Cyber Security News of the week — 13.09.2021|17.09.2021

The Good

Kali Linux 2021.3 Release With New Hacking Tools

The Offensive Security once again recently released the third new version of Kali Linux this year, and it’s dubbed as Kali Linux 2021.3.

Offensive security used to release a Kali linux versions update each and every year with new feature, in order to provide the best experience for the cybersecurity community.

This is the third update for this year since Kali Linux 2021.1 was released in February 2021, and Kali linux 2021.2 released on June.

Along with the new downloadable version of Kali Linux 2021.3, Offensive Security has also added many new features and new hacking tools with this new release.

Here one of the most interesting and fun facts is that you can even run this new version of Kali Linux on your TicHunter Pro smartwatch as well. This Linux distribution is based on Debian since it’s for ethical hackers and professional penetration testers.

The implementation of Kali Linux 2021.3 into TicHunter Pro is still in its origin, so, the introduction of the world’s first Kali Linux-powered smartwatch is forthwith.

Desktop & Theme Updates

While now if we talk about the changes in the desktop space, then Offensive Security has made some changes and here they are mentioned below:-For the Xfce’s notifications and logout-dialog, they have improved the GTK3 theme.

Source :-https://gbhackers.com/kali-linux-2021-3/

The Bad

Twitter Launches Safety Mode To Block Abusive Comments

The security analysts of the Palo Alto Networks have recently pronounced about a new vulnerability that has been named Azurescape. According to the report, the issue involved the Azure Container Instances, a cloud service that enables companies to deploy packaged applications in the cloud.

Potentially affected Azure Container Instances accounts

There is no proper indication that any customer data was being obtained because of this vulnerability.

Background on Azure Container Instances

Azure Container Instances was initially published in July 2017, and it was the very first Container-as-a-Service that has been contributed by a major cloud provider.

After checking all the nodes carefully the security researchers stated that they have verified that their container was the only customer container.

Kubernetes CVE-2018–1002102

The API-server infrequently stretches out to Kubelets, but, the CVE-2018–1002102 marks a security problem in how the API-server is acquainted with Kubelets and it has also accepted redirects.

Influence of the Attack and fix

The malicious Azure user can easily compromise the multitenant Kubernetes clusters that are hosting ACI and the cluster administrator.

How to secure ACI?

Apart from this, cybersecurity analysts have suggested some points that will help the users to keep the ACI secure.

Always keep urself updated regarding security-related notifications like this one by configuring Azure Service Health Alerts.

Source — https://gbhackers.com/microsoft-warns-of-azure-bug/

The Ugly

Mēris Botnet Hit Russia’s Yandex With Massive 22 Million RPS DDoS Attack

Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service attack by a new botnet called Mēris.

The botnet is believed to have pummelled the company’s web infrastructure with millions of HTTP requests, before hitting a peak of 21.8 million requests per second , dwarfing a recent botnet-powered attack that came to light last month, bombarding an unnamed Cloudflare customer in the financial industry with 17.2 million RPS.

“It is also clear that this particular botnet is still growing. There is a suggestion that the botnet could grow in force through password brute-forcing, although we tend to neglect that as a slight possibility. That looks like some vulnerability that was either kept secret before the massive campaign’s start or sold on the black market,» the researchers noted, adding Mēris “can overwhelm almost any infrastructure, including some highly robust networks due to the enormous RPS power that it brings along”.

But in a forum post, the Latvian network equipment manufacturer said these attacks employ the same set of routers that were compromised via a 2018 vulnerability that has since been patched and that there are no new vulnerabilities impacting the devices.

“Unfortunately, closing the vulnerability does not immediately protect these routers. If somebody got your password in 2018, just an upgrade will not help. You must also change password, re-check your firewall if it does not allow remote access to unknown parties, and look for scripts that you did not create,” it noted.

Source — https://thehackernews.com/2021/09/meris-botnet-hit-russias-yandex-with.html?m=1

Stay Focused. Stay Vigilant.

Cyber Security News Team — Cyber Security Community of SLIIT

First they begin with Us..