Please see Security Advisories for the week ending February 19, 2021
- Microsoft Releases February 2021 Security Updates
- Google Releases Security Updates for Chrome
- North Korean Malicious Cyber Activity – AppleJeus
________________________________
Microsoft Releases February 2021 Security Updates
Situation
Microsoft has released its monthly security updates for February 2021. These updates address vulnerabilities in the following Microsoft software:
- Windows Console Driver
- Windows Defender
- Role: DNS Server
- Role: Hyper-V
- .NET Core
- .NET Framework
- ++++
Microsoft has released more updates for products for a complete list please see the detailed overview link below.
Problem
Microsoft has released fixes for 36 vulnerabilities across their software portfolio, some of them can be exploited and allow an attacker to take control of the affected system to gather data and pivot into other systems or networks.
Implication
Microsoft has fixed a variety of different vulnerabilities with the impact depending on the product and vulnerability. The most severe of which could allow a remote attacker to take control of the affected system.
Need
Microsoft recommends updating all affected Microsoft software as soon as possible to protect against these vulnerabilities.
For a brief overview:
For a more detailed overview:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Feb
________________________________
Google Releases Security Updates for Chrome
Situation
Google has released a security update for Chrome 88.0.4324.182 for Windows, Mac, and Linux.
Problem
Google has identified and patched vulnerabilities in Chrome that include stack overflow, use after free, and heap buffer overflow.
Implication
An attacker exploiting these vulnerabilities can take control of the affected system.
Need
Please update Chrome to the latest version.
For a more detailed overview:
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
________________________________
North Korean Malicious Cyber Activity – AppleJeus
Situation
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Treasury (Treasury) have created a security advisory highlighting the cyber threat to cryptocurrency, posed by North Korea state-sponsored advanced persistent threat (APT) HIDDEN COBRA. HIDDEN COBRA is targeting individuals and companies, including cryptocurrency exchanges and financial service companies, through the dissemination of cryptocurrency trading applications that have been modified to include malware that facilitates the theft of cryptocurrency.
Problem
HIDDEN COBRA's malicious application has been seen on both Windows and Mac operating systems. This malware appears to be from a legitimate cryptocurrency trading company, thus fooling individuals into downloading it as a third-party application from a website that looks legitimate. In addition to infecting victims through legitimate looking websites, HIDDEN COBRA also uses phishing, social networking, and social engineering techniques to trick users into downloading the malware.
Implication
If a user is tricked into downloading and installing this malware it can allow HIDDEN COBRA to steal their cryptocurrency as well as install additional malware that can gain full control of the user’s device.
Need
CISA encourages users and administrators to review the following resources for more information
For a brief overview:
AppleJeus analysis:
