#AxisOfEasy 234: European Data Protection Supervisor Calls For An End To Pegasus Spyware


Weekly Axis Of Easy #234


Last Week’s Quote was “The  idea that everybody you do business or interact with has a moral  obligation to share your political views is the height of grandiosity  and narcissism.  When that is weaponized, you have #CancelCulture.”  … was by Mark Jeftovic.  No one got it.

This Week’s Quote:  “The small fringe minority of people who are on their way to Ottawa, who are holding unacceptable views that they are expressing, do not represent the views of Canadians,”… by???

THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.


 

In this issue:

  • Google Chrome announces the first Zero-Day of the year 
  • Several eCommerce stores running outdated software hit by MageCart Attacks 
  • Ukrainian Ministry of Defense and state-owned banks targeted by DDoS attacks 
  • Russian hackers stole sensitive defense information from US contractors
  • European Data Protection Supervisor calls for an end to Pegasus spyware


Elsewhere online:

 
  • Facebook settles decade-old privacy violation suit for $90 million
  • Researchers discover a high-impact web security vulnerability in Grafana
  • Cloud computing company VMware releases security patches for high-severity vulnerabilities
  • What’s up with Firefox?
  • Researchers reported details of a patched high-severity vulnerability in Apache Cassandra Database Software
     

Google Chrome announces the first Zero-Day of the year

Google’s Chrome browser received 11 security patches on Monday, including its first zero-day exploit of the year.

According to Google’s brief update, the weakness is a use-after-free vulnerability named CVE-2022-0609, which could allow arbitrary code to be executed on vulnerable systems and lead to all sorts of problems. Browser security sandboxes are also exploitable through these kinds of flaws. 

Given that this vulnerability is currently being exploited, Google researchers advise users to update Google Chrome immediately to prevent further security issues.

The company’s brief update also included information about four other high-severity use-after-free flaws found in the browser’s website API, File Manager, Angle, and GPU.

Clément Lecigne and Adam Weidemann, both from Google’s Threat Analysis Group, were responsible for the Animation zero-day fix.

Read: https://threatpost.com/google-chrome-zero-day-under-attack/178428/


Several eCommerce stores running outdated software hit by MageCart Attacks

Sansec, an eCommerce security consultancy, reported that several online stores using Magento 1 e-commerce system were being targeted by a web skimmer.

According to the company, their crawler program detected approximately 374 infections in one day. The infected files were downloaded from a currently unavailable domain.

In Magento stores susceptible to the Quickview plugin vulnerability, an attacker infiltrates rogue admin users using this vulnerability as the initial intrusion vector. In this case, the flaw was exploited to add a default value, which led to a file carrying a simple backdoor to the database. The code execution is initiated when a prospective consumer navigates to the Magento login page and meets the validation requirements.

Sansec reports that the intruders created 19 backdoors on the compromised system, which means the hacked sites must remove them all to avoid being targeted in future attacks.

Read: https://www.cysecurity.news/2022/02/several-magento-sites-were-targeted-by.html?m=1 


Ukrainian Ministry of Defense and state-owned banks targeted by DDoS attacks

The Ministry of Defense and the Armed Forces of Ukraine and two of the country’s state-owned banks were hit by Distributed Denial-of-Service (DDoS) attacks. According to Netblocks, an internet monitoring organization, the incident occurred on Tuesday afternoon and lasted several hours.

DDoS probably attacked the MOU website. An excessive number of requests per second were recorded. Technical works on restoring regular functioning are being carried out,” the Defense Ministry said on Tuesday afternoon.

No direct attribution has been made for the attacks, but they were likely coordinated from Moscow. The conflict between these two nations has been escalating for months now. Russia intensifies its pressure against the Ukrainian nation after a build-up of tens of thousands of Russian troops near the border with Ukraine.

On this matter, President Biden has warned of consequences against Russia.

If Russia attacks the United States or our allies through asymmetric means, like disruptive cyber-attacks against our companies or critical infrastructure, we are prepared to respond,” he said.

Read: https://www.infosecurity-magazine.com/news/ukraine-defense-bank-networks-ddos/ 


Russian hackers stole sensitive defense information from US contractors

In a joint statement released on Wednesday, the FBI, alongside CISA and the NSA, has warned that Russian state-sponsored hackers target US contractors for sensitive defense information.

Some of these threat actors have been successful. As a result, they have gained “significant insight into the development and deployment of US weapons platforms, vehicle specifications, and plans for communications infrastructure and information technology.

