Threatpost

29 November 2021

• Unpatched Windows Zero-Day Allows Privileged File Access
  A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug.
• Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers
  Some security researchers say it’s actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it’s for real a scary morphic malware that changes its parts and recompiles itself.
• New Twists on Gift-Card Scams Flourish on Black Friday
  Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday.
• 9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery
  A new trojan called Android.Cynos.7.origin, designed to collect Android users’ device data and phone numbers, was found in 190 games installed on over 9M Android devices.
• GoDaddy Breach Widens to Include Reseller Subsidiaries
  Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen.
• Apple’s NSO Group Lawsuit Amps Up Pressure on Pegasus Spyware-Maker
  Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company's woes.
• Attackers Actively Target Windows Installer Zero-Day
  Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month.
• Attackers Will Flock to Crypto Wallets, Linux in 2022: Podcast
  That’s just the start of what cyberattackers will zero in on as they pick up APT techniques to hurl more destructive ransomware & supply-chain attacks, says Fortinet’s Derek Manky.
• How to Defend Against Mobile App Impersonation
  Despite tight security measures by Google/Apple, cybercriminals still find ways to bypass fake app checks to plant malware on mobile devices. Dave Stewart, CEO of Approov, discusses technical approaches to defense against this.
• Common Cloud Misconfigurations Exploited in Minutes, Report
  Opportunistic attackers instantly exploited insecurely exposed services deployed in honeypots by Unit 42 researchers, demonstrating the immediate danger of these typical mistakes.