Your daily dose of tech news, in brief. Note: Snap! will be on haitus for the upcoming holidays, but will return Tuesday January 4th.
You need to hear this.
Microsoft: State-sponsored hackers Are exploiting Log4j vulnerability
The Log4j situation continues to develop, and in the midst of the rolling-out of fixes, major hacking groups are now utilizing the flaw.
According to PCMag:
“On Tuesday, the company warned it had observed nation-state hacking groups from China, Iran, North Korea, and Turkey trying to exploit the Log4j 2 flaw. Their activites include experimenting with the bug and abusing the flaw to drop malicious payloads and extract data from victims.
According to Microsoft, an Iranian hacking group, dubbed Phosphorus or Charming Kitten, has allegedly been exploiting Log4j 2 to spread ransomware. A separate group from China called Hafnium has been observed leveraging the vulnerability to help it target potential victims.
“In these attacks, Hafnium-associated systems were observed using a DNS service typically associated with testing activity to fingerprint systems,” Microsoft said.
The report from Microsoft underscores the need for the entire tech industry to patch the flaw before mayhem ensues. The company didn’t identify the state-sponsored hacking groups from North Korea or Turkey. But Microsoft added that other cybercriminal groups, called “access brokers,” have been spotted exploiting the Log4j 2 bug to gain a foothold into networks. “These access brokers then sell access to these networks to ransomware-as-a-service affiliates,” Microsoft said. “We have observed these groups attempting exploitation on both Linux and Windows systems, which may lead to an increase in human-operated ransomware impact on both of these operating system platforms.” Other cybersecurity companies, including Mandiant, have also spotted state-sponsored hacking groups from China and Iran targeting the flaw. “We anticipate other state actors are doing so as well, or preparing to,” said Mandiant VP of Intelligence Analysis John Hultquist. “We believe these actors will work quickly to create footholds in desirable networks for follow-on activity, which may last for some time.”“
Log4j: Major IT vendors rush out fixes for this flaw and more ahead of Christmas
As already stated, fixes for Log4j are coming as quickly as vendors can make them. In addition, VMWare also has a fresh non-Log4j bug to smooth out ahead of the holidays.
According to ZDNet:
“IBM has confirmed several of its major enterprise products are affected by the Log4j bug. On Thursday, the company confirmed that the IBM Db2 Warehouse, which uses Log4j, allowed a remote attacker to execute arbitrary code on the system. Log4j is used in the Db2 Federation feature. IBM has released a special fix pack and mitigation notes for Db2 version 11.5 systems that are vulnerable if certain Federation features are configured.
Since Wednesday, IBM has released Log4j fixes for over a dozen cloud products, spanning security and identity, analytics, databases, managed VMware services, and Watson AI products. It has also released fixes for 20 on-premises IBM products for Cognos business intelligence, Power hardware, WebSphere, Watson, and more.
VMware is also updating its list of affected products, most of which are badged as ‘critical’ with a CVSS severity score of 10 out of 10, and currently marked as ‘patch pending’. Where patches are not available, VMware is updating its recommended mitigations to factor in updates addressed by Apache Foundation’s Log4j version 2.16 release, which addressed the incomplete patch it initially released last week. But the virtualisation giant has also released a patch to address a critical non-Log4j Server Side Request Forgery (SSRF) vulnerability in its Workspace ONE Unified Endpoint Management (UEM) console.
Tracked as CVE-2021-22054, this flaw would allow an attacker with network access to UEM to “send their requests without authentication and may exploit this issue to gain access to sensitive information”, according to VMware’s advisory.“
Google Play app with 500,000 downloads sent user contacts to Russian server
A popular app for the Android platform has been found to be malware, but not after being installed hundreds of thousands of times.
According to Ars Technica:
“The app, named Color Message, was still available on Google servers at the time this post was being prepared. Google removed it more than three hours after I asked the company for comment. Ostensibly, Color Message enhances text messaging by doing things such as adding emojis and blocking junk texts. But according to researchers at Pradeo Security said on Thursday, Color Message contains a family of malware known as Joker, which has infected millions of Android devices in the past.
“Our analysis of the Color Message application through the Pradeo Security engine shows that it accesses users’ contact list and exfiltrates it over the network,” the company’s blog post stated. “Simultaneously, the application automatically subscribes to unwanted paid services unbeknownst to users. To make it difficult to be removed, the application has the capability to hide its icon once installed.” Joker falls into a category of malware known as Fleeceware. It simulates clicks and intercepts text messages in an attempt to surreptitiously subscribe users to paid premium services they never intended to buy. Joker is hard to detect because of the tiny footprint of its code and the techniques its developers use to stash it. Over the past few years, the malware has been found lurking in hundreds of apps downloaded by millions of people.“
But there’s more going on in the world than that.
NASA’s probe took a video as it “touched the sun” and wow
We read recently about the Parker Solar Probe’s visit to the sun. Now NASA has put together a video of the probe’s journey, and it’s quite an amazing thing to see!
According to Futurism:
“The tiny probe made its way through the star’s upper atmosphere, taking important readings of its surroundings. It even took the time to capture tons of images during its amazing stunt, which scientists stitched together for an incredible video with the Milky Way peeking out behind a stream of highly energized particles — an unprecedentedly close and fascinating look at our star. It must have been quite the experience for the Solar Probe as it made its way through a feature of the Sun’s atmosphere called a pseudostreamer, which are huge ribbon-like structures that are visible during solar eclipses.
“Passing through the pseudostreamer was like flying into the eye of a storm,” reads NASA’s statement. “Inside the pseudostreamer the conditions quieted, particles slowed and the number of switchbacks dropped — a dramatic change from the busy barrage of particles the spacecraft usually encounters in the solar wind.” It’s an amazing video — especially considering the probe was screaming through the Sun’s atmosphere at over 142 kilometers per second. Now, what it discovered could change our understanding of the Sun forever.“
Be sure to check the link below for the video!
And you can’t not know this.
First true millipede discovered – new species with more than 1,000 legs found deep underground in Australia
Until now, ‘millipede’ was just a name: a very long bug was discovered in Australia, and when the legs were counted it became official: the first millipede.
According to SciTechDaily:
“The discovery of the first millipede with more than 1,000 legs is reported in Scientific Reports this week. Prior to this, no millipede had been found with more than 750 legs. Paul Marek and colleagues discovered the millipede 60 meters underground in a drill hole created for mineral exploration in the mining area of the Eastern Goldfields Province of Australia. It has 1,306 legs — more than any other animal — and belongs to a new species that has been named Eumillipes persephone. The authors measured four members of the new species and found that they have long, thread-like bodies consisting of up to 330 segments and are up to 0.95mm wide and 95.7mm long. They are eyeless, have short legs, and cone-shaped heads with antennae and a beak.
Analysis of the relationships between species suggests that E. persephone is distantly related to the previous record holder for the greatest number of legs — the Californian millipede species, Illacme plenipes. The authors suggest that the large number of segments and legs that have evolved in both species may allow them to generate pushing forces that enable them to move through narrow openings in the soil habitats they live in.“
What story(ies) interested you today? (Up to 5!)
This content was originally published here.