Dangerous PDF exploit combines two vulnerabilities
Fortunately, patches exist for both vulnerabilities in question, but if an unpatched Windows system suffers infection from this PDF exploit, all bets are off.
The exploit was discovered on a public repository for malicious files in what must have been early days for the malware, for it had no payload yet. Upon execution, the attack first uses an Adobe Reader flaw that allows bad actors to remotely write code straight into the memory. Then, the attack uses a Windows bug that allows the newly-inserted code to jump over Adobe’s sandbox boundaries and enter the mainframe, giving the attackers total control of the system.
Both the Windows patch and Adobe patch are available, and should be installed in every Windows system right away to prevent the potential harm this exploit could cause. (Note: Mac users should also install the Adobe patch, which fixes 47 security flaws, even though they are not susceptible to the Windows vulnerability or this PDF exploit.)
Senate votes to preserve net neutrality
Yesterday, proponents of net neutrality enjoyed a victory. The Congressional Review Act (CRA) discharge resolution, which would repeal the judgment last December to dismantle net neutrality rules, passed in the Senate by a vote of 52-47. The “yea’s” came from every Democratic senator plus three Republicans, resulting in final numbers that pundits more or less expected.
However, political experts also expect that this is as far as the net neutrality revival will go. The next step is to get the “repeal of the repeal” passed in the House, which is unlikely because Republicans have a larger majority.
But while the campaign to save net neutrality will most likely die at that stage, some believe the effort will work in the Democrats’ favor by revving up younger voters and giving them a cause that awakens their political activism.
TeleGrab information stealer swipes Telegram cache and key files
The desktop version of messenger app Telegram found itself the specific target of a malware that steals cache and key files. The malicious program, termed TeleGrab, first came to light last month, and has quickly been emerging in newer, evolved variants ever since. The newest iteration of the attack can hijack active Telegram sessions, which at the same time gives the attackers access to the user’s contact list and archived Telegram sessions.
One targeted vulnerability of the cloud-based messenger app is that its “Secret Chats” cannot be stored in the cloud, but only on the device of origin. TeleGrab has the ability to dig out these chats. The bad actor behind TeleGrab appears to be a known cybercriminal who operates behind several aliases, and he has even posted several YouTube videos with instructions on how to properly utilize the malware and take advantage of the files it collects.
Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Learn more about products that protect your digital life at avast.com. And get all the latest news on today’s cyberthreats and how to beat them at blog.avast.com.
*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/net-neutrality-and-trouble-for-telegram-messenger