Hacken Token
$ -- --.--
Weekly News Digest #20

Weekly News Digest #20

A zero-day vulnerability in SonicWall products actively exploited in the wild

In SonicWall enterprise security products was find a zero-day vulnerability that is actively exploited in the wild. 

In January security provider SonicWall confirmed a “highly sophisticated, coordinated” attack on its systems.

The company, which develops networking tools, cybersecurity products, and cloud platform solutions, said that an unknown assailant leveraged zero-day vulnerabilities in its products to access its infrastructure.

Cybersecurity company NCC Group, which has been investigating the incident, has now announced a zero-day vulnerability in the company’s SMA 100 series of secure remote access devices, which is actively being exploited.

Read more

New Chrome Browser 0-day Under Active Attack—Update Immediately!

In Chrome web browser for desktop was found a zero-day vulnerability that is actively exploited.

The company released 88.0.4324.150 for Windows, Mac, and Linux, with a fix for a heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.

It’s typical of Google to restrict details of the vulnerability until a majority of users are updated with the fix, the development comes weeks after Google and Microsoft disclosed attacks carried out by North Korean hackers against security researchers with an elaborate social engineering campaign to install a Windows backdoor.

Google has already patched this vulnerability. Please update your browser.

Read more

Trucking company Forward Air said its ransomware incident cost it $7.5 million

Trucking and freight transportation logistics company Forward Air said a recent ransomware attack left a dent of $7.5 million in its Q4 financial results.

The sum was described as a loss of revenue from its LTL (less-than-load) trucking business and not costs incurred from dealing with the incident.

The losses stemmed “primarily because of the Company’s need to temporarily suspend its electronic data interfaces with its customers,” Forward Air said in SEC documents filed today. The ransomware incident, which took place on December 15 last year and was identified as an attack with the Hades ransomware, forced the company to take all of its IT systems offline to deal with the intrusion.

Read more

A total amount of $14 million gone in Yearn Finance exploit

Yearn Finance has reported an exploit on one of its DAI vaults. Defi lending project Yearn Finance had been hit by an exploit that has affected a DAI lending pool. Yearn aggregates Defi lending protocols such as Aave and Compound to make sure users get the best return on their loan.

Last year Yearn Finance was also attacked, hackers handled a flash loan, together with a set of devious transactions between Curve, Uniswap, and Harvest, that enabled them to dump millions of dollars worth of stable coin from Harvest’s pools. The said cyberattack emphasized how flash loans can be utilized to exploit weak economic points in Defi protocols and pool to the tune of millions of dollars.

Read more

Over a Dozen Chrome Extensions Caught Hijacking Google Search Results for Millions

New details have surfaced about a vast network of rogue extensions for Chrome, and Edge browsers found to hijack clicks to links in search results pages to arbitrary URLs, including phishing sites and ads.

Collectively called “CacheFlow” by Avast, the 28 extensions in question — including Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock — made use of a sneaky trick to mask its real purpose: Leverage Cache-Control HTTP header as a covert channel to retrieve commands from an attacker-controlled server.

All the backdoored browser add-ons have been taken down by Google and Microsoft as of December 18, 2020, to prevent more users from downloading them from the official stores.

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.