AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/01/2022

Google: Half of 2022’s Zero-Days Are Variants of Previous Vulnerabilities

Google Project Zero has observed a total of 18 exploited zero-day vulnerabilities in the first half of 2022, at least half of which exist because previous bugs were not properly addressed. According to Google Project Zero researcher Maddie Stone, nine of the in-the-wild zero-days seen so far this year could have been prevented had organizations applied more comprehensive patching. “On top of that, four of the 2022 zero-days are variants of 2021 in-the-wild zero-days. Just 12 months from the original in-the-wild zero-day being patched, attackers came back with a variant of the original bug,” Stone says.


Norway hit with cyberattack, temporarily suspending service

Norway’s public and private sector websites were temporarily down on Wednesday following a cyberattack that targeted the country’s national data network, forcing it to suspend online services for several hours. Sofie Nystrøm, head of the Norwegian National Security Authority (NSM), said a criminal pro-Russian group seemed to be behind the hacks, adding the attacks “give the impression that we are a piece in the current political situation in Europe,” according to The Associated Press.


Is Your New Car a Threat to National Security?

STARTING THIS WEEK, Teslas won’t be welcome in the Chinese resort town of Beidaihe. The electric cars are strictly banned on the streets of the coastal city for the next two months, as senior Communist leadership descends on the city for a secret conclave. It’s not the first time, either. The city of Chengdu barred Teslas in advance of a June visit from President Xi Jinping, Reuters reported, while some military sites have similarly forbade Elon Musk’s flagship product. While no official reason was released, the bans seem to be out of concern that the vehicles’ impressive array of sensors and cameras may offer a line of sight into meetings of Beijing’s senior leadership. It’s a curious move. China is, increasingly, one of the most connected countries in the world—Chinese industry has even tried to brand Chengdu as the “5G Joy City,” where locals are encouraged to stream their daily lives.


Microsoft: This Android malware will switch off your Wi-Fi, empty your wallet

Microsoft has shared its detailed technical analysis of the persistent problem of ‘toll fraud’ apps on Android, which it said remains one of the most prevalent types of Android malware. Microsoft’s 365 Defender Team points out that ‘toll billing’, or Wireless Application Protocol (WAP) fraud, is more complex than SMS fraud or call fraud because of its multi-step attack flow that developers are improving. WAP fraud involves using an infected device to connect to payment pages of a premium service via a device’s WAP connection. From there, payments are automatically charged to a device’s phone bill. 


Researchers Warn of Teen Hacking Group on Discord

Security researchers are urging parents to take a greater interest in their children’s online activities after discovering a hacking group on Discord populated by teenagers. Avast claimed the online community is advertising and sharing malware on the popular messaging platform. “The group advertises easy-to-use malware builders and toolkits so that users can DIY their own ransomware, information stealers, and crypto miners,” the vendor explained in a blog post. “The malware builders provide an easy entry – they require no actual programming, just customization of functions and appearance – into this activity and allow kids to prank people and make money. And the community aspect of a Discord server also provides a sense of camaraderie and community.”


*News Nuggets will be back on July 18th after Mary’s vacation*

Related Posts