Categories
Breach Bug COVID CVE Cyber Security Data leak Hacking Malware Phishing RCE Vulnerability

Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack, German COVID-19 Contact-Tracing Vulnerability Allowed RCE, and more

Major cybersecurity events on 20th November 2020 (Morning Post): German COVID-19 Contact-Tracing Vulnerability Allowed RCE, VMware SD-WAN Vulnerabilities Expose Enterprise Networks to Attacks, Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack.

Round Up of Major Breaches and Scams

Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack

Researchers have unveiled an attack that allows attackers to eavesdrop on homeowners inside their homes, through the LiDAR sensors on their robot vacuums. The vacuums, which utilize smart sensors in order to autonomously operate, have gained traction over the past few years. LiDAR, which stands for Light Detection and Ranging, is a remote sensing method that uses light in the form of a pulsed laser to measure distances to or from nearby objects.

Round Up of Major Malware and Ransomware Incidents

New Grelos skimmer variant reveals overlap in Magecart group activities, malware infrastructure

A new variant of a skimmer has revealed the increasingly muddy waters associated with tracking groups involved in Magecart-style attacks. A new Grelos skimmer has shown there is “increased overlaps” in Magecart infrastructure and groups, with this malware — alongside other forms of skimmer — now being hosted on domain infrastructure used by multiple groups, or connected via WHOIS records, known phishing campaigns, and the deployment of other malware, creating crossovers that can be difficult to separate.

Round Up of Major Vulnerabilities and Patches

VMware SD-WAN Vulnerabilities Expose Enterprise Networks to Attacks

VMware on Wednesday patched a total of six vulnerabilities in its SD-WAN Orchestrator product, including flaws that can be chained by an attacker to steer traffic or shut down an enterprise network. Three of the vulnerabilities were reported to VMware by Israel-based cybersecurity consulting firm Realmode Labs. VMware has described the security holes as a high-severity SQL injection bug that can allow unauthorized access to data, a medium-severity directory traversal issue that can lead to arbitrary code execution, and a medium-severity problem related to default passwords.

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA). Researcher Alvaro Munoz and his team at GitHub Security Labs were chasing down RCE vulnerabilities found one in the infrastructure supporting CWA for Android and OS. The team said it worked with SAP to mitigate the issue, adding as a server-side issue, the mobile apps themselves were not impacted, and that no data was collected beyond a device’s IP address.

Facebook Messenger bug allowed Android users to spy on each other

Facebook fixed a critical flaw in the Facebook Messenger for Android messaging app that allowed callers to listen to other users’ surroundings without permission before the person on the other end picked up the call. Attackers could have exploited this bug by sending a special type of message known as SdpUpdate which would cause the call to connect to the callee’s device before it was answered.

Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Drupal development team has released security updates to address a remote code execution flaw, tracked as CVE-2020-13671 which was caused by the failure to properly sanitize the names of uploaded files. It has been classified as critical according to the NIST Common Misuse Scoring System.

GO SMS Pro Android App Exposes Private Photos, Videos and Messages

A security weakness discovered in the GO SMS Pro Android app can be exploited to publicly expose media sent using the app, according to researchers. The GO SMS Pro application is a popular messenger app with more than 100 million downloads. Researchers at Trustwave SpiderLabs said that private voice messages, videos messages and photos are all at risk of being compromised by a trivially exploitable flaw in version 7.91.