New MASQ Tool Spoofs Device Fingerprints Allowing Attackers To Bypass Security Checks
A new hacking tool may threaten security approaches as it lands on the dark web. According to researchers, the new MASQ tool available for sale on the dark web spoofs device fingerprints, essentially allowing an adversary to bypass security checks. MASQ Tool Spoofs Device Fingerprints Researchers from the cybersecurity firm Resecurity HUNTER have spotted the MASQ tool actively sold on the dark web. As elaborated in a report from Security Affairs, the MASQ tool spoofs device fingerprints to bypass authentication mechanisms. Device fingerprints typically include specific details of a users’ device that serve as the users’ online identity. These may include the IP address, browser information, device model, type, and features, screen resolution, time zone, browser plugins, language settings, and more. These details help the antifraud mechanisms to validate legit users. However, the new MASQ tool can spoof this all. Thus, it becomes too difficult to distinguish a spoofed login from a legit one. This helps the attackers break into users’ bank accounts, make fraudulent payments, and meddle with other online transactions.
In short, an attacker may easily spoof the device of a target victim together to impersonate the user. While there might be some differences in digital details, such as the exact IP, a spoofed fingerprint would trick the system into trusting the malicious attempt. MASQ is currently on sale on the dark web for $130 with as low as $1 per new device fingerprint. The recent version of the tool is MASQ v.0.198, released on June 13, 2021. The tool presently includes more than 70 spoofed fingerprints from different devices that the sellers have sorted into six different categories. These include mobile phones, tablets, gaming consoles, Smart TVs, and more.
Google Launched End-to-End Encryption To Android Messages App For All Users
Google has recently rolled out end-to-end encryption to all the users of the Android Messages app. The feature arrives after months of testing with beta users. The tech giant also launched Earthquake Alerts and other interesting features with the latest update. Android Messages End-to-End Encryption Google has recently announced the release of end-to-end encryption to its Android Messages app. The app serves as the default SMS and RCS app on most Android phones. Despite its extensive use that includes sensitive data (such as 2FA codes), the app lacked the much-needed e2e encryption, giving Apple’s iMessage an edge. However, months after announcing the launch of this feature in November 2020, Google has now released end-to-end encryption for all users globally. Initially, the feature remained limited to the beta testers only. According to the updates shared, this feature currently applies to one-to-one chats between Messages users with chat features enabled. Users will know about the active e2e encryption on chats as a padlock sign will appear at the top of the screen. Earthquake Alerts And More Features Also Released Alongside end-to-end encryption, Google has also introduced numerous other features that will rejuvenate Android users’ experience.
NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws
U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure.
Tracked from CVE‑2021‑34372 through CVE‑2021‑34397, the flaws affect products Jetson TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, and Nano and Nano 2GB running all Jetson Linux versions prior to 32.5.1. The NVIDIA Jetson line consists of embedded Linux AI and computer vision compute modules and developer kits that primarily caters to AI-based computer vision applications and autonomous systems such as mobile robots and drones.
Chief among the vulnerabilities is CVE‑2021‑34372 , a buffer overflow flaw in its Trusty trusted execution environment that could result in information disclosure, escalation of privileges, and denial-of-service.
The rest of the flaws, also related to Trusty and Bootloader, could be exploited to impact code execution, causing denial-of-service and information disclosure, the company noted.
«Earlier software branch releases that support this product are also affected,» NVIDIA said
source — https://thehackernews.com/2021/06/nvidia-jetson-chipsets-found-vulnerable.html
Unpatched Flaw in Linux Pling Store Apps Could Lead to Supply-Chain Attacks
Cybersecurity researchers have disclosed a critical unpatched vulnerability affecting Pling-based free and open-source software marketplaces for Linux platform that could be potentially abused to stage supply-chain attacks and achieve remote code execution . «Linux marketplaces that are based on the Pling platform are vulnerable to a wormable with potential for a supply-chain attack,» Positive Security co-founder Fabian Bräunlein said in a technical write-up published today. «The native PlingStore application is affected by an RCE vulnerability, which can be triggered from any website while the app is running». «As the application can install other applications, it has another built-in mechanism to execute code on the level,» Bräunlein explained.
«As it turns out, that mechanism can be exploited by any website to run arbitrary native code while the PlingStore app is open in the background». Put differently, when a user visits a malicious website via the browser, the XSS is triggered inside the Pling app while it’s running in the background. Not only can the JavaScript code in the website establish a connection to the local WebSocket server that’s used to listen to messages from the app, it also uses it to send messages to execute arbitrary native code by downloading and executing an .
Source — https://thehackernews.com/2021/06/unpatched-critical-flaw-affects-pling.html
Stay Focused. Stay Vigilant.
Cyber Threat Incident Management Team — Cyber Security Community @ SLIIT