Page 11 - Threat Intelligence 10-28-2019
P. 11

Internal Threats












        Avast, Avira Products Vulnerable to DLL Hijacking. Vulnerabilities in Avast Antivirus, AVG Antivirus, and Avira
        Antivirus could allow an attacker to load a malicious DLL file in an effort to bypass defenses and escalate
        privileges, SafeBreach Labs security researchers discovered. Tracked as CVE-2019-17093 and impacting all
        versions of Avast Antivirus and AVG Antivirus — AVG is a subsidiary of Avast and the applications share the
        core code — the first security flaw could be abused to achieve what SafeBreach describes as self-defense
        bypass, defense evasion, persistence and privilege escalation.

                Source: https://www.securityweek.com/avast-avira-products-vulnerable-dll-hijacking



        Skip-2.0 backdoor malware provides ‘magic password’ to access MSSQL accounts. Researchers today
        revealed their discovery of what they believe to be the first publicly documented case of a backdoor targeting
        Microsoft SQL Server (MSSQL) databases – attributing the malware to the threat actor Winnti Group. Dubbed
        “skip-2.0,” the malware is installed in memory and provides attackers with a “magic password” that allows
        them to connect to any MSSQL account running MSSQL Server version 11 or 12. Moreover, it hides evidence of
        its existence by essentially disabling the compromised machine’s logging, event publishing and audit
        capabilities.
                Source:  https://www.scmagazine.com/home/security-news/gaming/skip-2-0-backdoor-malware-
                provides-magic-password-to-access-mssql-accounts/






        Banks withdraw fingerprint authentication support on Samsung Galaxy S10 smartphones. Natwest and
        Nationwide have withdrawn support for fingerprint authentication on the Samsung Galaxy S10 following
        reports that the sensor enables anyone to unlock a device. The under-display ultrasonic fingerprint reader
        glitch was uncovered last week. It enables anyone to unlock devices - not just the device's owner with their
        registered digit - if the display is covered with a third-party screen protector. The glitch represents a particular
        vulnerability for users of Samsung Pay, the payment app that runs on the device and connects to people's
        regular bank accounts.

                Source: https://www.computing.co.uk/ctg/news/3082909/natwest-nationwide-samsung-fingerprint






















                                                    www.accumepartners.com
                                                                                                                    11
   6   7   8   9   10   11   12   13   14   15   16