September 19, 2020
David Redekop

This Week In Nerd News – August 10, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

Snapdragon chip flaws put >1 billion Android phones at risk of data theft.

You can’t make this stuff up.

A billion or more Android devices are vulnerable to hacks that can turn them into spying tools by exploiting more than 400 vulnerabilities in Qualcomm’s Snapdragon chip, researchers reported this week.

The vulnerabilities can be exploited when a target downloads a video or other content that’s rendered by the chip. Targets can also be attacked by installing malicious apps that require no permissions at all.

 

Read More: Snapdragon chip flaws put >1 billion Android phones at risk of data theft

 

Canon confirms ransomware attack in internal memo.

Canon has suffered a ransomware attack that impacts numerous services, including Canon’s email, Microsoft Teams, USA website, and other internal applications.

​Canon has suffered a ransomware attack that impacts numerous services, including Canon’s email, Microsoft Teams, USA website, and other internal applications. In an internal alert sent to employees, Canon has disclosed the ransomware attack and working to address the issue.

BleepingComputer has been tracking a suspicious outage on Canon’s image.canon cloud photo and video storage service resulting in the loss of data for users of their free 10GB storage feature.

 

Read More: Canon confirms ransomware attack in internal memo

 

Hacker leaks passwords for 900+ enterprise VPN servers.

A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers.

ZDNet, which obtained a copy of this list with the help of threat intelligence firm KELA, verified its authenticity with multiple sources in the cyber-security community.

According to a review, the list includes:

  • IP addresses of Pulse Secure VPN servers
  • Pulse Secure VPN server firmware version
  • SSH keys for each server
  • A list of all local users and their password hashes
  • Admin account details
  • Last VPN logins (including usernames and cleartext passwords)
  • VPN session cookies

 

Read More: Hacker leaks passwords for 900+ enterprise VPN servers

Ragnar Locker ransomware deploys virtual machine to dodge security.

Amazing Sophos research.

A new ransomware attack method takes defense evasion to a new level—deploying as a full virtual machine on each targeted device to hide the ransomware from view. In a recently detected attack, Ragnar Locker ransomware was deployed inside an Oracle VirtualBox Windows XP virtual machine. The attack payload was a 122 MB installer with a 282 MB virtual image inside—all to conceal a 49 kB ransomware executable.

 

Read More: Ragnar Locker ransomware deploys virtual machine to dodge security

 

Did you know?

It is so easy for criminals to deceive victims with a phish as I show in this video of one our own dmin team received a few days ago. It is simple to protect your organizations using the BrightWeb. Protecting team members who have access to online banking are the most essential.

Need an IT professional? Request service today.