Overview of new vulnerabilities in the software for the week

One of the most resonant events of the past week was the news of a vulnerability affecting all popular operating systems, including Linux, Windows, macOS, FreeBSD and some implementations of Xen hypervisors. The problem is a design flaw caused by a misunderstanding of the developers of some instructions in the Intel and AMD manuals and allows attackers at best to cause a malfunction in the work of computers based on Intel and AMD processors, and at worst – to access kernel memory or to gain control of the system .

The developers of malicious software for PoS-terminals TreasureHunter published its source code on one of the hacker forums. At present, it is not known for what reasons the authors of the malware disclosed its source code. According to security researchers, in the next few months, you should expect the emergence of a large number of malicious programs developed based on the TreasureHunter code.

From hacking, no one is insured – neither ordinary users, nor even professional hackers from government-backed groups. One of these victims was the organizers of the cyber-spy operation ZooPark, focused on the countries of the Middle East. As it became known to the journalists of Motherboard, an unknown hacker managed to steal from the cyberschains the cache of data collected from their victims in the Middle East. Information includes text messages, emails and GPS data collected using ZooPark tools, audio recordings of conversations received by malicious software.

On Thursday, May 10, activists calling themselves Anonymous hacked the old version of Rossotrudnichestvo’s website in response to Roskomnadzor’s actions aimed at blocking Telegram’s messenger. The unknown published an appeal to the department, in which they accused him of destructive actions against the Runet and senseless vandalism. The authors called for the site to be considered a “last warning” to Roskomnadzor.

At the end of last week, Radware experts warned Facebook users about a malicious campaign in which cybercriminals, through links to social networks, distribute malicious software Nigelthorn, capable of stealing user credentials and installing crypto currency minivers.

Despite numerous data leakage incidents, many companies, including large ones, do not take proper security measures. In particular, the largest UK mobile operator EE (with about 30 million subscribers) did not ensure the security of its key code repository, which could be authorized by anyone using the default credentials