BTH News 08November2020
This Week In Cybersecurity
This week on Between The Hacks: Three iOS zero-days, a zero-day for Chrome on Android, a new ransomware report, a gaming company falls victim to ransomware, and how to fix the Mac/HP “malware” problem.
Three iOS Zero-Day Exploits
Apple released multiple security updates to iOS on Thursday that include patches for three zero-day vulnerabilities that are actively being exploited in the wild.
“The list of impacted devices includes iPhone 5s and later, iPod touch 6th and 7th generation, iPad Air, iPad mini 2 and later, and Apple Watch Series 1 and later” reports The Hacker News.
Many iOS devices will update themselves but to be sure you get the update in a timely manner, follow these steps.
Go to Settings > General, then tap Software Update
Tap Download and Install.
To verify that you install updates automatically, go to Settings > General > Software Update > Automatic Updates, then turn on Install iOS Updates. Your device will automatically update to the latest version of iOS or iPadOS. Some updates might need to be installed manually.
Android Zero-Day in Chrome
Two weeks ago, Between The Hacks reported on a Chrome zero-day that was patched by Google. This week, Google patched additional Chrome vulnerabilities for Windows, Mac and Linux. Also patched this week is an zero-day vulnerability that is unique to Chrome on Android. “Chrome for Android has a zero-day hole that crooks are already abusing, so you need to patch” according to NakedSecurity.
What Can You Do?
Ensure you have the latest version of Chrome running on your system.
On Windows, Mac and Linux you should be running version 86.0.4240.183 or later.
On Android, you should be running version 86.0.4240.185 or later.
Ransomware And Data Exfiltration On The Rise
Ransomware is a popular method of attack as Between The Hacks readers know from all of the news blogs about companies that have become victims of ransomware. According to the latest Coveware Quarterly Ransomware Report, ransomware is not only increasing in frequency, but the average ransom demand has greatly increased to $233,817. Up 31% from 2Q 2020.
Additionally, attackers are more likely to exfiltrate data and demand additional ransom to keep the victim’s data from the public eye. However, Coveware has observed that some ransomware attackers are sending false evidence to prove that they deleted the data and then leaking the data anyway.
To defend against ransomware attacks, secure your network. Be very careful not to fall victim of a phishing attack, back up your systems, and keep sensitive data in offline backups.
Japanese Gaming Company Hit With Ransomware
Japanese gaming company, Capcom, best known for their popular video games including Resident Evil and Street Fighter, became victim of a ransomware attack on November 2nd according to a Capcom Press Release.
Bleeping Computer reported that the Rangar Locker ransomware gang, “claims to have encrypted 2,000 devices on Capcom's networks and are demanding $11,000,000 in bitcoins for a decryptor.” The attackers claim to have exfiltrated more than a terabyte of data from the company. Other than the press release, Capcom has not yet commented on the matter, reports Latest Hacking News.
Tip of the Week
How To Fix The Mac “Malware” Issue With Your HP Printer
If you found yourself trying to print from your Mac to an HP printer in the past few days, you may have been greeted with a warning that a file will damage your computer and a checkbox that reads, “Report malware to Apple to protect other users.”
While the alert mentions malware, this time the built-in XProtect anti-malware tool on your Mac got it wrong. Malwarebytes reports “that the source of the issue was that the developer certificate used to sign these HP drivers had been revoked.”
According the The Register, “sources familiar with the matter that HP Inc asked Apple to revoke its printer driver code-signing certificates. It appears this request backfired as it left users unable to print.”
If you currently have this issue, Malwarebytes recommends the following steps:
1) Restart your computer, ensuring it’s on the network when it restarts
2) Check for HP software updates via the Software Update pane in System Preferences
3) Remove the HP printer from System Preferences -> Printers & Scanners, then try adding it again.
4) Check for newer HP software for your printer on the HP support site: https://support.hp.com
5) If all else fails, contact HP via its support site for assistance.