NCSC-FI News followup

Daily NCSC-FI news followup 2019-08-23

Fortinet SSL VPN vulnerability from May 2019 being exploited in wild CVE-2018-13379 is being exploited in the wild on Fortigate SSL VPN firewalls. These exist as a perimeter security control, so it’s a bad vulnerability.. Also: Original security advisory (2019-05-24)

Cisco Warns of Public Exploit Code for Critical Switch Flaws Cisco updated the security advisories for three vulnerabilities patched in early August warning customers that its Product Security Incident Response Team (PSIRT) team is aware of public exploit code being available.

Unpatched Squid Servers Exposed to DoS, Code Execution Attacks Multiple versions of the Squid web proxy cache server built with Basic Authentication features are currently vulnerable to code execution and denial-of-service (DoS) attacks triggered by the exploitation of a heap buffer overflow security flaw.

Finding Neutrino Step by step, we have uncovered the whole chain of events and ultimately discovered a large malware campaign ongoing since 2013. Here we will give the details and the whole story, from start to finish.

Emotet Botnet Is Back, Servers Active Across the World Emotet is now one of the top threats, its infrastructure being used to distribute Trickbot, another banking trojan, and then spread the Ryuk ransomware. This combination is dubbed ‘triple threat’ and has affected public administrations in the U.S.

Microsoft launches bug bounty for new Chromium Edge browser, with $30,000 top reward Researchers will need to find a sandbox escape for Microsoft Edge Windows Defender Application Guard to get the top reward.

Steam Patches Vulnerabilities in Beta Version Update Almost 48 hours after security researcher Vasily Kravets (PsiDragon) released his proof of concept (PoC) for a second vulnerability in Steam client for Windows leading to privilege escalation, Valve released a beta update that allegedly fixes the bugs.

Valve says turning away researcher reporting Steam vulnerability was a mistake In an attempt to quell a controversy that has raised the ire of white-hat hackers, the maker of the Steam online game platform said on Thursday it made a mistake when it turned away a researcher who recently reported two separate vulnerabilities.

Facebook Adds Instagram to Data Abuse Bug Bounty Program Facebook has announced an expansion to its bug bounty program covering third-party apps that abuse user data, to include the Instagram ecosystem.

Moscow’s blockchain voting system cracked a month before election French researcher nets $15,000 prize for finding bugs in Moscow’s Ethereum-based voting system.

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards More than 5.3 million new accounts belonging to cardholders from 35 U.S. states.

Employees connect nuclear plant to the internet so they can mine cryptocurrency The Ukrainian Secret Service is investigating the incident as a

Why Deepfake Audio Technology Is a Real Threat to Enterprise Security Symantec has reported three successful audio attacks on private companies that involved a call from the “CEO” to a senior financial officer requesting an urgent money transfer.

THE WIRED GUIDE TO CYBERWAR So far, theres no clearly documented case of a cyberwar attack directly causing loss of life. But a single cyberwar attack has already caused as much as $10 billion dollars in economic damage. Cyberwar has been used to terrorize individual companies and temporarily render entire governments comatose

80 suspects arrested in massive business email scam takedown Police say the mainly-Nigerian network was responsible for the attempted theft of $46 million.

Aviation Faces Increasing Cybersecurity Scrutiny Some aviation experts and security researchers are trying to foster closer alliances for securing airplane networks.. The goal of this hands-on station part of the inaugural Aviation Village at DEF CON 27 earlier this month in Las Vegas was to give white-hat hackers a rare opportunity to learn how on-board airplane electronic devices operate and communicate.

Qualys Launches Free App for IT Asset Discovery and Inventory [VIDEO] Qualys’s Chairman and CEO, Philippe Courtot talks about changes in the security landscape he’s witnessed during the company’s 20-year lifespan, as well as what motivated the vendor to give away its Global IT Asset Discovery and Inventory app for free.

MS: Enabling MFA can prevent 99.9 percent of attacks on your accounts

The first Lightning security key for iPhones is here, and it works with USB-C, too Today, Yubico is releasing the $70 YubiKey 5Ci, the first security key that can plug into your iPhones Lightning port or a USB-C port, and its compatible with popular password vaults LastPass and 1Password out of the box.

VMware buys Carbon Black and Pivotal, valued together at $4.8 billion VMware is acquiring Carbon Black, a cybersecurity company that went public in 2018, the companies announce as part of VMware’s quarterly earnings report.

According to FBI report on 2018 cyber crime, Alaska most targeted per capita. With more than $450 million stolen, sunny California lost more money than any other state, but at 21.67 victims per 10,000 residents, Alaska had the highest per capita victim count.. Across the state, the total number of people targeted by cyber-thieves was 1,606, based on the number of complaints received. Overall, the state’s total losses in 2018 from internet scams was a painful $3.62 million. . Original report [PDF] –

Over a Third of Firms Have Suffered a Cloud Attack The cyber-assessment vendor interviewed 300 attendees at this years Infosecurity Europe show in London in June. It found that while 37% admitted suffering a cloud attack, over a quarter (27%) said they dont know how quickly they could tell if their cloud data has been compromised.. Also: 11% claimed they never run any kind of testing in the cloud, while nearly a fifth (19%) said they only do so annually.

Visa Announces New Payment Security Services to Prevent Fraud Business and financial institutions received a helping hand today when Visa announced a suite of new industry-first payment security services and capabilities to prevent and disrupt payment fraud. The new capabilities are available to Visa clients at no additional cost or signup.

Mastercard Reports Data Breach to German and Belgian DPAs Customer data from the company’s Priceless Specials loyalty program was made available on the Internet, with customers’ names, payment card numbers, email addresses, home addresses, phone numbers, gender, and dates of birth being included in the leaked info.

Should Companies Block Newly Registered Domains? A 2018 study by Farsight Security found that on average, 9.3% of NRDs died in their first seven days, with a median lifetime of just four hours and 16 minutes. The study concluded that the vast majority of these short-lived NRDs were used for cybercrime.. Study [PDF] –

Hong Kong protesters warn of Telegram feature that can disclose their identities Hong Kong software engineers say the discovered issue can allow a threat actor, such as Chinese law enforcement or intelligence services, to obtain the phone numbers users utilized to register a Telegram account, which authorities can then track down to protesters’ real-world identities.. Hong Kong users have started sharing a message on a popular local forum about what they called a bug in the Telegram app that can allow a threat actor to unmask their phone number, even when this setting is on “Nobody.”

Lenovo High-Severity Bug Found in Pre-Installed Software A vulnerability reported in Lenovo Solution Center version 03.12.003,

US GOV: FISMA Annual Report to Congress The report highlights government-wide cybersecurity programs and initiatives, and agencies progress to enhance federal cybersecurity over the past year and into the future. Notably, in FY 2018, agencies reported 31,107 incidents, a 12 percent decrease from FY 2017.

Attacking Microsoft SQL Servers with malicious jobs

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.