Security news weekly round-up - 16th July 2021

8 weeks and counting.

Introduction

Welcome to this week's edition of Security news weekly round-up. I am your host Habdul Hazeez.

In this week's edition, we'll cover stories related to malware, zero-day bugs, cybercrime, and one story about nation-state hackers.

Adobe: Critical Flaws in Reader, Acrobat, Illustrator

Adobe products are popular in the tech industry, therefore, if you use any of the above-named software, update now.

Excerpt from the article:

Successful exploitation could lead to arbitrary code execution in the context of the current user,” Adobe warned, noting that most of the flaws are memory safety issues.

16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain

Banking Trojan? Not good.

Excerpt from the article:

The malware — dubbed "Mekotio" and "Grandoreiro" — functioned by intercepting transactions on a banking website to unauthorizedly siphon funds to accounts under the attackers' control. At least 68 email accounts belonging to official bodies were infected to facilitate such fraudulent transfers.

Chinese Hackers Target Government Entities in Widespread Campaign

The title says it all.

Excerpt from the article:

The threat actor uses spear-phishing emails as the initial assault vector. The emails include a Dropbox download link that fetches a RAR archive posing as a Word document that deploys malware onto target machines.

REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks

REvil has been all over the news in recent weeks, therefore, this disappearance might come as a surprise to some, and others, not so much.

Excerpt from the article:

The situation is still unfolding, but evidence suggests REvil has suffered a planned, concurrent takedown of their infrastructure, either by the operators themselves or via industry or law enforcement action," FireEye Mandiant's John Hultquist told CNBC.

iOS zero-day let SolarWinds hackers compromise fully updated iPhones

Scary to say the least.

Excerpt from the article:

The Russian state hackers who orchestrated the SolarWinds supply chain attack last year exploited an iOS zero-day as part of a separate malicious email campaign aimed at stealing Web authentication credentials from Western European governments, according to Google and Microsoft.

WooCommerce fixes vulnerability exposing 5 million sites to data theft

Woo, Woo, Woo. Patch now!

Excerpt from the article:

Administrators are urged to install the latest release of the platform as the flaw affects more than 90 versions starting with 5.5.0.

Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware

The title says it all.

Excerpt from the article:

The spyware vendor was also formally identified as the commercial surveillance company that Google's Threat Analysis Group (TAG) revealed as exploiting multiple zero-day vulnerabilities in Chrome browser to target victims located in Armenia, according to a report published by the University of Toronto's Citizen Lab.

Credits

Cover photo by Debby Hudson on Unsplash.

That's it for this week, I'll see you next Friday.