Security Wrap-Up (March 9th, 2021)

  • 9 March 2021
  • 1 reply

Userlevel 6

Welcome back to another week of security news! Definitely some interesting stuff, check it out -

Massive supply-chain cyberattack breaches several airlines

The cyberattack on SITA, a nearly ubiquitious airline service provider, has compromised frequent-flyer data across many carriers. SITA has over 2,500 customers in the aviation industry and claims that its tech is used in 90% of international destinations. Malaysia Air and Singapore Airlines have already made headlines in recent days after alerting their customers they’ve been compromised as part of the attack. While the company didn’t comment specifically on the types of data exposed, it did include some personal data of airline passengers.

Malicious apps on Google Play dropped banking Trojans on user devices

Google has removed 10 apps from the Play Store which contained droppers for financial Trojans. Check Point Research (CPR) said in a blog post that the Android applications appear to have been submitted by the same threat actor who created new developer accounts for each app. The dropper was loaded onto otherwise innocent-looking software and each of the 10 apps were utilities, including Cake VPN and BeatPlayer.

Linux Foundation launches software signing service

The Linux Foundation is launching “sigstore,” a free-to-use software signing certificate authority open to all developers. Code signing cryptographically authenticates that software has not been tampered with before installation. But despite being a valuable tool, it can be a difficult feature for open source software producers to leverage, given the complexities of the process and key management. By opening up the sigstore project, they are aiming to make all releases of open source software verifiable.

Newest Intel side-channel attack sniffs out sensitive data

A new side-channel attack takes aim at Intel’s CPU ring interconnect in order to glean sensitive data. Unlike previous side-channel attacks, this attack does not rely on sharing memory, cache sets, and other former tactics. Instead it leverages a component called CPU ring interconnect contention. This component facilitates communication across various CPU units - including cores, the last-level cache, system agent, and graphics unit. These vulnerabilities can allow attackers to steal sensitive information such as encryption keys or passwords. Though Intel and other CPU manufacturers have stepped up their defenses of these attacks, the latest side-channel attack bypasses existing defenses.

Any security updates you want to share? Let us know below!

1 reply

Userlevel 7

That new side-channel is nuts. They’re now eavesdropping on communication between the cores. This is such a fascinating area of security.