Syntax Bearror

Top Menu

  • Home
  • PowerShell Resource
  • SpiceWorld 2019 Resources
  • Contact Us
  • About Us

Main Menu

  • Home
  • Blog
  • IT Guides
  • How-To’s
  • IT Fixes
  • Cybersecurity
  • Reviews
  • Home
  • PowerShell Resource
  • SpiceWorld 2019 Resources
  • Contact Us
  • About Us

logo

Header Banner

Syntax Bearror

  • Home
  • Blog
  • IT Guides
  • How-To’s
  • IT Fixes
  • Cybersecurity
  • Reviews
Bear Security
Home›Bear Security›Bear Security – Security News for Week of June 12th, 2021

Bear Security – Security News for Week of June 12th, 2021

By Christopher
June 12, 2021
1224
0
Share:

These are the stories that relate to our careers, clients, and businesses in the cybersecurity world for the Week of June 12th, 2021. Watch this in video form over on YouTube, or you can listen on the go with the Bear Security podcast.

FBI Ran Encrypted Communications App to Catch Criminals in Global Operation

Vice reported on Monday that for years, the FBI has been running a covert operation that involved operating an encrypted messaging system called Anom since 2018. Anom came on devices distributed by organizations that were known for primarily serving criminal organizations. The app was built to include a master key that was used by law enforcement to decrypt and store every message as it was transmitted with the user being unaware. In newly unsealed court documents, the operation netted more than 20 million messages from over 11,800 devices across 90 countries. So far the information honeypot has led to 224 arrests, the seizure of 3.7 tons of drugs, and the disruption of “20” threats to kill. Though they say any messages from US users are not reviewed by the FBI.

Read the full breakdown of this investigation and what Vice uncovered over on their website.

Microsoft Patch Tuesday Resolves 50 Vulnerabilities, 6 of Which Currently Being Exploited

The Register is reporting that Microsoft’s Patch Tuesday for June was another major one. This month’s updates address 50 different flaws including 6 of which currently being exploited that include the potential for remote code execution, elevation of privilege, and a single information leakage issue. While critical vulnerabilities in Microsoft Defender and the VP9 codec will update without Administrator intervention, the remaining ones in Remote Desktop Services for Windows 7 and the Windows MSHTML platform will need the monthly roll-ups to be applied.

The Register also noted in the Patch Tuesday story that Adobe has also released a patch bundle that addresses more than 39 vulnerabilities in their software across MacOS and Windows, but none of those are currently known as being exploited in the wild.

Read the full story over on The Register.

Chrome Zero-Day Actively Being Exploited – Update Now!

The Hacker News is reporting that on Wednesday Google published an update to Chrome to address 14 newly discovered security issues, including one zero-day that’s currently being exploited in the wild. Users are urged to update immediately. The critical vulnerability addressed is a heap buffer overflow and type confusion issue in Chrome’s V8 open-source JavaScript engine. Google’s Threat Analysis Group believes the same actor abusing this vulnerability is also abusing the Windows MSHTML platform one that Microsoft patched this Tuesday and that both of these zero-days may be getting used against targets in Eastern Europe and the Middle East.

Read the full story over on The Hacker News.

Hackers Breached EA and Stole Source Code

PC Magazine is reporting that Electronic Arts has confirmed that they were breached after Vice reported that hackers were allegedly selling the company’s stolen code on an online forum. A spokesperson for EA told PC Magazine that “No player data was accessed, and we have no reason to believe there is a risk to player privacy”.

Hackers claim to have stolen 780 GB of data including source code for EA’s Frostbite gaming engine, FIFA 21’s matchmaking server, software frameworks for many of EA’s proprietary games, and API keys for the upcoming FIFA 22 game. EA has already begun to bolster its IT security as it continues to investigate the incident along with support from law enforcement.

Read the full story over on PC Magazine and the initial report over on Vice.

New Attack against TLS Known as ALPACA

Researchers announced a new way to exploit TLS communication that they called ALPACA, which is short for “Application Layer Protocol Confusion – Analyzing and mitigating Cracks in tls Authentication”. The attack is dependent on several factors so the exact benefit for attackers leveraging it may vary. For example, a malicious actor could, under the right circumstances, redirect traffic from one subdomain to another without breaking session validity, steal cookies, or perform cross-site scripting exploitation. Though in most cases, a man-in-the-middle would be necessary to be able to intercept and divert the victim’s traffic.

The attack exploits defects in the configuration of TLS services and the lack of protection of Source and Destination IP and port which leave open the potential for manipulation. Researchers say that the use of ALPN and SNI extensions to TLS, if available, can provide some protection provided SNI is configured to terminate connections when there is a mismatch of hostnames and avoiding insecure fallback to a default server.

