broken access-control vulnerability in version 2.1.17 and below, impacting Multi Currency’s “Import Fixed Price” feature, which allows eCommerce sites to set custom prices, thus overwriting any prices calculated automatically by exchange rate.
Close to half of on-prem databases contain vulnerabilities, with many critical flaws
A five-year study has concluded with a sobering fact for businesses using on-premise servers: close to half contain vulnerabilities that may be ripe for exploitation. Imperva released the results of the study on Tuesday, which analyzed roughly 27,000 databases and their security posture. In total, 46% of on-premises databases worldwide, accounted for in the scan, contained known vulnerabilities. On average, each database contained 26 security flaws, with 56% ranked as a “high” or “critical” severity bug — including code execution vulnerabilities that can be used to hijack an entire database and the information contained within. All it may take, in some cases, is a scan on Shodan, the search engine that can find anything that connects directly to the internet, to find a target and execute a malicious payload. “This indicates that many organizations are not prioritizing the security of their data and neglecting routine patching exercises,” Imperva says. “Based on Imperva scans, some CVEs have gone unaddressed for three or more years.”
Alibaba slides on report China plans to break up payment app
Shares in Chinese technology giant Alibaba have fallen sharply after a report that its financial affiliate Ant Group is again under scrutiny. Regulators want to break up Alipay, which is China’s biggest payments app with more than a billion users, according to the Financial Times. A separate platform for the app’s profitable lending operation would be created under the plan. This would be the latest move by Beijing to tighten its grip on big businesses, and Ant could also be forced to hand over the user data that underpins its loans decisions to a new credit scoring firm, which would be partly state-owned, the report said. Alibaba shares closed 4.2% lower in Hong Kong trade on Monday.
Brits open doors for tech-enabled fraudsters because they ‘don’t want to seem rude’
That’s according to the trade association UK Finance, which found that the number of “impersonation scam cases” more than doubled in the first half of 2021 to 33,115 – up from 14,947 during the same period last year. The industry body reckons these particular frauds – whether by text, email, or voice calls – have duped “even the savviest” Brits out of almost £200m over the last year or so and a SMS phishing (smishing) attacks in the UK grew by nearly 700 per cent in the first half of 2021 compared to the previous six months.