Cyber Round-up

Cyber Round-up for 6th May

Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week and year to cover some of the news, posts, views, and highlights from the world of Security. 

In this week’s round-up:

Security News

NCSC Warns of Malicious App Risk

The latest report from the NCSC warns people of the danger of malicious apps available on app stores. The UK’s National Cyber Security Centre believes there is “more for app stores to do” when it comes to security and made it clear that this threat affects many devices such as laptops, PCs, smart TVs, IoT devices and more, not just smartphones. The NCSC are asking app stores to “commit to a new code of practice”, which will detail a revised set of security and privacy requirements that will allow flaws to be discovered and fixed much quicker.


The White House Announces Quantum Technology Support in the US

The nations of the world are all in a race to develop and support quantum technology, which is believed to enable massive advancements in various areas of science, specifically artificial intelligence. The White House announced this week that they are now prepared to support quantum technology, as well as implementing new cyber security measures to defend against the supercomputers it may facilitate.

It is believed that “quantum computers will soon reach a sufficient size and level of sophistication needed to break much of the cryptography that currently secures digital communications on the internet.”

While the advancement of such technologies is exciting, it does present many new risks, so it is important that the US has a plan to address this.


Breast Cancer Charity Exposes Users was recently discovered to have a misconfigured Amazon S3 Bucket which allowed data to be left exposed to the public. The bucket is believed to have contained 350,000 files; around 150GB of data. 50,000 user avatars were also at risk, with most featuring images of the users. Along with these images, sensitive data such as camera model, brand and most critically GPS location data wasn’t stripped meaning home addresses could potentially be exposed if GPS location data was on the photograph. These kind of breaches are likely to have a greater impact on the patients than on the organisation.


Vulnerabilities & Updates

Multiple Flaws Found in Cisco Enterprise NFV Infrastructure Software

Multiple vulnerabilities have been discovered in Cisco Enterprise NFC Infrastructure Software. An attacker exploiting these flaws would be able to escape from a guest VM to the host machine and execute arbitrary code at the root level. This could also allow the attacker to leak data from the host back to the VM. These flaws are known to affect Cisco Enterprise NFVIS using the default configuration and as always, we recommend applying the latest patches to ensure you are protected against these vulnerabilities.

More details on the individual vulnerabilities can be found here.


Major Updates for iOS, Android and Chrome Flaws

Apple have released iOS 15.4.1 just two weeks after the launch of 15.4, due to a vulnerability in AppleAVD allowing privilege escalation. This would allow a hacker full control over your device if executed correctly. The update also fixes a battery drain issue that was reportedly affecting some iPhones.

MacOS Monterey 12.3.1 has also been released to patch this flaw, along with a vulnerability relating to the Intel graphics driver which would allow an app to read kernel memory.

Android also released an update to patch 44 vulnerabilities in its mobile operating system along with 5 more specific vulnerabilities relating to Google’s Pixel smartphones. The most severe would allow local privilege escalation without any user interaction.

Google Chrome has received an update to patch two new flaws, one of which is a high severity vulnerability being actively exploited in the wild.

Oracle, Microsoft, Mozilla and WordPress have also pushed out big security updates to keep their services secure from hackers.


Unpatched Critical Vulnerability Found in uClibc

Security researchers have publicly disclosed a vulnerability in uClibc, a library for the C programming language that is used in lots of IoT devices around the world to develop software. This vulnerability could allow an attacker to conduct DNS poisoning and redirect traffic from a network to a controlled server to record traffic, steal information or manipulate data. The maintainer of uClibc was “unable to find a fix” and is currently working with security professionals and the public security community in the hopes of fixing this flaw. 


BIG-IP iControl REST Vulnerability

A new vulnerability has been discovered that could allow an unauthenticated attacker to bypass iControl REST authentication and access the BIG-IP system to execute arbitrary code. Exploitation could also lead to the creation/deletion of files and allow the attacker to disable services. While mitigation techniques are available, we recommend upgrading to the latest fixed version as soon as possible.

More details on this can be found here.


And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.

Stay Safe, Secure and Healthy!

Edition #188 – 6th May 2022

Why not follow us on social media:

Ironshare – Security Simplified