Decade-old bugs discovered in Avast, AVG antivirus software
Researchers have disclosed two high-severity vulnerabilities in Avast and AVG antivirus products which have gone undetected for ten years. On Thursday, SentinelOne published a security advisory on the flaws, tracked as CVE-2022-26522 and CVE-2022-26523. Avast acquired AVG in 2016 for $1.3 billion. According to the cybersecurity firm, the vulnerabilities have existed since 2012 and, therefore, could have affected “dozens of millions of users worldwide.” SentinelLabs reported the vulnerabilities to Avast on December 20, 2021 and they were patched by February 11. SentinelLabs said there is no evidence of active exploitation in the wild.
(ZDNet)
Thailand and Hong Kong Banks used most in BEC
The FBI has warned that fraudsters have tried to steal over $43bn via business email compromise (BEC) attacks over the past six years, with Asian banks the primary recipients of stolen funds. The scam has grown to impact not only large enterprises but also SMBs and even personal transactions, the Bureau claimed with real losses and attempted heists rising particularly fast over the course of the pandemic. Scams have been reported in all 50 states, and 177 countries worldwide and although 140 countries have received stolen funds, banks in Thailand and Hong Kong were the most common destinations last year, followed by China came in third, Mexico and Singapore.
Every ISP in the US must block these 3 pirate streaming services
A FEDERAL JUDGE has ordered all internet service providers in the United States to block three pirate streaming services operated by Doe defendants who never showed up to court and hid behind false identities. The orders affect Israel.tv, Israeli-tv.com, and Sdarot.tv, as well as related domains listed in the rulings which were issued April 26. Each ruling provides a list of 96 ISPs that are expected to block the websites, including Comcast, Charter, AT&T, Verizon, and T-Mobile. But the rulings say that all ISPs must comply even if they aren’t on the list. The defendants are liable for copyright infringement and violated the anti-circumvention provision of the Digital Millennium Copyright Act (DMCA).
(Wired)
Tor Project upgrades network speed performance with new system
The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. This new system is up and running in the Tor protocol version 0.4.7.7, the latest stable release available since last week. Congestion Control “will result in significant performance improvements in Tor, as well as increased utilization of our network capacity,” say the maintainers of the project. This fix addresses one of its chief liabilities which has been slow browsing speeds due to traffic congestion.
Thanks to our episode sponsor, Censys
New NetDooka malware spreads via poisoned search results
A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install (PPI) malware distribution service, allowing threat actors full access to an infected device. This previously undocumented malware framework features a loader, a dropper, a protection driver, and a powerful RAT component that relies on a custom network communication protocol. Researchers at TrendMicro warn that while the tool is still in an early development phase, it is already very capable. It’s a malware distribution platform that relies on SEO poisoning, also known as search poisoning, which is an attack method in which cybercriminals create malicious websites and use search engine optimization tactics to make them show up prominently in search results.
(Bleeping Computer and TechTarget)
Nakasone says Cyber Command did nine ‘hunt forward’ ops last year, including in Ukraine
National Security Agency Director and U.S. Cyber Command Gen. Paul Nakasone said Tuesday that Cyber Command conducted nine “hunt forward” operations in different countries last year, a data point he shared to illustrate why the command’s use of persistent engagement is critical to its success. The nine hunt-forward operations conducted last year are an example of the persistent engagement model of cyber operations which grew out of the 2018 DOD strategy, Nakasone said.
F5 warns of critical bug allowing remote code execution in BIG-IP systems
Application service provider F5 is warning a critical vulnerability allows unauthenticated hackers with network access to execute arbitrary commands on its BIG-IP systems. The F5 BIG-IP is a combination of software and hardware that is designed around access control, application availability and security solutions. The vulnerability is tracked as CVE-2022-1388 with a severity rating of 9.8 out of 10 by the Common Vulnerabilities Scoring System (CVSS) version 3.90. According to F5, the flaw resides in the representational state transfer (REST) interface for the iControl framework which is used to communicate between the F5 devices and users.
Biden orders new quantum push to ensure encryption isn’t cracked by rivals
US president Joe Biden issued two directives on Wednesday aimed at ensuring the nation – and like-minded friends – remain ahead of other countries in the field of quantum computing. Especially as applied to cryptography. The first directive, creates a National Quantum Initiative Advisory Committee comprising up to 26 experts from industry, academia, and federal laboratories – all appointed by the president and under the authority of the White House. The second is a memorandum designed to promote US leadership in quantum computing while mitigating risks to cryptographic systems. While acknowledging the positive developments that quantum computing can bring, his statement also issued a stark warning: “Research shows that at some point in the not-too-distant future, when quantum computers reach a sufficient size and level of sophistication, they will be capable of breaking much of the cryptography that currently secures our digital communications on the Internet.”