The agencies stated that large and small cleared defense contractors (CDC) had been the subjects of “regular targeting” from January 2020 to February 2022. In some cases, these hackers would even keep continued access to several CDC networks for at least six months, according to CISA.

According to the release, threat actors, for instance, exfiltrated hundreds of documents related to the company’s products, relationships with other countries, as well as personnel and legal matters during a compromise in 2021.

The Russian hackers used several hacking methods such as spear phishing or credential harvesting to access these documents. The agencies reported the attacker took advantage of simple passwords, unpatched systems, and innocent workers to “gain initial access before moving laterally through the network to establish persistence and exfiltrate data.”

The FBI, NSA, and CISA expect these attacks to continue targeting CDCs for US defense information and encourage contractors to apply several recommended mitigations to prevent further issues.

Read: https://portswigger.net/daily-swig/russian-nation-state-hackers-targeting-us-contractors-for-sensitive-defense-information-fbi-warns 


European Data Protection Supervisor calls for an end to Pegasus spyware

The European Data Protection Supervisor (EDPS) has called for a ban on controversial Pegasus spyware in the region, warning that NSO’s spyware tool goes against the user’s “fundamental rights,” making it incompatible with the EU’s democratic values.  

Developed by the Israeli company NSO Group, Pegasus is a highly sophisticated piece of intrusion software made for phones running Android and iOS that can be used to monitor users and extract sensitive information, record conversations, and monitor location.  

The software has been the central piece in a recent controversy sparked by a series of disclosures published by Calcalist, an Israeli day business newspaper. As revealed in the news, the Israel Police collected intelligence about dozens of Israeli citizens by using the NSO Group’s spyware without a search warrant. There’s also evidence that the spyware has been used to hack into the phones of journalists, dissidents, activists, and political figures from several countries.

On this matter, the EDPS has stated that the spyware should not be compared to law enforcement interception tools and that “national security cannot be used as an excuse for the extensive use of such technologies nor as an argument against the involvement of the European Union.

The EU Data Protection Supervisor called for a better understanding and supervision of surveillance measures. The watchdog proposed a “stricter implementation of data regulations and strengthening legislation outlawing the use of sophisticated hacking tools such as Pegasus to safeguard against unlawful use.”

Read: https://thehackernews.com/2022/02/eu-data-protection-watchdog-calls-for.html 


Elsewhere online:


Facebook settles decade-old privacy violation suit for $90 million

https://thehackernews.com/2022/02/facebook-agrees-to-pay-90-million-to.html 

Researchers discover a high-impact web security vulnerability in Grafana

https://portswigger.net/daily-swig/grafana-web-security-vulnerability-opened-a-plethora-of-attack-possibilities?&web_view=true 


Cloud computing company VMware releases security patches for high-severity vulnerabilities

https://thehackernews.com/2022/02/vmware-issues-security-patches-for-high.html 


What’s up with Firefox?

https://www.wired.com/story/firefox-mozilla-2022/


Researchers reported details of a patched high-severity vulnerability in Apache Cassandra Database Software

https://thehackernews.com/2022/02/high-severity-rce-security-bug-reported.html?&web_view=true



Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

Mark Jeftovic

 

 

22 thoughts on “#AxisOfEasy 234: European Data Protection Supervisor Calls For An End To Pegasus Spyware

  1. Yes, Trudeau. Son of the PET.

    Regarding Firefox, certainly some percentage of their users, like me, dropped them never to return when they cancelled Brendan Eich for making a small personal donation to a political cause they disagreed with.

    Is that the reason they’re down? Who knows, who cares. But playing stupid identity games and alienating some % of your user base is just stupid.

  2. It appears I was beaten to this one…That HAS to be Trudumb….I mean Trudass…..oops sorry, I mean – Mr. Trudeau Jr.

  3. “The small fringe minority of people who are on their way to Ottawa, who are holding unacceptable views that they are expressing, do not represent the views of Canadians,”.

    I’m guessing Justin Hitler Trudeau

  4. First time I’ve known the answer, but obviously way too late.

    I found it slightly disturbing that he condemned “unacceptable views” as opposed to actions. Maybe he misspoke.

  5. Well, I am going to suggest a different name: Justin Castro – based on the evidence, and his behavior, he is following in the footsteps of his dictatorial dad. The apple doesn’t fall far from the tree…

  6. RE: Last Week’s Quote.

    WHO is MArk Jeftovic? Let me guess, someone who is expert at using subtlety when trying to flog one of their books? 😉

Leave a Reply to Jean Rajotte Cancel reply

Your email address will not be published. Required fields are marked *