This week in infosec was full of compromised data, vulnerabilities, and patches to match. With apple’s big flaw leaving Mac’s exposed to easy hacking it reminds us that critical flaws can pop up at any moment, requiring swift response.
- Imgur Confirms 2014 Breach of 1.7 Million User Accounts
“Popular image sharing community Imgur said last week it was the victim of a data breach in 2014 that exposed 1.7 million user accounts. In a breach notice posted to its website last Friday, the company said users are being notified via email that they must update their passwords immediately.”
- Scarab Ransomware Uses Necurs to Spread to Millions of Inboxes
“First spotted on November 23, the Scarab ransomware is being sent primarily to .com addresses, followed by co.uk inboxes. It was sent to 12.5 million email addresses in the first four hours alone, according to Forcepoint.”
- Newly Published Exploit Code Used to Spread Mirai Variant
“Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in botnet activity associated with a variant of Mirai. Targeted are ports 23 and 2323 on internet-connected devices made by ZyXEL Communications that are using default admin/CenturyL1nk and admin/QwestM0dem telnet credentials.”
- Hackers are exploiting Microsoft Word vulnerability to take control of PCs
“ Hackers are using a recently disclosed Microsoft Office vulnerability to distribute backdoor malware capable of controlling an infected system, providing attackers with the ability to extract files, execute commands and more.”
- No Patch Available for RCE Bug Affecting Half of the Internet’s Email Servers
“A critical remote code execution flaw affects over half of the Internet’s email servers, and there’s no fix for it available, just yet.
The bug is a vulnerability in Exim, a mail transfer agent (MTA), which is software that runs on email servers and that relays emails from senders to recipients.”
- Several Vulnerabilities Patched in PowerDNS
“Updates released for the authoritative nameserver and recursive nameserver components of PowerDNS patch several vulnerabilities that can be exploited for denial-of-service (DoS) attacks, records manipulation, modifying configurations, and cross-site scripting (XSS) attacks.”
- Critical Code Execution Flaw Found in Exim
“Serious vulnerabilities that can be exploited for remote code execution and denial-of-service (DoS) attacks have been found in the popular mail transfer agent (MTA) software Exim.”
- Cybersecurity: Fighting a Threat That Causes $450B of Damage Each Year
“With recent high profile hacks of companies such as Uber, Equifax, and HBO, it’s safe to say that cybersecurity is already top of mind for many of the world’s biggest companies.“
- Big Apple Flaw Allows Root Access to Macs without Password
“Mac users and administrators need to be on the lookout for compromised machines after a security researcher disclosed late yesterday a big flaw in Apple’s macOS High Sierra platform that allows for password-less logins to root accounts. Publicly disclosed by software engineer Lemi Orhan Ergin via Twitter, the flaw allows someone with physical access to the machine to log in as “root” by leaving the password field empty in a System Preferences unlock screen.”
- Conference Calls a ‘Significant & Overlooked’ Security Gap in the Enterprise
Conference calls present a significant and overlooked security gap in the enterprise, according to a new research study from LoopUp.
- Recently Patched Dnsmasq Flaws Affect Siemens Industrial Devices
“Some of the vulnerabilities discovered recently by Google researchers in the Dnsmasq network services software affect several Siemens SCALANCE industrial communications products.”
- Cisco Patches Critical WebEx Vulnerabilities
“Updates released by Cisco for components of its online meetings and video conferencing platform WebEx patch nearly a dozen vulnerabilities, including critical flaws that can be exploited for remote code execution.”
- Patch for macOS Root Access Flaw Breaks File Sharing
“The patch released by Apple on Wednesday for a critical root access vulnerability affecting macOS High Sierra appears to break the operating system’s file sharing functionality in some cases. The company has provided an easy fix for affected users.”
- First US Federal CISO Shares Security Lessons Learned
“Greg Touhill’s advice for security leaders includes knowing the value of information, hardening their workforce, and prioritizing security by design.”
- Why it’s great news that cyber insurance is becoming more popular
“It’s not really in our nature to love competition. In fact, it’s complete animal instinct to want there to be no competition at all. This applies to business, relationships and basically every other form of human interaction. Nobody wants to compete. So you can imagine how a growth in businesses taking out cyber insurance (and therefore business insurance) could be a little concerning to certain people in the digital sphere.”
- New-But-Old US Bill Introduces Prison Time for Execs Who Conceal Data Breaches
“Three US senators have introduced a bill on Thursday that will make it mandatory for companies to report breaches to customers within 30 days, but also carries fines and possible prison time for execs who conceal breaches from users and authorities.”
- National Credit Federation leaked US citizen data through unsecured AWS bucket
“The National Credit Federation (NCF) has become the latest in a long list of companies to leave the sensitive, private data of customers exposed for all to see online.
According to Chris Vickery, UpGuard Director of Cyber Risk Research, the Tampa, Florida-based credit repair firm left 111GB of internal customer information on an Amazon Web Services S3 cloud storage bucket configured to allow public access without restriction.”
- Siemens Patches Several Flaws in Teleprotection Devices
“Siemens has patched several vulnerabilities, including authentication bypass and denial-of-service (DoS) flaws, in its SWT 3000 teleprotection devices.
The SWT 3000 teleprotection devices are designed for quickly identifying and isolating faults in high-voltage power grids. This Siemens product is used in the energy sector worldwide.”