Data Security News Headlines 11th May 2017

  1. Google Won’t Patch A Critical Android Flaw Before ‘Android O’ Release

Android is always targeted by hackers using vulnerabilities. According to new research by CheckPoint security, Millions of Android smartphones are at serious risk of “screen hijack” vulnerability. This critical vulnerability allows hackers to steal your passwords, bank details, as well as helps ransomware apps extort money from victims. The worse thing is that millions of users are still waiting for Android N update from their device manufacturers (OEMs), which apparently means that majority of smartphone users will continue to be victimized by ransomware, adware and banking Trojans for at least next one year. According to the researcher, the problem originates due to a new permission called “SYSTEM_ALERT_WINDOW,” which allows apps to overlap on a device’s screen and top of other apps. Due to this features malicious apps hijack a device’s screen.

Cyber Security Tips: Users are strongly recommended that always verify app permissions before installing apps and grant only those permissions which have relevant context for the app’s purpose if you want to be safe and avoid to download apps from untrusted sources.

  1. Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak

The vulnerability (CVE-2017-3881) which is previously reported that resides in the Cluster Management Protocol (CMP) which uses Telnet or SSH to deliver signals and commands on internal networks in Cisco IOS and Cisco IOS XE Software. The company identified the vulnerability in its product while analyzing “Vault 7” dump thousands of documents and files leaked by Wikileaks, claiming to detail hacking tools and tactics of the U.S. Central Intelligence Agency (CIA). The vulnerability can be exploited remotely by sending “malformed CMP-specific Telnet options during establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. Once successfully exploited by an attacker then it can remotely execute malicious code on a device with elevated privileges to take full control of the device or cause a reboot of the affected device.

Cyber Security Tips:  Users are strongly recommended that disable the Telnet connection to the switch devices in favor of SSH and administrators are strongly advised to install the patch as soon as possible.

  1. Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities

Microsoft has released security patches for a total of 55 vulnerabilities in this patch Tuesday.  Out of 55 vulnerabilities, 17 have been rated as critical and affect the company’s main operating systems, along with other products like Office, Edge, Internet Explorer, and the malware protection engine used in most of the Microsoft’s anti-malware products. Microsoft has also patched four critical zero-day vulnerabilities, three of which being actively exploited by cyber-espionage groups in targeted attacks over the past few months. Microsoft also addresses four critical remote code execution bugs (CVE-2017-0272, CVE-2017-0277, CVE-2017-0278, and CVE-2017-0279) in Windows SMB network file-sharing protocol, which affects Windows 7 through 10 and Windows Server 2008 through 2016.

Cyber Security Tips:  Users and administrators are strongly recommended that install the patches as soon as possible.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: