Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

BleepingComputer’s most popular cybersecurity stories of 2022

It was a big year for cybersecurity in 2022 with massive cyberattacks and data breaches, innovative phishing attacks, privacy concerns, and of course, zero-day vulnerabilities.

Some stories, though, were more popular with our readers than others.

While the recent discovery that hackers stole LastPass vault data in its August cloud storage breach was too new to make it into the top ten list, it warrants a mention.

Below are the ten most popular stories at BleepingComputer during 2022, with a summary of each.

10. Russia creates its own TLS certificate authority to bypass sanctions

Russia created its own TLS certificate authority (CA) to allow websites to continue to provide HTTPS connections after sanctions prevented them from renewing certificates from Western companies.

As certificate authorities need first to be vetted by companies before they are used in their browsers, Russia-based Yandex browser and Atom products were the only companies to recognize the new CA at the time.

Due to this, Russia told citizens to use these browsers instead of Chrome, Firefox, Edge, etc.

9. Malicious Android apps with 1M+ installs found on Google Play

Four malicious Android apps were available on Google Play that stole sensitive information from victims’ devices and generated ‘pay-per-click’ revenue for the operators.

The malware impersonated Bluetooth apps that would not show malicious functionality until 72 hours after being installed. This delay allowed the apps to evade detection by security software and Google’s review process.

8. BIG sabotage: Famous npm package deletes files to protest Ukraine war

The developer of the very popular npm package named ‘node-ipc’ released sabotaged versions of the library that deleting all data and overwriting all files on developer’s machines, in addition to creating new text files with “peace” messages.

WITH-LOVE-FROM-AMERICA.txt file with multilingual 'peace' messages ​​​​​​

7. GIFShell attack creates reverse shell using Microsoft Teams GIFs

A new social engineering attack allowed for a method that could be used to abuse Microsoft Teams for phishing attacks and covertly executing commands to steal data using GIFs.

This method abused various flaws to exfiltrate data directly through Microsoft’s own servers, making it look like legitimate Microsoft Team’s traffic.

It should be noted that the attacker must first convince a user to install a malicious stager that executes commands and upload output to a Microsoft Teams webhook.

6. Chrome extensions with 1 million installs hijack targets’ browsers

Over thirty malicious Google Chrome extensions with a combined one million installs on the Chrome Web Store were used to inject affiliate links into websites and hijack searches.

The extensions themselves did not contain malicious code, making them hard to detect.

However, once installed, they redirected users to other sites that prompted for the installation of further extensions that sideloaded malicious JavaScript into the browser.

Advertisement. Scroll to continue reading.

5. Linux system service bug gives root on all major distros, exploit released

A Linux vulnerability named PwnKit was found in Polkit’s pkexec component that attackers could exploit to gain full root privileges on the system.

This vulnerability was tracked as CVE-2021-4034 was present in the default configuration of all major Linux distributions, making it a significant concern for admins and security professionals.

4. Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs

Security researchers discovered that the desktop app for Microsoft Teams saved authentication tokens in clear text in various locations of Windows.

These authentication tokens could be stolen by threat actors who gained access to the device to log in as the user, even if they had multi-factor authentication (MFA) enabled.

Microsoft and many security researchers did not believe this was an issue in itself as it requires a user to already have gained access to a system before they could steal the tokens, which already means its “game over” for the user as the threat actor could access all locally stored data.

However, other researchers found this report to be of significant concern due to the rising tide of information stealers that could steal the tokens and send them back to remote attackers.

3. Okta’s source code stolen after its GitHub repositories hacked

BleepingComputer was the first to report that threat actors gained access to Okta’s GitHub repositories and stole the company’s source code.

Okta began alerting customers last month via a “Confidential” email shared with BleepingComputer, warning that the source code for Okta Workforce Identity Cloud (WIC) was exposed in the breach.

However, they stated that hackers did not access the source code for Auth0 (Customer Identity Cloud) products during the breach.

2. Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps

The developer of the popular open-source libraries ‘colors’ and ‘faker’ intentionally introduced an infinite loop that bricked thousands of projects that depend on the packages.

Applications using these libraries suddenly found their projects outputting gibberish messages on their console stating, ‘LIBERTY LIBERTY LIBERTY’ followed by a sequence of non-ASCII characters:

Garbage data printed by 'faker' and 'colors' projects

This change appears to have been introduced in retaliation against mega-corporations and commercial consumers of open-source projects who extensively rely on cost-free and community-powered software but do not, according to the developer, give back to the community.

1. Android phone owner accidentally finds a way to bypass lock screen

This year’s most-read story is about how a security researcher accidentally discovered a way to bypass the lock screen on his fully patched Google Pixel 6 and Pixel 5 Android smartphones.

This vulnerability is tracked as CVE-2022-20465 and was fixed in the Android security updates released on November 7, 2022.

A demonstration of this bypass is shown in the viewed below.

Copyright 2021 Associated Press. All rights reserved.

Advertisement. Scroll to continue reading.

Source: https://www.bleepingcomputer.com/news/security/bleepingcomputers-most-popular-cybersecurity-stories-of-2022/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

It has recently come to light that the individuals responsible for the development and distribution of the infamous Raccoon Stealer malware have returned to...

Cyber Security

A group of researchers recently published a significant mass-spreading phishing campaign. It targets Zimbra account users, shedding light on a campaign that has been active...

Cyber Security

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich....

Cyber Security

A plot allegedly hatched by lawyer Sidney Powell to use stolen data to rewrite the results of the Georgia vote in the 2020 election...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO