Page 11 - Threat Intelligence 12-9-2019
P. 11

Internal Threats












        iPhone 11 Pro Caught Collecting User Location Despite Disabled Services. On iPhones, users are allowed to
        manually disable location tracking per each app or at system level. If the location services are manually
        disabled for absolutely all apps and services displayed in the setting screen, the iPhone 11 Pro continues to
        collect location data, with the small indicator that looks like a diagonal upward arrow displayed in the status
        bar.

                Source:  https://news.softpedia.com/news/iphone-11-pro-caught-collecting-user-location-despite-
                disabled-services-528449.shtml



        Mozilla removed 4 Avast and AVG extensions for spying on Firefox users. Four Avast and AVG Firefox
        extensions have been removed from Mozilla Addons Site over concerns of spying of users. “This add-on
        violates Mozilla’s add-on policy by collecting data without user disclosure or consent,” explained Mozilla. The
        four extensions developed by Avast and its subsidiary AVG are Avast Online Security, AVG Online Security,
        Avast SafePrice and AVG SafePrice.

                Source:  https://securityaffairs.co/wordpress/94703/digital-id/mozilla-avast-avg-extensions-
                removed.html



        Android Malware draining money in bank accounts. A new malware variant is said to be targeting millions of
        Android phones through a vulnerability that is yet to be actively exploited. And developers are insisting on the
        fact that the Trojan is well capable of draining money from bank accounts. Security researchers from
        Cybersecurity Firm Promon claim that “ StrandHogg” Vulnerability is said to be acting as a promotional
        channel for this banking trojan where malicious apps can be masqueraded as genuine ones to win the trust of
        users.
                Source:  https://www.cybersecurity-insiders.com/android-malware-draining-money-in-bank-accounts/



        Critical Code Execution Vulnerability Found in GoAhead Web Server. Cisco Talos researchers have identified
        two vulnerabilities in the GoAhead embedded web server, including a critical flaw that can be exploited for
        remote code execution. Developed by EmbedThis, GoAhead is advertised as the “world's most popular tiny
        embedded web server.” Both open source and enterprise versions are available, and the vendor says GoAhead
        is present in hundreds of millions of devices. A Shodan search for GoAhead currently shows over 1.3 million
        internet-connected systems.

                Source:  https://www.securityweek.com/critical-code-execution-vulnerability-found-goahead-web-
                server












                                                    www.accumepartners.com
                                                                                                                    11
   6   7   8   9   10   11   12   13   14   15   16