Avast Blog_Security News: Data breach chaos and a new spooky Spectre
#1
Information 
Quote:
[Image: TVDumYE.png]

[Image: avast-security-news-roundup-12-1.jpg?width=900]

In this week’s cybernews, TurboTax responds to breach claims, your WebEx meeting could be at risk, and a new threat haunts processing chips.

All-in-one bots perform credential stuffing

Cybersecurity experts reported this week that for an eight-month period in 2018, retail websites were hit with 10 billion credential stuffing attacks. Credential stuffing is an automated attack that bombards accounts by trying to log in using the vast amount of stolen credentials. With the millions of stolen or leaked credentials in today’s unending data breaches, cybercriminals can choose, instead of breaking into an account, to use the proper credentials and walk in the virtual front door.

Software can be programmed to run these kinds of attacks with ease, and the use of “all-in-one” (AIO) bots allows cyberattackers not only to launch the credential stuffing attack, but also to use successfully compromised accounts to make purchases. The common tactic is then for the thief to resell the item for cash. Clothing and department stores seem to be the most popular targets. Experts suggest these attacks can be mitigated both by retailers implementing better security measures that can detect credential stuffing attacks and by consumers making sure they do not reuse passwords across multiple accounts.

Furthering this advice, Avast security evangelist Luis Corrons notes, “Apart from not re-using credentials — an easy task when using a password manager — using 2FA [two-factor authentication] renders this kind of attack useless. Always enable 2FA when available.”

WebEx flaw could allow attackers in

A flaw has been found in the Cisco WebEx Meetings Desktop app releases between 33.6.4.15 and 33.8.2.7. The vulnerability has been labeled CVE-2019-1674, and it is an OS Command Injection which essentially bypasses new controls. The new controls refer to a patch Cisco included in a recent update that fixes a DLL hijacking issue. By exploiting this vulnerability, an attacker could replace the Cisco WebEx Meeting update binary with a previous version that is vulnerable. Once the WebEx software is “updated” with the old, flawed version, the attacker can then escalate privileges and begin running arbitrary commands.

ExSpectre when you least expect it

Last year around this time, the world was learning about Meltdown and Spectre, the two vulnerabilities discovered to be an architectural aspect of most computer processing chips in the world. The flaws centered around the processing chips’ “speculative execution” feature, a process that enables CPUs to compute various scenarios in advance as preparation. When one scenario fits the need, all other “speculative threads” are discarded. Meltdown and Spectre allowed hackers to access these speculative threads before they were erased.

This week University of Colorado Boulder academics announced that speculative execution can be used for more than data theft — it can also be used to hide malware. They named the malicious process ExSpectre. They describe it as a ruse where the computer system believes that application binaries configured with malware are actually benign. But once a specific speculative execution thread is launched, it could trigger the binary into executing harmful operations.
Full Reading
[-] The following 2 users say Thank You to harlan4096 for this post:
  • darktwilight, jasonX
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Find out if an USB device is fake with f...
Fake USB devices c...harlan4096 — 08:47
Windows 11 KB5048685 Update causes Wi-Fi...
The KB5048685 Upda...harlan4096 — 12:36
Windows 11: issue may prevent further in...
The latest version...harlan4096 — 08:47
Notepad++ v8.7.5 (2024-12-25)
Notepad++ v8.7.5 (...harlan4096 — 08:16
AdGuard for Mac 2.16.2
AdGuard for Mac 2....harlan4096 — 08:13

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>