Microsoft undercovers high severity vulnerability which could allow one-click hijacking of TikTok accounts

Microsoft has revealed details of a high severity vulnerability in the TikTok app for Android. The Microsoft 365 Defender Research Team shares news of the now-fixed security flaw which the company says could have allowed an attacker to take over a victim’s account by simply getting them to click a malicious link. With hundreds of millions of users around the world, TikTok is one of the most popular social platforms at the moment; the potential damage from the successful exploitation of such a vulnerability is huge. Thankfully, as Microsoft points out, there is no evidence that the vulnerability has been exploited in the wild. This is thanks in part to

Microsoft releases patch for RCP vulnerability (why you need to act quickly)

  Earlier this week, Microsoft released 117 security patches for April patch Tuesday, including CVE-2022-26809, a CVSS 9.8 rated vulnerability In Remote Procedure Call (RPC) that enables an attacker to send an RPC call to an RPC host, and execute code on a remote server. “It could allow an attacker to execute code with high privileges on an affected system,” said CrowdStrike Falcon Spotlight Team researchers in a recent blog post. “This vulnerability could be used for lateral movement by an attacker. We recommend that your team test and deploy this patch quickly as possible.” For enterprises, this vulnerability, if left unpatched, could leave Windows servers vulnerable to compromise and

Google and Samsung start to patch ‘Dirty Pipe’ vulnerability on their phones

Google released the Android security update for April earlier this week, but the patch didn’t include a fix for the ‘Dirty Pipe’ security vulnerability that was widely publicized last month. Even though we’ll likely have to wait until the May update for most devices to be fixed, some manufacturers have started to patch their own devices, including Google itself. Dirty Pipe (CVE-2022-0847) is an exploit discovered in the Linux kernel that allows someone to inject and overwrite data in read-only processes, without any root or admin permissions. The vulnerability has already been used to achieve temporary root access on Android, but it could also allow malware and other unknown software

Hackers Exploit a Critical Chrome and Edge Vulnerability, Update Now to Fix It

Both Google and Microsoft are pushing emergency updates to patch a critical vulnerability in their browsers. Hackers are actively exploiting this vulnerability, which allows for remote code execution within the V8 Javascript engine. We suggest that you update Chrome and Edge immediately to avoid the problem. This vulnerability, called CVE-2022-1096, was reported to Google by an anonymous user or researcher. It appears to affect all Chromium-based browsers, including Opera and Brave. Details on the vulnerability are slim, as Google doesn’t want to share any information that may be useful to hackers. Access to bug details and links may be kept restricted until a majority of users are updated with a

Apple Releases Patches To Fix WebKit Vulnerability & Mac Battery Drain  

Apple has rolled out important security updates to fix a new zero-day vulnerability that could allow attackers to hack iPhones, iPads, and Macs. The zero-day vulnerability dubbed as CVE-2022-22620 was disclosed to Apple by an anonymous researcher. This bug is a use-after-free memory corruption bug in the WebKit rendering engine, which powers Apple’s web browser Safari. The successful exploitation of the ‘CVE-2022-22620’ bug could allow threat actors to process maliciously crafted web content leading to ‘arbitrary code execution’ on a range of Apple devices. “Apple is aware of a report that this issue may have been actively exploited,” the company said in a statement while acknowledging the flaw. However, it

BrakTooth Bluetooth vulnerability exposes millions of Windows and Android devices

A large collection of vulnerabilities have been found in Bluetooth chipsets across a range of popular SoC OEMs including Intel, Qualcomm, Texas Instruments, Infineon (Cypress), Silicon Labs and others. The group of hacks have been dubbed BrakTooth and their impact can range from simply crashing devices using specially crafted Bluetooth Link Manager Protocol packets to executing arbitrary code (CVE-2021-28139). The hacks have been found on 13 boards from 11 vendors, but may affect as many as 1,400 chipsets. Products impacted include laptops and desktops from Dell (Optiplex, Alienware), Microsoft Surface devices (Go 2, Pro 7, Book 3), and smartphones (e.g. Pocophone F1, Oppo Reno 5G). Expressif, Infineon, and Bluetrum have

Ethereum urges Go devs to fix severe chain-split vulnerability

Ethreum project is urging developers to apply a hotfix to squash a high-severity vulnerability. The chain-split vulnerability tracked as CVE-2021-39137, impacts “Geth,” the official Golang implementation of the Ethereum protocol. Such flaws can cause corruption in blockchain services, and lead to massive outages, like the Ethereum network outage from last year. Attack vector details withheld for now This week, Ethereum project maintainers are urging Go developers using “go-ethereum” aka Geth to switch to version 1.10.8 which fixes a high-severity vulnerability. The vulnerability in the open-source project Geth can cause a “chain-split,” meaning vulnerable Geth instances would reject accepting canonical chains. Software security and crypto-fuzzing expert Guido Vranken of blockchain security

Yet another Print Spooler vulnerability found in Windows

It’s been a rough couple of weeks in the world of Windows 10 security vulnerabilities. A print spooler issue called PrintNightmare was exposed by a group that thought it was already patched. Microsoft issued an out-of-band patch to fix it. The only problem was that the cumulative update didn’t actually fix it properly. Now, there’s another Windows Print Spooler vulnerability (via BleepingComputer) that’s been discovered. The vulnerability is CVE-2021-34481, and the summary is as follows: An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then

Windows 10 gets out-of-band patch for PrintNightmare vulnerability

Patch Tuesday isn’t until next Tuesday, but Windows is already getting cumulative updates this week. Microsoft is addressing a critical vulnerability in various Windows 10 versions, including the latest version 21H1, but also going back to the original Windows 10 release. The update is meant to address a Windows 10 vulnerability called PrintNightmare, which was disclosed last week. This vulnerability allows attackers to leverage the Windows Print Spooler service to take over an organization’s domain to spread malware. Technical details and a proof-of-concept for the vulnerability were accidentally revealed because researchers conflated the vulnerability with another issue that was patched last week, which was labeled CVE-2021-1675. This latter issue was