Security News Headlines #111

Today's roundup highlights significant vulnerabilities across multiple platforms and industries, from Adobe product flaws to brute-force attack tactics and newly discovered cloud ransomware threats. You'll also find a focus on securing software supply chains, advanced phishing techniques, and several critical zero-day vulnerabilities. These stories underscore the importance of proactive security measures in the ever-evolving threat landscape.

Top Security Flaws Hiding in Your Code and How to Fix Them
SonarSource examines common security vulnerabilities found in modern code, such as SQL injection and cross-site scripting (XSS). The blog provides best practices for detecting and mitigating these issues to enhance code security.

Adobe Patches Critical Code Execution Flaws in Multiple Products
Adobe has released updates for several products to fix critical vulnerabilities that could allow remote code execution. Affected software includes Adobe Acrobat, Reader, and Photoshop. Users are advised to patch immediately.

Brute-Force Attacks and Their Increasing Threat
Brute-force attacks continue to rise, targeting weak or reused passwords. Red Canary outlines how attackers use automated tools to compromise accounts and offers guidance on strengthening authentication mechanisms to prevent these attacks.

Phishing, Typosquatting, and Brand Impersonation Trends
Zscaler details the latest phishing trends, including typosquatting and brand impersonation, which trick users into visiting malicious sites. The report urges businesses to educate employees and deploy advanced security solutions to combat these tactics.

Ransomware in the Cloud: Scattered Spider Targeting Finance
The Scattered Spider group is using ransomware to target cloud environments in the insurance and financial sectors. The blog highlights the tactics, techniques, and procedures (TTPs) used and stresses the need for robust cloud security practices.

Google Bug Hunters Reveal CVR Vulnerabilities
Google’s bug hunting team uncovers serious vulnerabilities in critical systems under their Continuous Vulnerability Research (CVR) program. These flaws could lead to remote code execution, with fixes already underway for affected products.

DrayTek Router Vulnerabilities Added to Exploit List
Tenable Research has added vulnerabilities CVE-2021-20123 and CVE-2021-20124 in DrayTek routers to their known exploit list. Attackers could exploit these flaws to gain unauthorized control of devices, making patching critical.

Typosquatted Domains Targeted During the Olympics
SEKOIA.IO uncovered a campaign targeting typosquatted domains during the Olympics to distribute malware and phishing attacks. The findings highlight the importance of monitoring brand-related domains, especially during high-profile events.

Windows Update Bug Left Some PCs Dangerously Unpatched
A Windows Update bug left certain machines unpatched, exposing them to potential vulnerabilities. The issue has since been fixed, but users are advised to manually verify that all necessary updates have been applied.

Microsoft Discloses Four Zero-Days in September Update
Microsoft's September Patch Tuesday release includes fixes for four zero-day vulnerabilities. These flaws are already being exploited in the wild, making it essential for organizations to apply these patches as soon as possible.

New Pixhell Attack Extracts Data from LCD Screen Noise
Researchers have developed an acoustic attack called Pixhell, which can extract data from LCD screens based on sound emissions. This new side-channel attack highlights the increasing sophistication of hardware-based cyber threats.

Ivanti Endpoint Manager Critical Flaws Disclosed
Critical vulnerabilities in Ivanti's Endpoint Manager (EPM) have been disclosed, potentially allowing attackers to take control of systems. Security experts recommend immediate patching to avoid exploitation in enterprise environments.

Red Team Finds Critical “Insecure by Design” Flaw
A red team operation discovered an “insecure by design” flaw in a widely used system, allowing attackers to bypass security controls easily. The report urges organizations to reassess their system designs to avoid such critical vulnerabilities.

$20 Bug Leads to Admin Access in Mobi Platform
Researchers at WatchTowr exploited a $20 vulnerability that granted them remote code execution (RCE) and, inadvertently, admin privileges on the Mobi platform. This highlights how seemingly small flaws can have significant consequences.