Don’t let encrypted messaging become a hollow promise

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Why do we care about encryption? Why was it a big deal, at least in theory, when Mark Zuckerberg announced earlier this year that Facebook would move to end-to-end encryption on all three of its messaging platforms? We don’t just support encryption for its own sake. We fight for it because encryption is one of the most powerful tools individuals have for maintaining their digital privacy and security in an increasingly insecure world.

Read more

Top 5 Security News

Your Android Phone Can Get Hacked Just By Playing This Video

Apple bleee. Everyone knows What Happens on Your iPhone

EvilGnome – Linux malware aimed at your laptop, not your servers

Citrix Confirms Password-Spraying Heist of Reams of Internal IP

New IPS Architecture Uses Network Flow Data for Analysis

OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

In recent years, several groups of cybersecurity researchers have disclosed dozens of memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre, and Meltdown.

Have you ever noticed they all had at least one thing in common?

That’s OpenSSH.

Read more

Top 5 Security News

How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today

VLC media player gets biggest security update ever

Newly-Discovered Malware Targets Unpatched MacOS Flaw

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Tracing the Supply Chain Attack on Android

image showing kernel panic text

SACK Panic kernel bug discovered by Netflix

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Engineers at Netflix discovered three new vulnerabilities in Linux and FreeBSD kernels specific to its TCP networking implementation.

The Vulnerabilities can be used by an adversary to perform a Denial Of Service (DOS) attack against Linux and FreeBSD machines, and Redhat classifies one of them as Important and the rest as moderate. CVE-2019-11477 is the most critical of the four, and has been dubbed SACK panic since the bug is located in the way Linux kernel Selective Acknowledgment (SACK) capabilities. This vulnerability can lead to a Linux host ending in a complete kernel panic, effectively stopping all services running on that host. This vulnerability affects all Linux kernel versions from 2.6.29 and up.
All major Linux vendors have released patches for the Vulnerabilities and we strongly urge people to apply the patches as soon as they can. There are also workaround for those systems where patching is not an option, but these can lead to loss in performance.
You can read a more detailed explanation here.

 

Top 5 Security News

RAMBleed, a new side-channel attack enables attackers to read memory not belonging to them

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A new side-channel attack that enables an attacker to read out physical memory belonging to other processes, named RAMBleed, is published.

RAMBleed, based on a previous side channel called Rowhammer, violates arbitrary privilege boundaries. The implications of this is numerous, and vary in severity based on the other software running on the target machine. The researchers demonstrated an attack against OpenSSH in which they used RAMBleed to leak a 2048 bit RSA key, but the exploit can read other data as well.

“It is widely assumed however, that bit flips within the adversary’s own private memory have no security implications, as the attacker can already modify its private memory via regular write operations. We demonstrate that this assumption is incorrect, by employing Rowhammer as a read side channel.” reads the research paper. “More specifically, we show how an unprivileged attacker can exploit the data dependence between Rowhammer induced bit flips and the bits in nearby rows to deduce these bits, including values belonging to other processes and the kernel.”

Read more

Top 5 Security News

Malformed Certs make DoS on any Windows servers possible

GoldBrute bot-net brute forcing 1.5 million RDP servers

Arbitrary OS command execution vulnerability found in VIM and Neovim

The Return of the WIZard: RCE in Exim (CVE-2019-10149)

BSides Oslo 2019 conference videos published on YouTube

2.3B Files Exposed in a Year: A New Record for Misconfigs

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Amazon S3 cloud bucket misconfigurations however have dropped dramatically.

The last 12 months has seen the exposure of a record 2.3 billion files across cloud databases and online shares, according to an analysis released on Thursday.

A report from Digital Shadows’ Photon Research Team, Too Much Information: The Sequel, assessed the scale of inadvertent global data exposure. The 2.3 billion number represents an increase of more than 750 million files since 2018 – a more than a 50 percent annual increase.

The team’s research revealed that about half of the customer data, (1.071 billion files, including personal demographic information, passport scans and bank statements, job applications, personal photos, credentials for business networks and more) was exposed via the Server Message Block (SMB) protocol – a technology for sharing files first designed in 1983.

Read more

Top 5 Security News

A million devices still vulnerable to ‘wormable’ RDP hole

WordPress Slick Popup Plugin Contains Vulnerable Support Backdoor

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

AI, the Mandatory Element of 5G Mobile Security

HiddenWasp Malware Stings Targeted Linux Systems

Secretary General gives keynote speech on NATO’s adaption to cyber threats

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

“Cyber attacks are becoming more frequent, more complex and more destructive. From low-level attempts to technologically sophisticated attacks. They come from states, and non-state actors. From close to home and from very far away. And they affect each and every one of us.” said the NATO Secretary General Jens Stoltenberg at the Cyber Defence Pledge Conference, London yesterday.

Read more

 

Top 5 Security News

UK provided evidence to 16 NATO allies of Russia hacking campaigns

Core Elastic Stack Security Features Now Available For Free Users As Well

Google Stored G Suite Users’ Passwords in Plain-Text for 14 Years

Hacker Disclosed 4 New Microsoft Zero-Day Exploits in Last 24 Hours

Tor Browser for Android is available through the Play Store

 

 

New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices.
After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and Meltdown variations surfaced again and again.

Read more

Top 5 Security News

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Severe Linux kernel flaw found in RDS

Thrangrycat

Security Updates Released for Adobe Flash Player, Reader, and Media Encoder

WhatsApp flaw used to install spyware by simply calling the target

New Initiative Aims to Fast-Track Women into Cybersecurity Careers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A new professional development initiative will give 100 women the opportunity to revamp their careers and prepare for new roles in cybersecurity in only 100 days…

Read more

 

Top 5 Security News

What’s Behind the Wolters Kluwer Tax Outage?

Avoid a Security Endgame: Learn About the Latest “Avengers” Scam

Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeove

Turla LightNeuron: An email too far

Hackers steal US$41 million worth of Bitcoin from cryptocurrency exchange

Image by Gerd Altmann from Pixabay

Windows Zero-Day Emerges in Active Exploits

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover.

Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE). It’s being used in advanced persistent threat (APT) campaigns, the researchers said, targeting 64-bit versions of Windows (from Windows 7 to older builds of Windows 10).

Read more

Top 5 Security News

This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important.

DNS Hijacking Abuses Trust In Core Internet Service

OEM Presentation Platform Vulnerabilities

TinyPOS: Handcrafted Malware in Assembly Code

World Password Day – what (NOT!) to do

The strengths and weaknesses of different VPN protocols

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

VPN history starts back in 1996, when a Microsoft employee started developing the Peer to Peer Tunneling Protocol (PPTP).  In 1999, the specification was published.

Since then, VPN protocol technology has evolved and, at the moment, there are five widely used VPN protocols.

A breakdown of these five VPN protocols complete with their pros and cons is key to understanding VPN protocols in depth.

Read more

Top 5 Security News

‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

DNS over HTTPS is coming whether ISPs and governments like it or not

‘Karkoff’ Is the New ‘DNSpionage’ With Selective Targeting Strategy

Source Code for CARBANAK Banking Malware Found On VirusTotal

Britain ‘Approves’ Huawei role in building ‘non-core’ parts for 5G Network

Image by Stefan Coders from Pixabay