Decade-old bugs discovered in Avast, AVG antivirus software
Researchers have disclosed Two high-severity vulnerabilities in Avast and AVG antivirus products, which have gone undetected for a decade, have been revealed by researchers at Sentinel Labs. On Thursday, an advisory was published in SentinelOne, outlining the flaws, whihc are now being tracked as CVE-2022-26522 and CVE-2022-26523. Avast acquired AVG in 2016 for $1.3 billion. The report suggests these vulnerabilities have been active since 2012 and consequently “could have affected dozens of millions of users worldwide.” “SentinelLabs reported the vulnerabilities to Avast on December 20, 2021 and they were patched by February 11. SentinelLabs said there is no evidence of active exploitation in the wild.”
(ZDNet)
Thailand and Hong Kong Banks used most in BEC
According to the FBI, fraudsters “have tried to steal over $43bn via business email compromise (BEC) attacks over the past six years, with Asian banks the primary recipients of stolen funds.” The scam has grown to impact not only large enterprises but also SMBs and even personal transactions, the Bureau claimed with real losses and attempted heists rising particularly fast over the course of the pandemic. Scams have been reported in all 50 states, and 177 countries worldwide and although 140 countries have received stolen funds, banks in Thailand and Hong Kong were the most common destinations last year, followed by China came in third, Mexico and Singapore.
Every ISP in the US must block these 3 pirate streaming services
According to WIRED, “a Federal judge has ordered all internet service providers in the United States to block three pirate streaming services operated by Doe defendants who never showed up to court and hid behind false identities.” The orders affect Israel.tv, Israeli-tv.com, and Sdarot.tv, as well as related domains listed in the rulings which were issued April 26. Each of the rulings lists 96 ISPs that are expected to block the websites. These include Comcast, Charter, AT&T, Verizon, and T-Mobile. In adddition, the rulings say that all ISPs must comply even if they aren’t on this list of 96. The defendants named in this ruling are “liable for copyright infringement and violated the anti-circumvention provision of the Digital Millennium Copyright Act (DMCA).”
(Wired)
Tor Project upgrades network speed performance with new system
The Tor Project is introducing a new system called Congestion Control that promises to eliminate speed limits on the network. It is already up and running in the Tor protocol version 0.4.7.7, the latest stable release available since last week. Congestion Control “will result in significant performance improvements in Tor, as well as increased utilization of our network capacity,” say the maintainers of the project. This improvement addresses one of its chief liabilities which has been slow browsing speeds due to traffic congestion.
Thanks to our episode sponsor, Censys
New NetDooka malware spreads via poisoned search results
According to Trend Micro, “a new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install (PPI) malware distribution service, allowing threat actors full access to an infected device.” NetDooka is an up-until-now undocumented malware framework whihc uses “a loader, a dropper, a protection driver, and a powerful RAT component that relies on a custom network communication protocol.” Researchers at TrendMicro warn that while the tool is still in an early development phase, it is already very capable, and it relies on SEO poisoning, “also known as search poisoning, which is an attack method in which cybercriminals create malicious websites and use search engine optimization tactics to make them show up prominently in search results.”
(Bleeping Computer and TechTarget)
Nakasone says Cyber Command did nine ‘hunt forward’ ops last year, including in Ukraine
National Security Agency Director and U.S. Cyber Command Gen. Paul Nakasone stated on Tuesday that Cyber Command “conducted nine hunt forward operations in different countries last year. He used this fact to illustrate why the command’s use of persistent engagement is critical to its success. “The nine hunt-forward operations conducted last year are an example of the persistent engagement model of cyber operations which grew out of the 2018 DOD strategy, Nakasone said.”
F5 warns of critical bug allowing remote code execution in BIG-IP systems
Application service provider F5 is warning of “a critical vulnerability allows unauthenticated hackers with network access to execute arbitrary commands on its BIG-IP systems.” F5 BIG-IP is a blend of software and hardware designed around access control, application availability and security solutions. CVE-2022-1388 has a CVSS rating of 9.8 and resides in the representational state transfer (REST) interface for the iControl framework which is used to communicate between the F5 devices and users.
Biden orders new quantum push to ensure encryption isn’t cracked by rivals
US president Joe Biden issued two directives on Wednesday aimed at boosting progress in quantum computing, especially in the area of cryptography. The first creates “a National Quantum Initiative Advisory Committee comprising up to 26 experts from industry, academia, and federal laboratories – all appointed by the president and under the authority of the White House.” The second is a memorandum “designed to promote US leadership in quantum computing while mitigating risks to cryptographic systems.”