Vendors are already responding to the research with efforts to remove vectors for exploitation or add countermeasures in the application layer and/or their implementation of TLS. The researchers plan to formally present findings at Black Hat USA 2021 and USENIX Security Symposium 2021.

View the full research paper and more information on the ALPACA Attack website.

ITPro.TV Hacker Free Weekend!

(promotional) Our friends over at ITPro.TV are allowing you to check out their hacker/security-oriented courses for free through Sunday. This includes their CompTIA PenTest+, CEHv10 training, and more. Sign-up for a free account today or get a paid account and use our code, SYNTAX30 to get 30% off the lifetime of your membership. By being a part of ITPro.TV, you help support our efforts here at Syntax Bearror. Click here to learn more.

Things Not Included in This Week’s Episode

  • The National Institute for Standards and Technology (NIST)’s comment period for HIPAA implementation guidance is open through June 15th.
  • CircleCityCon is going on this weekend!
  • Next week is Wild West Hackin’ Fest!

That’s all for this week’s security news. Come back every Saturday for the next rendition or check it out over on YouTube or on podcast. Stay safe out there friends.

TagsAdobeALPACA AttackANomChromeCode TheftEAFBIHIPAAITProTVMicrosoftPatch TuesdayTLS
Previous Article

Bear Security – Security News for Week ...

Next Article

Bear Security – Security News for Week ...

Share:

Christopher

Christopher Clai is a Senior Security Engineer, IT Generalist, and Developer from Chicago, IL with over 20 years of experience in Information Technology ranging from small businesses to Fortune 500's. Chris loves the Pacific Northwest, Sushi, Invader Zim, Rugby, World of Warcraft, raves, and is an avid user of Microsoft and Linux-based technologies.

Related articles More from author

  • Looking Disappointed at a Dell Desktop
    Bear Security

    Bear Security – Security News for Week of May 8th, 2021

    May 8, 2021
    By Christopher
  • Bear Security

    Bear Security – Security News for the Week of July 5th, 2021

    July 5, 2021
    By Christopher
  • Looking suspiciously at a Lemon Duck
    Bear Security

    Bear Security – Security News For Week of May 22nd, 2021

    May 22, 2021
    By Christopher
  • Bear Security

    Bear Security – Security News for Week of June 5th, 2021

    June 5, 2021
    By Christopher
  • Bear Security

    Bear Security – Security News for Week of May 29th, 2021

    May 29, 2021
    By Christopher
  • Frag Attack Icon
    Bear Security

    Bear Security – Security News For Week of May 15th, 2021

    May 15, 2021
    By Christopher

Leave a reply Cancel reply

  • Blog

    What I’ve Learned From 20 Years in IT

  • IT Fixes

    How to Avoid Frustration With Microsoft Intune MDM on Workstations

  • YouTube Channel Art
    Blog

    New Section – IT Guides!

Follow Us on Social

See the Syntax at These Events

All appearances for 2020 have been cancelled due to COVID-19. Stay safe out there and see you all at events in 2021!

Like This Content?

Help Sytnax Bearror create more content, videos, podcasts, scripts, and more by contributing to our caffiene and technology addictions.

Subscribe to our Patreon

Buy Us a Coffee

Most Popular

IT Fixes

Dell Laptops Showing “Press Power Button and Volume Down to Login”

  • How to Root AT&T Samsung S5 G900A (Up to Lollipop 5.0)

    By Christopher
    May 21, 2015
  • Fixing APC PowerChute Personal Edition Not Detecting UPS on Windows 10

    By Christopher
    March 15, 2021
  • Windows 10 Locking Up Intermittently with File Operations

    By Christopher
    October 24, 2015
  • PrintNightmare Part II – Print Spooler Remains Vulnerable Across Windows

    By Christopher
    July 3, 2021

Latest Tweets

  • My time on this social network has come to an end. Fair winds my friends. Find me at: https://t.co/G1ygbdZ5Cd:… https://t.co/qEwtgbJlJm

    Nov 20, 2022
  • Midterms must not have been loud enough. Millennials and Gen Z, get louder.

    Nov 14, 2022
  • Given the direction of things, I'll likely be leaving the bird app. Let's connect via other platforms!… https://t.co/4bl04V46mz

    Oct 31, 2022
  • If you are a member of ISC2, this is a good thread to read on the upcoming vote. I agree with the author, these are… https://t.co/O1dFGUbQQG

    Oct 17, 2022
  • Maybe unpopular opinion? Microsoft needs to make Threat Explorer a part of the Defender for 365 P1 License. Threat… https://t.co/1x0qnoMRrb

    Oct 12, 2022

Categories

Bear Security Blog Cybersecurity How To's IT Fixes Reviews

Copyright Statement

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
©2014 - 2021 - SyntaxBearror.io. All rights reserved unless otherwise noted.