Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Why you need to alwa ...

 Tips

Lots of iPhone users arent crazy about the iOS built-in browser, Safari, and prefer to use an alternative — Google Chrome, Mozilla Firefox, or even something more exotic like DuckDuckGo, Brave or Microsoft Edge (yes, theres Edge for iOS!). iPhone users who prefer alternative browsers might get lulled into thinking   show more ...

that the vulnerabilities in Safari and the WebKit engine dont present a direct danger to them. Unfortunately, this isnt the case. In this post, we give you the lowdown and tell you why you need to make sure that Safari and WebKit on your iPhone are always updated in time. Every browser in iOS is Safari Every browser is based on what is called an engine. The engine processes the code that is received from the internet and transforms it into the web pages that the browser ultimately shows the user. Of course, the browser has a bunch of other necessary and useful parts that direct the engine and ensure that the additional features work. Think of the browser engine like the engine of a car: its the most important part of a browser and without it you wont get anywhere. There are three major browser engines in the world. Google uses its own V8 engine in its Chrome and Chromium browsers, while Microsoft Edge and dozens of other browsers are based on Chromium. There is also the Gecko engine — its modern version is called Quantum — which Mozilla developed and supports for the Firefox browser and a few others. Finally, the third giant of the modern web is Apples engine — Webkit, which is used in the Safari browser. But heres the thing. The Chrome and Firefox versions for desktop computers and Android are built on Googles V8 engine and Mozillas Gecko/Quantum engine, respectively. However, its a different story for iPhones. In keeping with Apples policies, there is only one engine permitted in iOS — you guessed it: WebKit. This means that all browsers for iOS are essentially Safari with different user interfaces. Excerpt from the iOS app developer rules: Apps that browse the web must use the appropriate WebKit framework and WebKit JavaScript. This means that all vulnerabilities found in WebKit present a danger for users of any browsers for iOS. Since iPhones are a very tempting target for hackers, security specialists study the WebKit engine all the more closely, and as a result, they find vulnerabilities in it rather often. This includes vulnerabilities that attackers are already using in the wild. One of the most dangerous types of vulnerabilities in a browser engine is a so-called zero-click vulnerability, which allows bad actors to infect an iPhone without any action by the user. When this kind of vulnerability is exploited, the user doesnt need to be convinced to download or install anything. All the attacker needs do is draw the victim to a specially built website with malicious code or hack a popular site and implant the malicious code in it. After the user visits such a site through a vulnerable browser, the attackers can take control of the iPhone. How to update Safari and WebKit Its important to remember that the update of the WebKit engine and Safari browser isnt related to the update of the browser apps youre using. Google Chrome automatically updates from the App Store — that is, if you havent disabled this option, and we dont recommend that you do — but in essence this is an update of the shell program, not the engine. So this wont solve the problem of vulnerabilities in WebKit. To avoid vulnerabilities in both the WebKit engine and Safari browser, you need to install the appropriate iOS updates. The best thing to do is to make sure to install all the latest operating system updates — after all, the vulnerabilities arent just in the browser engine but also in other important components of iOS. To update your iPhone, go to Settings -> General -> Software Update. If you see a button on the screen that says Download and Install, tap it and follow the instructions. Where to find the iOS update in your iPhones settings Dont be afraid of iOS updates A lot of users are lukewarm about updating the operating system: some people dont like having to get used to new features in the interface, some worry about having less storage, while others fear that after an update the iPhone may start to slow down or some old apps that are no longer supported in the new version will stop working. These fears arent totally unfounded. Its true that Apple does sometimes make the interface less user-friendly. Its also true that each new version of the system takes up a bit more storage than the previous one and leaves less space for your files. And its no myth that iPhones have slowed down after an update — this has been documented. But we still recommend that you always keep your iPhone updated: doing so is crucial for keeping your data safe and ensuring that it doesnt fall into the wrong hands. Unfortunately, there is no full-fledged antivirus for iOS. That means that the iPhones security is contained only in Apples protection mechanisms, so any hole in them without a system update remains an open door for hackers.

 Companies to Watch

The Series A funding round was led by NEA with participation from General Catalyst, UNION Labs, and the founders of Snowflake, Okta, Dropbox, VMware, Segment, and Databricks.

 Malware and Vulnerabilities

So far, this year, Sucuri's monitoring has detected over 3,000 websites infected with this injection this year and over 17,000 in total since the firm first detected it in March of 2021.

 Malware and Vulnerabilities

A serious vulnerability has been discovered in the Spring Cloud Java Framework that may lead to RCE or result in the compromise of an entire host. Tracked as Spring4 Shell, it was found circulating on a Chinese cybersecurity site and QQ chat service. Currently, a way to partially stop Spring4Shell attacks is to disallow certain patterns to be passed to the Spring Core DataBinder functionality.

 Malware and Vulnerabilities

Morphisec laid bare a new Mars Stealer campaign—abusing Google Ads ranking techniques—to lure Canadian users into downloading a malicious version of OpenOffice. A bug in the configuration instructions of the cracked version of Mars Stealer, which appears to be an honest mistake by the operators, gives anyone   show more ...

access to the logs directory of victims. Organizations are suggested to protect sensitive data with proper access management and encryption.

