loading...
Cover image for Security news weekly round-up - 29th May 2020

Security news weekly round-up - 29th May 2020

ziizium profile image Habdul Hazeez ・3 min read

Security news weekly round-up (9 Part Series)

1) Security news weekly round-up 2) Security news weekly round-up - 15th May 2020 3 ... 7 3) Security news weekly round-up - 22nd May 2020 4) Security news weekly round-up - 29th May 2020 5) Security news weekly round-up - 5th June 2020 6) Security news weekly round-up - 12th June 2020 7) Security news weekly round-up - 19th June 2020 8) Security news weekly round-up - 26th June 2020 9) Security news weekly round-up - 3rd July 2020

Cover photo by Jazmin Quaynor on Unsplash.

Introduction

Welcome to the weekly round-up of security news from around the Web. I hope your week was fine.

This week it's all about hacking, zero-day bugs, malware, and android security.


New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug

The title says it all.

Excerpt from the article:

The hacking team behind the "unc0ver" jail breaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version.

New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data

Humans tend to be smarter than their own creations.

Excerpt from the article:

"ComRAT v4 was first seen in 2017 and known still to be in use as recently as January 2020," cybersecurity firm ESET said in a report shared with The Hacker News. "We identified at least three targets: two Ministries of Foreign Affairs in Eastern Europe and a national parliament in the Caucasus region."

New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps

At the time writing, Android is arguably the most used mobile operating system, therefore, this is serious business.

Excerpt from the article:

A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information.

The Security of Your Android Device May Depend on Where You Live

I know you might be thinking: Is this for real? Well, you will have read the article to find out.

Excerpt from the article:

Over the last few years, security researchers have been able to crack various Android phones during Pwn2Own hacking competitions. Now one firm has collected its research and finds a potentially significant global problem: Android security may be dependent on the country of use.

Pablo Escobar’s brother sues Apple for $2.6b over FaceTime flaw

This is a mixture of alleged software bug and lawsuit.

Excerpt from the article:

According to the lawsuit, Escobar bought an iPhone X back in April 2018. One year after the purchase, Roberto claims he got a life-threatening letter from someone named Diego who claimed to have found Roberto’s address through FaceTime.

Cisco hacked by exploiting vulnerable SaltStack servers

If you've heard the term networking before the name Cisco should ring a bell.

Excerpt from the article:

As detailed by the company, the hackers were able to compromise six backend infrastructure servers: us-1.virl.info, us-2.virl.info, us-3.virl.info, us-4.virl.info, vsm-us-1.virl.info, and vsm-us-2.virl.info.

200K sites with buggy WordPress plugin exposed to wipe attacks

The plugin in question is PageLayer.

Excerpt from the article:

Two high severity security vulnerabilities found in the PageLayer plugin can let attackers to potentially wipe the contents or take over WordPress sites using vulnerable plugin versions.


That's it for this week, I'll see you next Friday.

Security news weekly round-up (9 Part Series)

1) Security news weekly round-up 2) Security news weekly round-up - 15th May 2020 3 ... 7 3) Security news weekly round-up - 22nd May 2020 4) Security news weekly round-up - 29th May 2020 5) Security news weekly round-up - 5th June 2020 6) Security news weekly round-up - 12th June 2020 7) Security news weekly round-up - 19th June 2020 8) Security news weekly round-up - 26th June 2020 9) Security news weekly round-up - 3rd July 2020

Posted on Oct 31 '19 by:

ziizium profile

Habdul Hazeez

@ziizium

I teach and write code with interests in Web Development, Computer Security, and Artificial Intelligence.

Discussion

markdown guide