Security Wrap-Up (May 25th, 2021)

Sorry I missed last week, but we’re back this week with more security updates!

macOS Big Sur 11.4 addresses vulnerability that could let attackers take secret screenshots
macOS Big Sur 11.4 was released on Monday morning and addressed a zero-day vulnerability that could allow attackers to piggyback off of apps like Zoom, secretly taking screenshots and recording the screen. This security issue would allow Privacy preferences to be bypassed, providing an attacker with Full Disk Access, Screen Recording, and other permissions without a user’s content.

Four Android bugs being exploited in the wild
Google updated its May 3rd Android security bulletin on Wednesday to say that there are “indications” that four of the 50 vulnerabilities may be targeted and exploited in the wild. These include Qualcomm GPU vulnerabilities CVE-2021-1905 & CVE-2021-1906 and ARM Mali GPU vulnerabilities CVE-2021-28663 & CVE-2021-28664. Google Android exploits are a rarity, with these four bugs making up two-thirds of the six total bugs to be exploited in the wild since 2014. Android phones that use Arm or Qualcomm GPUs are affected by these bugs.

US has almost 500,000 job openings in cybersecurity
If you’re not already in cybersecurity, now might be the time! There are about 465,000 open positions in cybersecurity in the US as of May 2021, according to Cyber Seek, a tech job-tracking database from the US Commerce Department. The need for more cybersecurity experts spans from private businesses to government agencies, with most of the job openings in California, Florida, Texas, and Virginia. “You don’t have to be a graduate of MIT to work in cybersecurity,” said Tim Herbert, executive vice president for research at CompTIA. “It just requires someone who has the proper training, proper certification and is certainly committed to the work.”

Pulse Secure VPNs get quick fix for critical RCE
Pulse Secure has issued a workaround for a critical remote-code execution (RCE) vulnerability in its Pulse Connect Secure (PCS) VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. Pulse Secure’s parent company, Ivanti, issued an out-of-band advisory on May 24th. The company explained that this high-severity bug, CVE-2021-22908, affects Pulse Connect Secure versions 9.0Rx and 9.1Rx. Both of the workarounds to the vulnerability are available in the link above.

Are there any security updates you’d like to share? Leave them in the comments below!