Sinister Emojis & Critical Oracle Patch Among New Cybersecurity Worries
Emojis have become the bait-of-choice for scammers.
Rogue emojis that fool users and dealing with a critical oracle patch highlight two separate report about some recent cybersecurity issues organizations and their staff may encounter.
In case people were too busy celebrating World Emoji Day July 17, the San Diego-based Identity Theft Resource Center warned those cute little icons that liven up texts, tweets or posts are now part of scammers’ attack repertoire to build trust to acquire money or sensitive information.
“Emojis have become the bait-of-choice for scammers hoping to convince internet users that their posts are genuine and trustworthy,” the ITRC said. By filling their spammy announcements with emojis and other tiny symbols, they hope to lure unsuspecting users who think they are dealing with someone who is friendly and trustworthy.
The internet watchdog group added, “Instead, the false front of light-hearted communication can lead to a far more sinister trap. Furthermore, if you have downloaded an emoji keyboard from a non-approved source, you might have exposed your device to viruses, malware, or other methods of data harvesting.”
The ITRC alert also reminded people to remember scammers can initiate a new contact and look to entice individuals to make a connection or they can spoof an existing account, so individuals should observe caution when considering adding a friend. “Also make sure you’re only installing approved and vetted keyboard apps, even if your device manufacturer allows you to install third-party programs.”
In separate alert, Dublin, Ireland and Atlanta-based Waratek Issued guidance on Oracle’s latest Critical Patch Update for July 2018. July’s critical patch update addressed more than 330 security vulnerabilities (including 61 rated critical) covering a huge breadth of the Oracle enterprise collection.
The CPU fixes eight Java system expansion-related vulnerabilities. In addition, the update fixed five new critical Java vulnerabilities in the WebLogic Server. All vulnerabilities prior to the repair were remotely exploitable by hackers without user credentials.
Waratek noted the number of Java SE patches in the third quarter CPU dropped by 75% from a 30-month high set one year ago, despite the fact the overall number of Oracle software fixes total 334, the highest number of patches in eleven quarters.
“On the surface, the downward trend of Java SE patches would appear to be positive,” Apostolos Giannakidis, Waratek’s security architect, said. “However, several actions taken to fix Java SE vulnerabilities in the July CPU are likely to break the functionality of certain applications. Application owners who apply binary patches should be extremely cautious and thoroughly test their applications before putting patches into production.”
The fix for the most critical Java SE vulnerability in the July CPU – CVE-2018-2938 – removed the vulnerable component (Java database) from the Java development kit. Users that depend on this component must manually obtain the latest Apache Derby artifacts and rebuild their applications.
Waratek said its patch customers are unaffected by this Java development kit component removal and can obtain the virtual patch from Waratek.
In addition, the July CPU release changes the algorithms used in endpoint identification on lightweight directory access protocols. Applications that use LDAP over transport layer security connections may stop functioning properly. “If backwards combability issues arise, Oracle recommends to disable endpoint identification using a new system property. However, by disabling these security checks, attackers can potentially exploit this attack vector,” Waratek suggested.
Waratek listed other highlights in relation to the Oracle July release:
- There are claims by a security researcher on Twitter that more zero-day remote command execution deserialization vulnerabilities reported to Oracle for WebLogic that not fixed in the July CPU.
- The third quarter release patches flaws in Java SE versions 6u191, 7u181, 8u172, and 10.0.1. CVE-2018-2972 affects Java 10 and CVE-2018-2942 affects deployments on Windows.
- Half of the Java SE flaws affect server deployments and half affect client-side deployments. Three quarters of the Java SE vulnerabilities affect a system’s confidentiality and 75% affect system availability.
- This CPU fixes more new deserialization vulnerabilities in the JDK.