17
Security news weekly round-up - 25th June 2021
5 weeks in a row! Hi 5!✋
This week's review encompasses what this series is all about: security.
I'll say this: be careful with the name you assign to your Wifi network.
The unusual name in question is %p%s%s%s%s%n
.
Excerpt from the article:
Once triggered, the bug would render your iPhone unable to establish a WiFi connection, even if it is rebooted or the WiFi hotspot is renamed.
This is yet another piece of news about Apple products. In this case, it's iCloud.
The article title says it all, but, here is an excerpt that summarizes the entire story:
The issue, researcher Laxman Muthiyah says, was a bypass of the various security measures Apple has in place to prevent attempts to brute force the ‘forgot password’ functionality for Apple accounts.
Yeah, this is about hardware. Who loves hardware?
Well, if you are a gamer, the name NVIDIA will not sound foreign to you, and also, it means you should read this article.
To help you out, I have provided an excerpt below.
The flaws affect products Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, and Nano and Nano 2GB running all Jetson Linux versions prior to 32.5.1.
Chief among the vulnerabilities is CVE‑2021‑34372 (CVSS score: 8.2), a buffer overflow flaw in its Trusty trusted execution environment (TEE) that could result in information disclosure, escalation of privileges, and denial-of-service.
Yeah, I know, if security software can not protect our Android devices, what's next? 🤔
Excerpt from the article:
Called DroidMorph the tool allows for the cloning of both malicious and benign applications by making modifications at different levels of abstraction. Testing against 17 commercial anti-malware engines has shown that half don’t detect the clones.
You might think, I am always careful, but, trust me, when it comes to online security, you can never be too careful.
An excerpt would do no justice to the article, therefore, I am pleading with you, to read the article.
The said update is coming by September 13, 2021, therefore, buckle up.
Excerpt from the article:
We’re releasing a security update which will apply to some Drive files. This will make Google Drive files more secure by updating their links and may lead to some new file access requests.
What should I say? That moment when you might be broke, and there you are, your computer is making money for someone else without your knowledge.
Excerpt from the article:
Dubbed "Crackonosh," the malware is distributed via illegal, cracked copies of popular software, only to disable antivirus programs installed in the machine and install a coin miner package called XMRig for stealthily exploiting the infected host's resources to mine Monero.
Cover photo by Debby Hudson on Unsplash.
That's it for this week, I'll see you next Friday.