REvil Gang Arrested, 5G & Airplanes, Zoom Zero-Click, & Stolen Brownies – PSW #724
In the Security News: Malware targets Ukraine, I wonder where that's coming from?, evil Google Docs comments, Russia grabs REvil, funding a dictatorship, Zoom zero clicks, When 9-year old's launch DDoS attacks, 5G interference, and when your Mom steals your brownies!
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
We had an absolute blast putting together this year's SW Unlocked virtual event! All presentations are now available on-demand for your viewing pleasure. Please visit https://securityweekly.com/unlocked to register and watch now!
Hosts
Paul Asadoorian
Principal Security Evangelist at Eclypsium
- 1. Use Twitter as well as CVSS to prioritize security patches"Prioritizing vulnerabilities with exploit code is 11 times more effective than Common Vulnerability Scoring System (CVSS) scores in minimizing exploitability," said CTO and co-founder Ed Bellis in a blog post on Wednesday. "Mentions on Twitter, surprisingly, also have a much better signal-to-noise ratio than CVSS (about 2 times better)." - Interesting...
- 2. Google Docs ‘comments’ used to launch phishing attacks, send malicious content"According to the researchers, the hackers add a comment to a Google Doc. The comment then mentions the target with an @. In doing so, an email with the bad links and text gets automatically sent to the victim’s inbox via Google. The attackers don’t show the email address, just a name, typically one that’s impersonated."
- 3. Zooming in on Zero-click Exploits
- 4. REvil ransomware gang arrested in RussiaPay no attention to the Ukraine thing, we arrested REvil!
- 5. Linux malware is on the rise. Here are three top threats right now"According to CrowdStrike, some XorDDoS variants are built to scan and search for Docker servers with the 2375 port open, offering an unencrypted Docker socket and remote root passwordless access to the host. This can give the attacker root access to the machine. " - Target all the Linux things, except for the desktops...
- 6. North Korean hackers stole nearly $400 million in crypto last yearHow accurate could this number be? How do we know who is stealing what?
- 7. Organizations Face a ‘Losing Battle’ Against Vulnerabilities“Only an approach that turns that weakness into a strength—by adopting the same tools, techniques and mindset as attackers to uncover vulnerabilities before they do—leads to success,”
- 8. Zoom vulnerabilities impact clients, MMR servers"The two vulnerabilities Silvanovich found could only be exploited for interactionless attacks when two accounts have each other in their Zoom Contacts. This means that the prime targets for these attacks would be people who are active Zoom users, either individually or through their organizations, and are used to interacting with Zoom Contacts. "
- 9. Researcher Discloses Unpatched Vulnerabilities In NUUO NVRmini2
- 10. ‘Zero-Click’ Zoom Vulnerabilities Could Have Exposed Calls
- 11. A German Teen Took Control of Teslas by Hacking a Third-Party App"Crucially, he said he cannot control the most important functions of the cars remotely, such as steering, accelerating, and braking. But he could still wreak some havoc."
- 12. Nine-year-old kids are launching DDoS attacks against schools"But it's not just a warning for those who search for "stresser" and "booter" services which provide an easy way to launch a DDoS attack against a school's network. The campaign also aims to influence young people, who might be considering engaging in cybercrime, to feel motivated to exploit their technical prowess in an ethical career in the technology, gaming, or cybersecurity industries." - Booters are not for children, or adults for that matter!
- 13. Microsoft warns of destructive disk wiper targeting Ukraine
- 14. Safari and iOS users: Your browsing activity is being leaked in real time
- 15. Preparing For the Next Cybersecurity Epidemic: Deepfakes
- 16. Oracle’s First Security Updates for 2022 Include 497 Patches"Oracle plans to release the next set of quarterly patches on April 19." - How do we move faster to a more DevOps-style approach where we patch and fix in smaller sprints?
- 17. S.D. Mom Accidentally Serves Son’s Pot Brownies at Senior Center, and He Is ChargedMy Mom stole my brownies...
- 18. 5G phones: How serious is the threat to US flights?
Joff Thyer
Security Analyst at Black Hills Information Security
Larry Pesce
Product Security Research and Analysis Director at Finite State
Tyler Robinson
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element