Introducing Wasmcov: Code Coverage Tool for Wasm Projects
We’re proud to introduce Wasmcov, a specialized code coverage tool tailored for Wasm environments.
Contents
hide
Hackers require $50 million ransom to prevent the leak of stolen Apple blueprints
On Wednesday, Quanta, the supplier of Apple, experienced the ransomware attack carried out by REvil ransomware group. The malicious actors are demanding Apple pay them a solid ransom of $50 mln. Otherwise, the stolen sensitive files may appear on the dark web.
In the recent post shared by a threat actor in the βHappy Blogβ portal, it is mentioned that the malicious group accessed the schematics of Apple products such as Apple Watch and MacBooks by infiltrating the Taiwanese manufacturerβs network. Quanta expressed no willingness to pay a ransom to recover the stolen files and, thus, the malicious actors are making a ransom demand to the US company.
The REvil operators also added that their team was going to sell the gigabytes of personal data as well as confidential blueprints to several large brands. The malicious group has set up May 1 as the deadline for Apple to pay the ransom.
The malicious activities of the REvil group were firstly detected in June 2019. Since the group has been actively exploiting the βdouble-extortionβ technique for maximizing profits. Other malicious groups have also emulated this technique.
Firefox Flaw fixed by Mozilla
The Firefox browser flaw that enabled the HTTPS secure communications icon spoofing has been fixed by the Mozilla Foundation. The icon was displayed as a browser address window padlock. By exploiting this flaw, a rogue website could successfully intercept browser communications.
Mozilla Firefox 88 has been released to address 13 browser bugs including 6 high-severity issues. The secure-lock-icon flaw tracked as CVE-2021-23998 used to affect the Firefox browser corporate and consumer versions before the security updates were released on Monday. The spoofed secure lock icon was discovered by Jordi Chancel, the independent researcher. The security bulletin provided by Mozilla does not indicate whether the exploitation of the flaws specified in its advisory takes place in the wild.Β Β
Telegram Platform Leveraged by Hackers to Perform βToxicEyeβ Malware Campaigns
Malicious actors are embedding the Telegram messaging app inside the ToxicEye, the remote access trojan (RAT). Hackers operating a Telegram messaging account control the victimβs computer infected with the ToxicEye.
The Check Point Software Technologies researchers have identified that the ToxicEye malware enables hackers to take over file systems, install malicious software, and leak data including sensitive information from the victimβs PCs.
Telegram has more than 500 mln active users worldwide and that is why hackers have targeted this app. According to the Check Point research and development manager Idan Sharabi, hackers strived to make Telegram their distribution platform due to its global popularity.
Idan Sharabi also added in the e-mail statement that most organizations allowed the use of Telegram by their employees for professional purposes and that is why hackers could exploit this app to bypass security restrictions.
Sabre rattled by Signal in the direction of Cellebrite
Signal revealed the possibility of gaining arbitrary code execution through its tools. After that, Cellebrite, the company specializing in phone scanning and data extraction, is facing the possibility that app makers can hack back at the tool.Β Β Β
The tools developed by Cellebrite are designed to pull data out of phones that are in usersβ possession.
The execution of code modifying the Cellebrite report being created in that scan as well as the future and all previous reports in any arbitrary way such as insertion or removal of text, photos, files, contacts, and other data can take place when the specially formatted but otherwise innocuous file in an app is included on the device scanned by Cellebrite. As mentioned by Moxie Marlinspike, Signal CEO, no checksum failures or timestamp changes can be detected in such a case.
Generally, upon identifying such vulnerabilities, the software maker gets information about the issue to release fixes. Marlinspike raised the stakes since Cellebrite benefits from undisclosed vulnerabilities.
Active exploitation of SonicWall email security zero-day vulnerabilities
The US company issued a security alert on Tuesday in which it stated that published fixes resolving 3 critical flaws affecting βon-premises and hosted email security products.β
SonicWall ES has been designed to prevent business email compromise attempts and phishing emails, thereby, protecting email traffic and communication.
As of now, there has been recorded at least one case of active exploitation in the appliance.
βThe organizations using SonicWall Email Security (ES) hardware appliances, virtual appliances or Microsoft Windows Server software installation have to immediately upgrade the product they use to the respective SonicWall Email Security version listed,β statement made by SonicWall.
The SonicWall ES/Hosted Email Security (HES) versions 10.0.1 and above are affected by the CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023 vulnerabilities.Β
