New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices.
After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and Meltdown variations surfaced again and again.

Read more

Top 5 Security News

Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003

Severe Linux kernel flaw found in RDS

Thrangrycat

Security Updates Released for Adobe Flash Player, Reader, and Media Encoder

WhatsApp flaw used to install spyware by simply calling the target

New Initiative Aims to Fast-Track Women into Cybersecurity Careers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A new professional development initiative will give 100 women the opportunity to revamp their careers and prepare for new roles in cybersecurity in only 100 days…

Read more

 

Top 5 Security News

What’s Behind the Wolters Kluwer Tax Outage?

Avoid a Security Endgame: Learn About the Latest “Avengers” Scam

Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeove

Turla LightNeuron: An email too far

Hackers steal US$41 million worth of Bitcoin from cryptocurrency exchange

Image by Gerd Altmann from Pixabay

Windows Zero-Day Emerges in Active Exploits

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

A just-patched vulnerability in the Windows operating system that was previously unknown up until last week is being actively exploited in the wild; it opens the door for full system takeover.

Discovered by Vasily Berdnikov and Boris Larin of Kaspersky Lab on St. Patrick’s Day this year, the flaw (CVE-2019-0859) is a use-after-free issue in the Windows kernel that allows local privilege escalation (LPE). It’s being used in advanced persistent threat (APT) campaigns, the researchers said, targeting 64-bit versions of Windows (from Windows 7 to older builds of Windows 10).

Read more

Top 5 Security News

This DDoS Attack Unleashed the Most Packets Per Second Ever. Here’s Why That’s Important.

DNS Hijacking Abuses Trust In Core Internet Service

OEM Presentation Platform Vulnerabilities

TinyPOS: Handcrafted Malware in Assembly Code

World Password Day – what (NOT!) to do

The strengths and weaknesses of different VPN protocols

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

VPN history starts back in 1996, when a Microsoft employee started developing the Peer to Peer Tunneling Protocol (PPTP).  In 1999, the specification was published.

Since then, VPN protocol technology has evolved and, at the moment, there are five widely used VPN protocols.

A breakdown of these five VPN protocols complete with their pros and cons is key to understanding VPN protocols in depth.

Read more

Top 5 Security News

‘Highly Critical’ Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

DNS over HTTPS is coming whether ISPs and governments like it or not

‘Karkoff’ Is the New ‘DNSpionage’ With Selective Targeting Strategy

Source Code for CARBANAK Banking Malware Found On VirusTotal

Britain ‘Approves’ Huawei role in building ‘non-core’ parts for 5G Network

Image by Stefan Coders from Pixabay

 

Microsoft confirms Outlook.com and Hotmail accounts were breached

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Between 1 January and 28 March this year hackers were able to access a “limited number” of consumer Outlook.com, Hotmail and MSN Mail email accounts, Microsoft has confirmed.

Read more

 

Top 5 Security News

Creator of Hub for Stolen Credit Cards Sentenced to 90 Months

Wipro Intruders Targeted Other Major IT Firms

Facebook: Yeah, we hoovered up 1.5 million email address books without permission. But it was an accident!

Weather Channel Knocked Off-Air in Dangerous Precedent

Are our infrastructures secure?

Photo by rawpixel.com from Pexels

Bug-hunters punch huge holes in WPA3 standard for Wi-Fi security

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Researchers have detailed a set of side-channel and downgrade attacks that potentially allow an attacker to compromise Wi-Fi networks equipped with WPA3 protection.

Read more

 

Top 5 Security News

WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited

Google launches new security tools for G Suite users

Credential-stuffing attacks behind 30 billion login attempts in 2018

Android 7.0+ Phones Can Now Double as Google Security Keys

The right way to do AI in security

540 Million Facebook User Records Found On Unprotected Amazon Servers

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

It’s been a bad week for Facebook users.
First, the social media company was caught asking some of its new users to share passwords for their registered email accounts and now…

…the bad week gets worse with a new privacy breach.

More than half a billion records of millions of Facebook users have been found exposed on unprotected Amazon cloud servers.
The exposed datasets do not directly come from Facebook; instead, they were collected and unsecurely stored online by third-party Facebook app developers.

Read more

 

Top 5 Security News

Nvidia Fixes 8 High-Severity Flaws Allowing DoS, Code Execution

CARPE (DIEM): CVE-2019-0211 Apache Root Privilege Escalation

Windows 10 Insider Build 18362.30 Released to Fix Boot Breaking Bug

Cisco Fixed Routers Vulnerabilities that Allows Hackers to Run Remote Code with Root Access

Privacy Is Just the First Step, the Goal Is Data Ownership

Broken Piggybank

Norsk Hydro lose more than NOK 300-350 millions in a week after attack

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

There’s not much news about what happened last week when Norsk Hydro was attacked by unknown cyber criminals on March 19, but the estimated costs is around NOK 300-350 million. While we don’t know exactly what happened it is confirmed that this was a ransomware virus spreading in their system, encrypting files and taking down critical systems. The ransomware in question is LockerGoga, and was officially first seen in January this year. It is unknown exactly how the virus was introduced in to Hydros systems, as the have not identified any phising-emails.

When LockerGoga has infected a system, it locks out all users from the system it just infected, and starts encrypting files. This means that it can be hard for users to even see the ransom-note that pops up on the desktop. LockerGoga also does not have any instructions on how to pay the ransom, but rather instructs the system-owner to make contact for payment and amount through email addresses.
So far this attack raises a lot of questions, as the modus operandi has never been seen before, with very sophisticated attacking capabilities and no clear agenda.
You can read more about the attack and LockerGoga on threatpost

Top 5 Security News

Change your Facebook password now!

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Oh, feet of clay!

Facebook has just admitted that it has found many places – hundreds of millions of places, maybe – where it saved users’ passwords to disk in raw, unencrypted form.

In jargon terms, they’re known as plaintext passwords and it means that instead of seeing a password scrambled into a hashed form such as 379f153­1753a7c43­ab4f4faace­212451, anyone looking at the stored data will see the actual password, right there, just like that.

Like that: 123456789, or that: mypassword99, or that: jw45X$/­6FsT8.

Read more

Top 5 Security News

Why phone numbers stink as identity proof

The European Copyright Directive: What Is It, and Why Has It Drawn More Controversy Than Any Other Directive In EU History?

Extracting bitlocker keys from a TPM

Norwegian phones sent personal information to China

Hackers take down Safari, Vmware and Oracle at Pwn2Own

Flaw in popular PDF creation library enabled remote code execution

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

This blog post is a summary of this week’s Information Security News put together by our Security Incident Response Team (SIRT).

Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers.

You can interact with Docker via the terminal and also via remote API. The Docker remote API is a great way to control your remote Docker host, including automating the deployment process, control and get the state of your containers, and more. With this great power comes a great risk — if the control gets into the wrong hands, your entire network can be in danger.

Read more

Top 5 Security News

Backdoored GitHub accounts spewed secret sneakerbot software

RSAC 2019: TLS Markets Flourish on the Dark Web

Web Authentication: What It Is and What It Means for Passwords

Google Discloses Unpatched ‘High-Severity’ Flaw in Apple macOS Kernel

How To Spoof PDF Signatures