Tag Archive for: Flags

Google Flags 8th Chrome Zero-Day of the Year

/in


Governance & Risk Management
,
Patch Management

Exploit for WebRTC Exists in the Wild

Mihir Bagwe (MihirBagwe) •
December 21, 2023    

Google Flags 8th Chrome Zero-Day of the Year
Image: Shutterstock

Google rolled out security updates Wednesday for its Chrome web browser to fix a critical vulnerability exploited in the wild.

See Also: 10 Belt-Tightening Tips for CISOs to Weather the Downturn

“Google is aware that an exploit for CVE-2023-7024 exists in the wild,” Chrome’s security advisory said.

The zero-day vulnerability is a heap-based buffer overflow bug in the open-source WebRTC framework.

WebRTC is a critical component that allows real-time communication and data exchange between different browsers and devices. It focuses on audio and video traffic, allowing developers to build voice- and video-communication solutions. WebRTC provides software developers with application programming interfaces written in JavaScript.

Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group discovered and reported the flaw.

It marks the eighth Chrome zero-day of the year. Lecigne in September reported another heap-based buffer overflow zero-day that was fixed but was “in use by a commercial surveillance vendor,” at the time (see: Chrome Patches 0-Day Exploited by Commercial Spyware Vendor).

Details of the latest zero-day are scarce as “access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google said. Google is trying to reduce the likelihood of threat actors developing newer exploits by not disclosing complete technical information. Data from cybersecurity firm Qualys stated that 25% of the high-risk security vulnerabilities discovered in 2023 had been…

Source…

Nothing’s Imessage Hack For You To Chat Via Android Comes With Some Red Flags

/in


(MENAFN– IANS) San Francisco, Nov 15 (IANS) Global consumer electronics brand Nothing, which added Apple’s iMessage functionality to Android Phone (2) via a new“Nothing Chats” app powered by the messaging platform Sunbird, comes with some red flags.

Sunbird will offer support for iMessage service, allowing users of Nothing’s flagship phone to text iPhone users as if they were on an iPhone themselves, appearing as a blue bubble. Nothing Chats will also support texting to other Android phones via RCS, in addition to SMS and MMS.

The app will be available to download from the Google Play Store, and will initially be available in the US, Canada, the UK and other European countries starting November 17.

While little is known about the Sunbird app, it promises to make this app available for free to all users.

On downloading the app, users will need to log in to Nothing Chats with an Apple ID username or create one if they don’t have one, according to CNET.

Even though Nothing promises that neither it nor Sunbird will store any of your message data or Apple ID information, it should be noted that users will be initially entering their login details that might also be tied to other Apple services.

According to a Nothing representative, these details are tokenised by Sunbird, used to set up a relay with one of Sunbird’s Mac Mini computers that make the connection to iMessage and after setup are destroyed by Sunbird.

After that, users will need to set Nothing Chats as their default messaging app to start sending and receiving iMessage chats from iPhone users alongside texts from Android devices.

Another thing that needs to be noted here is that iMessage texts users send will use the email address attached to their Apple ID instead of their phone number. It’s similar to using iMessage from an iPad or Mac computer when they don’t otherwise have an iPhone.

According to the report, Nothing plans to build phone number compatibility in a future update.

For now, users’ texts may appear to come from an email address rather than their phone number, but whoever they text can fix this by including their Apple ID email address in their contact information on…

Source…

Slow Wi-Fi is sign to ‘immediately disconnect router’ over spying hack attack – and four other red flags to never ignore

/in


EXPERTS have revealed five major signs that could indicate your Wi-Fi has been hacked.

Wi-Fi is a convenient way to connect to the internet, but it can also be a security risk.

Experts have revealed seven major signs that could mean your Wi-Fi has been hacked

1

Experts have revealed seven major signs that could mean your Wi-Fi has been hackedCredit: Getty

If it’s not properly set up, hackers and cybercriminals can steal your information and even your money.

Below we have shared 5 signs that your Wi-Fi network has been hacked, per Keeper Security.

YOU CAN’T LOG IN

One of the biggest signs your router has been hacked is the inability to log in to your router’s admin settings.

This is likely because cybercriminals broke into your account and changed your password. 

“When hacking a router, your settings are the first place a cybercriminal will look to compromise because they’ll have the ability to change the settings on your router to anything they want,” Keeper Security noted.

“They can then use their elevated privileges to launch other cyberattacks that target you and your data.”

YOUR BROWSER REDIRECTS YOU

Another sign that your router has been hacked is if you’re constantly being redirected to random websites.

For example, you could be trying to go to Facebook.com, but instead, your browser takes you somewhere else.

“Cybercriminals are able to do this by changing your router’s Domain Name System (DNS) and IP address settings,” Keeper Security said.

They also noted that these websites that you’re being redirected to are often harmful.

In this case, you should avoid clicking on something on the website or risk getting malware.

SUSPICIOUS ACTIVITY ALERTS FROM YOUR ISP

If you get suspicious activity alerts from your internet service provider, then your network has likely been hacked.

“Your Internet Service Provider (ISP) has a good idea of how often you use the internet and what you tend to use it for,” Keeper Security noted.

“If your ISP detects increased or unusual activity, they may send you an alert to notify you of the activity,” they added.

However, it’s important to make sure that the notification is legitimately from your ISP.

“You can do this by calling your ISP with the number on their official website to verify that they were the ones…

Source…

Microsoft Defender Flags Tor Browser as Win32/Malgent!MTB Malware

/in


The detection of Tor browser’s latest version as Win32/Malgent!MTB malware is likely a false positive.

Microsoft Defender, a popular antivirus program, is apparently falsely flagging Tor Browser as Win32/Malgent!MTB malware. This is causing concern for users who rely on the Tor Browser to protect their privacy and security.

Tor Browser is a free and open-source web browser that uses the Tor network to anonymize browsing traffic. This makes it a popular choice for users who want to protect their privacy online.

Microsoft Defender is detecting the latest version of Tor Browser as malware because it is using a new heuristic detection method that is designed to identify Trojans that use Tor to hide their activity. However, the heuristic method is too broad and also flags the Tor Browser itself as malware.

Microsoft Defender Flags Tor Browser as Win32/Malgent!MTB Malware
Users have been reporting the issue. The first screenshot is from a well-known Russian cybercrime and hacker forum, while the rest of the screenshots were sourced from Reddit (Credit: Hackread.com)

What is the heuristic detection method?

Heuristic detection is a method of detecting malware that uses rules and algorithms to identify suspicious behaviour. It is different from signature-based detection, which relies on a database of known malware signatures.

Heuristic detection methods can be very effective at detecting new and emerging malware threats, but they can also generate false positives. This is because heuristic detection methods can sometimes flag benign software as malware.

According to Microsoft, its Defender security solution uses a combination of signature-based and heuristic detection methods to protect users from malware. However, the recent false positive detections of Tor Browser suggest that the heuristic detection method in Microsoft Defender may be too broad.

Win32 Malgent!MTB malware?

Win32/Malgent!MTB is a generic detection that Microsoft Defender uses to identify Trojans that are designed to perform a variety of malicious actions on a computer.

These actions can include downloading and installing other malware, using the computer for click fraud, recording keystrokes and the websites visited, sending information about…

Source…