Last week (8th January, 2021) we did not publish any article because I did not find articles that suit the theme of this series. I sincerely apologise for this.
Introduction
This week review is mostly about malware and vulnerabilities.
Decryptor Released for Ransomware That Allegedly Helped Cybercriminals Make Millions
It's not a good day when ransomware encrypts and steal your files. Luckily, Bitdefender has released a free decryption tool from recovering data encrypted by DarkSide Ransomware as a Service (RaaS).
Excerpt from the article:
The tool has to be executed locally on systems where the encrypted files are stored. Users are advised to create backups — a feature that is also available in Bitdefender’s free tool — before initiating the decryption process.
Facebook Awards Big Bounties for Invisible Post and Account Takeover Vulnerabilities
No system is safe.
Excerpt from the article:
The researcher found the vulnerability while analyzing Creative Hub, a tool that allows Facebook users to create and preview ads for Facebook, Instagram or Messenger. Creative Hub enables users to collaborate on ad mockups and the ads can be previewed by creating an invisible post on the selected page.
Experts Sound Alarm On New Android Malware Sold On Hacking Forums
Security researchers might take a day off, but I highly doubt it that malware creators take some time off.
Excerpt from the article:
The vendor, who goes by the name of "Triangulum" in a number of darknet forums, is alleged to be a 25-year-old man of Indian origin, with the individual opening up shop to sell the malware three years ago on June 10, 2017, according to an analysis published by Check Point Research.
"The product was a mobile RAT, targeting Android devices and capable of exfiltration of sensitive data from a C&C server, destroying local data – even deleting the entire OS, at times," the researchers said.
Hackers used 4 zero-days to infect Windows and Android devices
You write the code; It goes through security audits; It passed the audit; Hooray; Application is launched; Awesome!.
Now, you should expect the bug report.
Excerpt from the article:
The hackers delivered the exploits through watering-hole attacks, which compromise sites frequented by the targets of interest and lace the sites with code that installs malware on visitors’ devices. The boobytrapped sites made use of two exploit servers, one for Windows users and the other for users of Android.
Microsoft fixes Secure Boot bug allowing Windows rootkit installation
Rootkit is the most difficult malware that you can attempt to get rid of.
Excerpt from the article:
The security feature bypass flaw, tracked as CVE-2020-0689, has a publicly available exploit code that works during most exploitation attempts which require running a specially crafted application.
"An attacker who successfully exploited the vulnerability might bypass secure boot and load untrusted software," Microsoft explains.
Intel Adds Hardware-Enabled Ransomware Detection to 11th Gen vPro Chips
The title says it all.
Excerpt from the article:
The hardware-based security enhancements are baked into Intel's vPro platform via its Hardware Shield and Threat Detection Technology (TDT), enabling profiling and detection of ransomware and other threats that have an impact on the CPU performance.
"The joint solution represents the first instance where PC hardware plays a direct role in ransomware defenses to better protect enterprise endpoints from costly attacks," Cybereason said.
Windows 10 bug corrupts your hard drive on seeing this file's icon
You might miss it in the article, but please do not run the command that triggers the bug.
Excerpt from the article:
When exploited, this vulnerability can be triggered by a single-line command to instantly corrupt an NTFS-formatted hard drive, with Windows prompting the user to restart their computer to repair the corrupted disk records.
Credits
Cover photo by Jazmin Quaynor on Unsplash.
That's it for this week, I'll see you next Friday.
Top comments (0)