Updated: Feb 26, 2021
This week in cyber security is another filled with attacks on high-profile companies. In this week's digest we look into the attack on Kia Motors America and the new malicious adware application specifically targeting Apple’s new M1 SoC . Keep reading to find out about some of the biggest cyber security stories this week.
Agora is used by several apps such as eHarmony, Plenty of Fish and MeetMe. The McAfee Advanced Threat Research Team found the vulnerability. Attackers could have used the flaw to launch man-in-the-middle attacks to intercept communication between two parties. Researchers said, "Agora's SDK implementation did not allow applications to securely configure the setup of video/audio encryption, thereby leaving a potential for hackers to snoop on them," however, there is no evidence that the vulnerability has been exploited in the wild.
Sandword is an elite Russian-sponsored cyberespionage group active for at least two decades. The intrusion campaign breached "several French entities" and is said to have started in late 2017 and lasted until 2020, with the attacks particularly impacting web hosting providers. However, Centreon says that none of its customers were affected by the attacks. The affected organizations used an obsolete and free version of its software released in 2014, which has been unsupported for five years.