Cyber Security News (24th July 2018)

1. Android Devices With Open ADB Ports are Vulnerable for malware Attack

A new exploit targeting Android devices with open ADB port 5555 to spread malware through command line troubleshooting utility called Android Debug Bridge (ADB) which allows developers to debug apps on the Android devices.

Attackers trying to exploit the devices with port 5555 open and turn them into a botnet.

All multimedia devices, smart TVs, mobile phones, and other devices without additional protection are easy targets for this malware regardless of the user’s password strength.

Cyber Security Tips:  

  • Users are advised to check if they have ADB enabled. Settings > Developer Options
  • Make sure that you have turned off “ADB (USB) debugging” and “Apps from Unknown Sources”.

 

2. Hacker Ensnares 18,000 Huawei Devices Into Massive Botnet In Just 24 Hours

One of Huawei’s older Router model, the HG532, contains a vulnerability that a malware author exploited to create a fairly large botnet.

The new botnet currently spans over 18,000 routers, and is presumably growing. It was initially spotted by security researchers from NewSky Security and later confirmed by several other outfits.

According to the findings, the vulnerability can be exploited through port 37215. To be clear, this is not a zero-day exploit that is at play.

“An authenticated attacker could send malicious packets to port 37215 to launch attacks.

Successful exploit could lead to the remote execution of arbitrary code,” Huawei said.

Cyber Security Tips :

  • The vulnerability has been documented as CVE-2017-17215, and for which Huawei released a security notice in November of last year.
  • IT Persons are recommended to Patch this Vulnerability if they are using HG532 Router Model of Huawei.

Users can take the following measures to circumvent or prevent the exploit of this vulnerability.

  • Configure the built-in firewall function.
  • Change the default password.
  • Deploy a firewall at the carrier side.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: