This Week in Security News - September 17, 2021
2021 Midyear Cybersecurity Report and Apple emergency patches fix zero-click iMessage bug used to inject NSO spyware
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about the attack landscape in our 2021 Midyear Cybersecurity Report. Also, learn about the Apple emergency update to fix a zero-click iMessage bug.
Read on:
Midyear 2021 Cybersecurity Landscape Review: Attacks From All Angles Abound
In the first half of this year, cybersecurity strongholds were surrounded by cybercriminals waiting to pounce at the sight of even the slightest crack in defenses to ravage valuable assets. Threats and risks from all angles soon closed in, bringing with them updated tactics and greater motivation to affect targeted industries. As enterprises move toward the rest of the year, it is helpful to look back and learn from key cybersecurity incidents that shaped the first half of 2021.
Apple Emergency Patches Fix Zero-Click iMessage Bug Used to Inject NSO Spyware
Apple on Monday issued security patches for its mobile and desktop operating systems, and for its WebKit browser engine, to address two security flaws, at least one of which was, it is said, used by autocratic governments to spy on human rights advocates.
APT-C-36 Updates Its Long-term Spam Campaign Against South American Entities with Commodity RATs
In 2019, Trend Micro wrote a blog entry about a threat actor, likely based in Colombia, targeting entities in Colombia and other South American countries with spam emails. This threat actor is sometimes referred to as APT-C-36 or Blind Eagle. Since then, Trend Micro has continued tracking this threat actor. In this blog entry, Trend Micro shares their new findings about APT-C-36’s ongoing spam campaign during that monitoring phase.
3 Former US Officials Charged in UAE Hacking Scheme
Three former U.S. intelligence and military officials have admitted providing sophisticated computer hacking technology to the United Arab Emirates and agreed to pay nearly $1.7 million to resolve criminal charges in an agreement that the Justice Department described Tuesday as the first of its kind.
Analyzing Pegasus Spyware’s Zero-Click iPhone Exploit ForcedEntry
Citizen Lab has released a report detailing sophisticated iPhone exploits being used against nine Bahraini activists. The activists were reportedly hacked with the NSO Group’s Pegasus spyware using two zero-click iMessage exploits: Kismet, which was identified in 2020; and ForcedEntry, a new vulnerability that was identified in 2021.
Close to Half of On-Prem Databases Contain Vulnerabilities, With Many Critical Flaws
The Microsoft Exchange attack wave revealed the risks, but patching isn't always straightforward. On Tuesday, Imperva released the results of the study which analyzed roughly 27,000 databases and their security posture. In total, 46% of on-premises databases worldwide, accounted for in the scan, contained known vulnerabilities.
Critical Azure Security Vulnerabilities Affect Large Organizations
The Wiz Research Team recently found four critical vulnerabilities in OMI, one of Azure’s most ubiquitous yet least known software agents, and deployed on a large portion of Linux VMs in Azure. The vulnerabilities are very easy to exploit, according to Wiz researchers, allowing attackers to remotely execute arbitrary code within the network with a single request and escalate to root privileges.
1H’2021 Security Review Shows Active Cloud Attacks
Two recent reports from Trend Micro highlight the growing importance of cloud security. The midyear report expands on the frequency and complexity of attacks, while the 2021 Cyber Risk Index confirms that cloud security has been a top concern for organizations for the last few years.. This blog highlights an area of increased activity: attacks against cloud infrastructures.
Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability
A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively exploited zero-day in its MSHTML Platform that came to light last week.
What surprised you most about the 2021 Midyear Cybersecurity Report? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.