AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/21/2022

Don’t Look Now, but Congress Might Pass an Actually Good Privacy Bill

USUALLY, WHEN CONGRESS is working on major tech legislation, the inboxes of tech reporters get flooded with PR emails from politicians and nonprofits either denouncing or trumpeting the proposed statute. Not so with the American Data Privacy and Protection Act. A first draft of the bill seemed to pop up out of nowhere in June. Over the next month, it went through so many changes that no one could say for sure what it was even designed to do. For such an important topic, the bill’s progress has been surprisingly under the radar. Now comes an even bigger surprise: A new version of the ADPPA has taken shape, and privacy advocates are mostly jazzed about it. It just might have enough bipartisan support to become law—meaning that, after decades of inaction, the United States could soon have a real federal privacy statute.


Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices

Apple released security updates to fix 37 vulnerabilities impacting iOS, iPadOS, macOS, tvOS, and watchOS devices. The flaws addressed by Apple lead to arbitrary code execution, privilege escalation, denial-of-service (DoS), and information disclosure.

One of the most severe issues addressed by the IT giant is a heap buffer overflow tracked as CVE-2022-2294. The vulnerability resides in the Web Real-Time Communications (WebRTC) component and was discovered by Google researchers who confirmed it is actively exploited in the wild in attacks aimed at Chrome users. The vulnerability was reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01.

Another arbitrary code execution issue that was addressed by the company with the release of Safari 15.6 are:

  • CVE-2022-32792 – An out-of-bounds write issue was addressed with improved input validation.

The company also addressed several arbitrary code execution flaws impacting Neural Engine, Audio, GPU Drivers, ImageIO, and Kernel.

Users should upgrade their devices by installing iOS 15.6, iPadOS 15.6, macOS (Monterey 12.5, Big Sur 11.6.8, and 2022-005 Catalina), tvOS 15.6, and watchOS 8.7.


Nasty new YouTube scam could land you in hot water

A nasty new malware campaign has been identified, abusing Google’s advertising system to lay the foundations for all manner of cyberattacks.

Earlier this week, cybersecurity researchers from Malwarebytes discovered that unknown threat actors had bought an ad that is displayed on top of Google’s search engine results pages whenever someone types the keyword “YouTube”, or other relevant keywords. The particularly nasty part is that it is impossible to distinguish the fake ad from a legitimate example. It features a genuine link and comes with all of the usual advertising elements. In other words, even the most careful among us could be forgiven for falling for the scam.


Hackers use PayPal accounts to spoof popular brands, create fake invoices

Researchers on Thursday found another way hackers are getting into user inboxes: creating fake invoices in PayPal, and using the legitimacy of the site to get into the inbox.  In a blog post, Avanan researchers said starting in June of this year they have seen hackers use PayPal to send malicious invoices and request payments. Here’s what they do: The hackers send the email from PayPal’s domain, using a free PayPal account that they have signed up for, with the email body spoofing brands like Norton. The hackers then leverage legitimate and popular websites to get into inboxes and steal credentials and money.    


LinkedIn is the most faked brand for phishing attacks — beware of malware-infested emails

Cybersecurity researchers list the most frequently faked brands cybercriminals imitate in phishing attacks to steal users’ private information and payment information — and LinkedIn is leading the pack. In Check Point Research’s brand phishing report, the professional networking and social media platform continues to be the biggest target for threat actors to trick unsuspecting victims into sharing confidential credentials. In the second quarter of 2022, 45% of all phishing attempts come from faked LinkedIn phishing attempts. While this is a slight decrease compared to its 52% share in the first quarter of this year, the trusted platform still takes up a significant amount of brand phishing attempts, as Microsoft-related scams take second place with a 13% share. While Adidas, Adobe, and HSBC are seeing a slight rise in being imitated by cybercriminals at 1% each, the report points out that social networks are still the most susceptible. Microsoft saw the biggest spike in phishing attacks, with scammers using the technology brand’s name more than twice as much compared to the previous quarter. Delivery company DHL is also frequently faked, taking up 12% of malicious phishing attempts.

Related Posts