Recent security threat we all should know about to avoid digital attacks
In this ever improving technical era digitization is on a rapid increase and so is the risk of security breaches and unwanted privacy exploits. As the technical dependencies are increasing, hackers are extensively finding loopholes in day to day use and professional software to target big organizations as well as individuals. As it is said our security lies in our own hands so it's our responsibility to stay up-to date with recent security threats to avoid being a victim of cyber crime.
iPhone 6s Trident chain Zero Day Vulnerability
iPhone 6s is Reported to have been remotely jailbroken via a text message link which leads to a chain of Zero-Day exploit. Ahmed Mansoor, UAE based human rights defender was targeted by a group of Israel based "cyber war" company called NSO. He received a text message on his iphone 6s promising new secret about detained prisoners tortured in UAE jail. The message being fishy was sent to Citizen Lab researchers where it is found that on clicking the link will initiate remote installation of vector spyware which would have remotely jailbroken iPhone 6s. This trident chain exploit can make any iOS X device an active spyware with full remote privilege to access device camera, microphone, speaker and its GPS can be tracked remotely and all the calls, messages & other logs can be tapped easily.
PATCH:
Apple took swift action to patch this trident chain exploit by releasing iOS 9.3.5 patch. All the iOS users are requested to update their safari browser and iPhone device to patch latest vulnerability. iPhone users are also requested to never open any link sent anonymously.
This vulnerability is a threat to every common user as there are many iOS users, even a single device hack can put others to risk because if one's privacy is breached then the security of the person we're in contact with are also in question. Remote access of any device is the worst thing that can ever happen.
VMware Identity Manager and vRealize Automation security threat
Two of the most widely used VMware products - VMware Identity Manager & vRealize Automation are reported to have multiple security issues. Both the VMware products are vulnerable to local privilege escalation due to which anyone having access to a low privileged account can extend their privilege to gain root access. This vulnerability may lead to remote access to the system. VMware vRealize Automation update is vulnerable to remote code execution allowing attacker to gain access to any low privileged account.
PATCH:
VMware updated version 7.1 is released to patch the existing vulnerability
This vulnerability is not only a threat to all the organization which has virtual OS application but many other tech enthusiasts individual use it too as well as VMware 7.0 or even earlier version are still in use in many technical school &college's system making it all vulnerable to attack.
Drupal Core critical vulnerability
Drupal a popular open source Content Manger Framework (CMS) to develop website has following issues.
1. Users without "Administer comments" can set comment visibility on nodes they can edit-permission to manage visibility on comments is restricted to administrator only where this vulnerability make anyone eligible to mange comment visibility without Administer rights.
2. Cross-site Scripting in HTTP exceptions- this vulnerability allows hackers to run malicious script on user's browser without users’ knowledge gaining access to-website's database &contents which can be later exploited.
3. Full configure export can be downloaded without administrative permissions-this is also one of the permission breach which is reserved only for those having access to export configuration permission.
PATCH:
This vulnerability exists in Drupal version 8.x which is resolved in new patch version Upgrade to Drupal 8.1.10.
This vulnerability is a relevant threat to all the websites which uses drupal as a primary CMS. It is not only a threat to professional websites but to individuals too as many students studying in technical college work in drupal for their projects and assessments.
Adobe Flash Player Security Hole
Kaspersky Security lab discovered a loop hole in Adobe Flash player version 21.0.0.242- which is vulnerable to Advance Persistent Threat (APT) assault. Kaspersky Security researchers claimed that a group of activist called ScarCruf has been attacking PCs with APT assault through Flash vulnerability. These threats allow hacker remote access to the system and in other cases the system can be totally compromised just like in case of a Trojan Horse attack.
PATCH:
Adobe Flash player latest version 22.0.0.192 release is a patch for this APT vulnerability. Meanwhile to be in safer side users can also disable Flash plug-in in their browser and restrict background activity of Adobe flash player so that it can be invoked only when it is needed.
This put all the system running Adobe Flash player version 21.0.0.242 or earlier at extensive risk of remote attack.
Google addressed major security flaw in Microsoft
Google recently addressed a major security loop hole in Microsoft publicly. According to the report vulnerability persist in windows kernal which allow hacker to leverage vulnerabilities in Adobe Flash and Windows kernal to gain root access. Hackers can craft a fake application and trick user into running it as a security update or some other important task, hence upon running the application give hacker permission to install malicious programs, alter data or change system settings and create new accounts with full user rights. Microsoft state that Strontium, a Russia based group is launching “low-volume spear phishing attacks" to exploit the vulnerability.
PATCH:
This vulnerability is recently patched in Chrome browser by Google and Microsoft said the attack could be prevented by enabling Windows Defender Advanced Threat Protection and Windows 10 users running Edge are immune to this attack. Recently Microsoft released a major security update to dissolve this vulnerability completely from all the windows running versions.
As we all know Microsoft is the basic operating system in school colleges household and for personal use too. So we can only imagine the extent of data breach illegal spying it can cause if so many Windows users are at risk.