 Feed

Red Hat Security Advisory 2022-1173-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP request smuggling vulnerability.

 Feed

Red Hat Security Advisory 2022-1137-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

 Feed

Red Hat Security Advisory 2022-1139-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

 Feed

Red Hat Security Advisory 2022-1138-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

 Feed

Red Hat Security Advisory 2022-1136-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.

 Feed

A previously undocumented "sophisticated" information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200. "BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP credentials, saved browser credentials, and email clients," Zscaler ThreatLabz researchers Mitesh Wani

 Feed

A variant of the Mirai botnet called Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers between February and March 2022 to infect unpatched devices and expand its reach potentially. "The Beastmode (aka B3astmode) Mirai-based DDoS campaign has aggressively updated its arsenal of exploits," Fortinet's FortiGuard Labs Research team said. "Five new exploits were

 Feed

An Android spyware application has been spotted masquerading as a "Process Manager" service to stealthily siphon sensitive information stored in the infected devices. Interestingly, the app — that has the package name "com.remote.app" — establishes contact with a remote command-and-control server, 82.146.35[.]240, which has been previously identified as infrastructure belonging to the

 Feed

At least three different advanced persistent threat (APT) groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and SideWinder, have targeted a variety of sectors, including energy, financial, and governmental

 Feed

A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale. Dubbed "Brokenwire," the method interferes with the control communications that transpire between the vehicle and charger to wirelessly abort the

 Business + Partners

Cyber threats are becoming increasingly difficult to detect. Cybercriminals are also becoming experts in deception. What does this mean for your business? How can you keep your family members safe online and reassure your customers you are protecting their data? Our threat research analysts have complied the latest   show more ...

threat intelligence data to bring you the most cutting-edge and insightful information about the most recent cyber threats and what they mean for you. Below is a summary and sneak peek from the full report. Malware Whether you operate a business or spend time online surfing the web, malware remains a concern. In the last year, 86% of malware remained unique to a PC, which has been consistent for the past few years. This implies attackers are obtaining a level of consistency in what they do to avoid being caught. While the goal of spreading infection is top of mind for a bad actor, infection rates are not equal. When we examined the trends between businesses and consumers, there are some marked differences: 53% of consumer PCs were infected more than once, but businesses lag behind migrating from Windows 7, leaving them more suspectable to infection.For medium-sized organizations (21 to 100 licensed PCs) infection rates are just over one-third (34%), infecting nine PCs on average.The manufacturing, public administration and information sectors experienced higher-than-average infection rates. If your business falls within these industries or if you’re concerned your personal PC could be prone to infection, read the complete section on malware in the 2022 BrightCloud® Threat Report. It’s chock full of insights into the differences in infection rates by type of PC, region and industry. Skyrocketing ransomware payments will cost more than just your revenue If you’re a small business owner, you don’t need to be told that you’ve suffered immensely throughout the pandemic. Exposure to ransomware is just another element you’ve had to consider. Ransomware continues to plague small to medium-sized businesses (SMBs). While this is not a new revelation, the smallest organizations, those with 100 employees or less, accounted for 44% of ransomware victims last year. That’s nearly half. Why do cybercriminals focus on SMBs? Attacks on larger enterprises and state-owned entities bring a level of publicity and attention that makes it harder for bad actors to achieve their goal of a financial payout. SMBs, given the lack of resources to respond, are more likely to pay and pay a lot. The year-end average for 2021 more than doubled the 2020 average, reaching $322,168. With limited resources at their disposal, the smallest of organizations are faced with tough decisions ahead when it comes to making ransomware payments and disclosing their decision to do so. Law enforcement agencies are starting to gain headway on ransomware gangs. To learn how countries are banding together to shutdown notorious groups like REvil and DarkSide, check out the ransomware section of the full report. High-risk URLs are phishing for your data in the most benign of locations We discovered four million new high-risk URLs were in existence in 2021. To make matters worse, almost 66% of them involved phishing. Cybercriminals look to certain times of the year to execute their attacks. They are also keen to impersonate well-known brands to lure you into clicking on malicious links. Our complete list of top brands that are most impersonated is available in the phishing section of our full report. ­­­Thwarting cyber threats through cyber resilience “Businesses’ ability to prepare for and recover from threats will increase as they integrate cyber resilience into their technologies, processes, and people,” said Mark J. Barrenechea, OpenText CEO & CTO. “With security risks escalating worldwide and a persistent state of ‘unprecedented’ threats, compromises are inevitable. This year’s findings reiterate the need for organizations to deploy strong multi-layered security defenses to help them remain at the heart of cyber resilience and circumvent even the most creative cybercriminals.” Our full report helps you uncover the latest cyber trends powered by our BrightCloud® Threat Intelligence platform. To learn more and empower your cyber know-how, download the 2022 BrightCloud® Threat Report. The post Soaring ransomware payments, consistent infections, deceptive URLs and more in this year’s 2022 BrightCloud® Threat Report appeared first on Webroot Blog.

2022-04
Aggregator history
Monday, April 04
FRI
SAT
SUN
MON
TUE
WED
THU
AprilMayJune