Tuesday’s Multiple Patch from Microsoft
Microsoft released a multiple security updates on Tuesday to tackle more than 50 serious faults in , Microsoft Office, Windows, Internet Explorer/Edge and Adobe Flash Player, among other products. The large number of patches released was rated critical by Microsoft which means the issues which are meant to be fixed by them can be exploited by fraudsters or malwares to take control of susceptible systems with minimum or zero help from its users. The batch consisted of at least 55 fixes for security flaws currently detected.
Some of the alarming ones are the ones in Microsoft Outlook, Edge and Office that could lead to phishing incidents. It is advisable to get the updates installed as soon as possible and be safe.
Credit: krebs on security
Hackers Exploiting ‘Bitmessage’ Zero-Day to Steal Bitcoin Wallet Keys
Bitmessage developers have discovered some critical zero-day vulnerability that are ‘remotely executable’ in the PyBitmessage application. They are being exploited currently and users have been warned to be cautious of them. Bitmessage being a decentralized and trustless mode of communications, any entities like root certificate authorities need not be trusted.
PyBitmessage, the official client for Bitmessage messaging service was affected by remote code execution vulnerability or an encoding flaw in its 0.6.2 version for Linux, Mac, and Windows and is being misused by miscreants. Bitmessage developers confirmed that it has been fixed in version 0.6.3.2 and recommends all users to upgrade to this version immediately.
Credit: The Hacker News
A Potent Botnet is Exploiting a Critical Router Bug That May Never Be Fixed
A serious vulnerability that lets attackers take charge of around 40,000 routers has been discovered again. This time it is through a rapid botnet that turns routers, cameras, and other types of Internet-connected devices into potential tools for robbery and destruction. There have been no signs of fixes any time soon in spite of the high risk posed by the threat. This botnet called Satori suddenly became popular last December when it affected more than 100,000 routers in just 12 hours .It achieved this by abusing serious vulnerabilities in one model from Huawei and another from RealTek. In January this year the operators release another version that affected machines used to mine digital coins, this allowed the frauds to mine around $3,000 worth of Ethereum. Presently Satori has started infecting routers manufactured by Dasan Networks of South Korea.
Researchers believe that a new alternative of Satori may have infected as many as 30,000 routers by now and its developers might plan for new attacks in future too.
Credit: Arstechnica
Multi-Stage Word Attack Infects Users without Using Macros
If you are some who uses word documents or even open a word document then its time you are alerted. Spammers are employing a new method to inject malware onto user devices when they open a word document! The users do not even have to allow the execution of its macro scripts. This new macro-less technique is actively being exploited now, and it is believed that the criminals are abusing this multi-phase, no-macros method to infect users with a password stealer. As of now, evidence show only a single group exploiting this unusual trick, though this will surely be adopted by others.
The malicious documents arriving via emails with subject lines like TNT Statement of account XXX or RFQ, Copy for balance payment, though this could change by tomorrow. It is a chain of emails and the only way out is to somehow break this new technique’s exploitation chain. It is again advised to to keep Windows and Office up to date on your PCs.
Credit: Bleeping Computer
Hackers Exploit ‘Telegram Messenger’ Zero-Day Flaw to Spread Malware
The end-to-end encrypted Telegram messaging app has fallen victim to zero-day vulnerability. It was found out in a desktop version and is being used to send out malware that mines crypto currencies such as Monero, Zcash, Fantomcoin, and others.
It has been exploited since March 2017 by cyber criminals who deceived victims into downloading malicious software and used their CPU power to mine crypto currencies. It was also used as a backdoor for attackers to remotely control the user PC. Security researchers found a number of scenarios of this zero-day exploitation by threat actors in their analysis. It is recommended not to download or open files from unknown or untrusted sources to protect ourselves from such attacks. Additionally users should avoid giving away any sensitive data in messaging apps and ensure you use efficient antivirus software from reliable company installed on your systems.
Credit: The Hacker News