Cover photo by Jazmin Quaynor on Unsplash.
Introduction
Welcome to the weekly round-up of security news from around the Web. I hope your week was fine.
This week it's all about hacking, zero-day bugs, malware, and android security.
New Tool Can Jailbreak Any iPhone and iPad Using An Unpatched 0-Day Bug
The title says it all.
Excerpt from the article:
The hacking team behind the "unc0ver" jail breaking tool has released a new version of the software that can unlock every single iPhone, including those running the latest iOS 13.5 version.
New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data
Humans tend to be smarter than their own creations.
Excerpt from the article:
"ComRAT v4 was first seen in 2017 and known still to be in use as recently as January 2020," cybersecurity firm ESET said in a report shared with The Hacker News. "We identified at least three targets: two Ministries of Foreign Affairs in Eastern Europe and a national parliament in the Caucasus region."
New Android Flaw Affecting Over 1 Billion Phones Let Attackers Hijack Apps
At the time writing, Android is arguably the most used mobile operating system, therefore, this is serious business.
Excerpt from the article:
A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information.
The Security of Your Android Device May Depend on Where You Live
I know you might be thinking: Is this for real? Well, you will have read the article to find out.
Excerpt from the article:
Over the last few years, security researchers have been able to crack various Android phones during Pwn2Own hacking competitions. Now one firm has collected its research and finds a potentially significant global problem: Android security may be dependent on the country of use.
Pablo Escobar’s brother sues Apple for $2.6b over FaceTime flaw
This is a mixture of alleged software bug and lawsuit.
Excerpt from the article:
According to the lawsuit, Escobar bought an iPhone X back in April 2018. One year after the purchase, Roberto claims he got a life-threatening letter from someone named Diego who claimed to have found Roberto’s address through FaceTime.
Cisco hacked by exploiting vulnerable SaltStack servers
If you've heard the term networking before the name Cisco should ring a bell.
Excerpt from the article:
As detailed by the company, the hackers were able to compromise six backend infrastructure servers: us-1.virl.info, us-2.virl.info, us-3.virl.info, us-4.virl.info, vsm-us-1.virl.info, and vsm-us-2.virl.info.
200K sites with buggy WordPress plugin exposed to wipe attacks
The plugin in question is PageLayer.
Excerpt from the article:
Two high severity security vulnerabilities found in the PageLayer plugin can let attackers to potentially wipe the contents or take over WordPress sites using vulnerable plugin versions.
That's it for this week, I'll see you next Friday.
Top comments (0)