DEV Community

Cover image for Security news weekly round-up - 5th May 2023
Habdul Hazeez
Habdul Hazeez

Posted on

Security news weekly round-up - 5th May 2023

For the first time this year, it's back-to-back. Let's go!

Introduction

This week's review covers multiple domains that you can classify under the subject of computer security. These are the supposed "dangers" of Artificial intelligence, malware, users privacy, and software vulnerabilities. Get ready, because it looks tasty 😋.


Warning of AI’s danger, pioneer Geoffrey Hinton quits Google to speak freely

It's the year 2023, and it's the AI buzz, and now, notable people in tech fear that we're going too fast. One such person is Geoffrey Hinton who, recently, quit his job at Google to talk "freely" about Artificial Intelligence due to the rise of ChatGPT, and other Large Language Models (LLMs). The following excerpt is why you should read the article:

Hinton is also worried about a proliferation of false information in photos, videos, and text, making it difficult for people to discern what is true. He also fears that AI could upend the job market, initially complementing human workers but eventually replacing them in roles like paralegals, personal assistants, and translators who handle routine tasks.

Hinton's long-term worry is that future AI systems could threaten humanity as they learn unexpected behavior from vast amounts of data.

LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads

Do not trust every Google ads that you see out there, and sure, that's not an exaggeration. In this article, the researchers discovered that "LOBSHOT" spreads via rogue advertisements for legitimate applications. That means you should think twice before clicking the advert link for that software that you longed for. Want more convincing? Read the following excerpt:

Once installed, it makes Windows Registry changes to set up persistence and siphons data from over 50 cryptocurrency wallet extensions present in web browsers like Google Chrome, Microsoft Edge, and Mozilla Firefox.

Hackers Promise AI, Install Malware Instead

It's the season of ChatGPT and other Generative AI but be careful on any software that promises to be ChatGPT or other AI tools. Although this story is about Facebook, it can occur on any platform or social media. And here is why:

Over the course of the past month, security analysts with the social-media giant have found malicious software posing as ChatGPT or similar AI tools, chief information security officer Guy Rosen said in a briefing.

Meta has seen “threat actors” hawk internet browser extensions that promise generative AI capabilities but contain malicious software designed to infect devices, according to Rosen.

Apple and Google Join Forces to Stop Unauthorized Location-Tracking Devices

If you don't authorize it, then it should not know your location. That's what two tech giants have teamed up to do and the implementation might land before the end of 2023. The following excerpt has more:

The goal is to standardize the alerting mechanisms and minimize opportunities for misuse across Bluetooth location-tracking devices from different vendors. To that end, Samsung, Tile, Chipolo, eufy Security, and Pebblebee have all come on board.

Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads

Malware can be stealthy but, somehow, the "good" guys always fish them out. That's the case of the "Fleckpe" malware that appears as an innocent-looking application and managed over 600,000 downloads from the Play Store. It's scary because of the following:

The payload, for its part, is designed to contact a remote server and transmit information about the compromised device (e.g., Mobile Country Code and Mobile Network Code), following which the server responds back with a paid subscription page.

The malware subsequently opens the page in an invisible web browser window and attempts to subscribe on the user's behalf by abusing its permissions to access notifications and obtain the confirmation code required to complete the step.

Android Security Update Patches Kernel Vulnerability Exploited by Spyware Vendor

Patch! Patch!! Patch!!! That's it. But why? 🤨 Here is why 👇:

A vast majority of the security holes have been assigned a ‘high severity’ rating and they can be exploited for privilege escalation, DoS attacks, and information disclosure.

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

If you're using "Advanced Custom Fields" or "Advanced Custom Fields Pro", you should update to the latest version, immediately. The following excerpt will convince you why this is important:

The CVE-2023-30777 flaw stems from the 'admin_body_class' function handler, which failed to properly sanitize the output value of a hook that controls and filters the CSS classes (design and layout) for the main body tag in the admin area of WordPress sites.

An attacker can leverage an unsafe direct code concatenation on the plugin's code, specifically the '$this→view' variable, to add harmful code (DOM XSS payloads) in its components that will pass to the final product, a class string.

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, and I'll see you next time.

Top comments (0)