Web / Internet Threats















        Android Vulnerability Exposes Almost All Apps To Attacks. Android threats continue to hit users, and recently,
        security researchers revealed a newly discovered Android vulnerability called ‘StrandHogg.’ It allows malware
        to act as a legit app to attack Android users, which is Google’s operating system. This treacherous Android
        vulnerability could give hackers access to your private photos and SMS and steal your login credentials,
        monitor your movements, spy using your phone’s camera, and even record your phone’s conversations,
        reveals Promon, a Norwegian security company. The security researchers at Promon made an investigation
        into real-life malware that takes advantage of the serious flaw. They discovered that all of the top 500 most
        popular apps are at risk, and all versions of Android are affected, including the latest Android 10. The team first
        identified StrandHogg after being alerted by a partner security company that some banks in the Czech
        Republic had reported disappearing money from customers’ accounts.

                Source: https://www.ibtimes.com/android-vulnerability-exposes-almost-all-apps-attacks-2879979



        New Linux Vulnerability Lets Attackers Hijack VPN Connections. Security researchers found a new
        vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject
        arbitrary data payloads into IPv4 and IPv6 TCP streams. They disclosed the security flaw tracked as CVE-2019-
        14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google,
        Apple, OpenVPN, and WireGuard. The vulnerability is known to impact most Linux distributions and Unix-like
        operating systems including FreeBSD, OpenBSD, macOS, iOS, and Android.
                Source:  https://www.bleepingcomputer.com/news/security/new-linux-vulnerability-lets-attackers-
                hijack-vpn-connections/



        Mirai Variant ECHOBOT Resurfaces with 13 Previously Unexploited Vulnerabilities. Since the discovery of the
        Mirai variant using the binary name ECHOBOT in May 2019, it has resurfaced from time to time, using new
        infrastructure, and more remarkably, adding to the list of vulnerabilities it scans for, as a means to increase its
        attack surface with each evolution. Unlike other Mirai variants, this particular variant stands out for the sheer
        number of exploits it incorporates, with the latest version having a total of 71 unique exploits, 13 of which
        haven’t been seen exploited in the wild until now, ranging from extremely old CVEs from as long back as 2003,
        to recent vulnerabilities made public as recently as early December 2019. Based on this seemingly odd choice,
        one could risk a guess that the attackers could potentially be aiming for the sweet spots of IoT vulnerabilities,
        targeting either legacy devices that are still in use but probably too old to update due to compatibility issues
        and newer vulnerabilities that are too recent for owners to have patched. The newly incorporated exploits
        target a range of devices from the usually expected routers, firewalls, IP cameras and server management
        utilities, to more rarely seen targets like a PLC, an online payment system and even a yacht control web
        application.
                Source: https://unit42.paloaltonetworks.com/mirai-variant-echobot-resurfaces-with-13-previously-
                unexploited-vulnerabilities





                                                    www.accumepartners.com
                                                                                                                    13