Weekly InfoSec Roundup 12/01/17

Friday, December 1st, 2017 | by

This week in InfoSec we saw compromised data, vulnerabilities, and patches to match. With Apple’s big flaw leaving Mac’s exposed to easy hacking reminding us that critical flaws can pop up at any moment, requiring swift response. We also highlight the case study of a Fortune500 financial services firm that is using Brinqa Threat & Vulnerability Management to identify and secure their crown jewels.

 

  • Imgur Confirms 2014 Breach of 1.7 Million User Accounts
  • “Popular image sharing community Imgur said last week it was the victim of a data breach in 2014 that exposed 1.7 million user accounts. In a breach notice posted to its website last Friday, the company said users are being notified via email that they must update their passwords immediately.”
    Read More
     

  • Scarab Ransomware Uses Necurs to Spread to Millions of Inboxes
  • “First spotted on November 23, the Scarab ransomware is being sent primarily to .com addresses, followed by co.uk inboxes. It was sent to 12.5 million email addresses in the first four hours alone, according to Forcepoint.”
    Read More
     

  • Newly Published Exploit Code Used to Spread Mirai Variant
  • “Microsoft engineers appear to have manually patched a 17 year-old vulnerability in Office, instead of altering the source code of the vulnerable component, ACROS Security researchers say.”
    Read More
     

  • Researcher Finds Hole in Windows ASLR Security Defense
  • “Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in botnet activity associated with a variant of Mirai. Targeted are ports 23 and 2323 on internet-connected devices made by ZyXEL Communications that are using default admin/CenturyL1nk and admin/QwestM0dem telnet credentials.”
    Read More
     

  • Hackers are exploiting Microsoft Word vulnerability to take control of PCs
  • “Hackers are using a recently disclosed Microsoft Office vulnerability to distribute backdoor malware capable of controlling an infected system, providing attackers with the ability to extract files, execute commands and more.”
    Read More
     

  • No Patch Available for RCE Bug Affecting Half of the Internet’s Email Servers
  • “A critical remote code execution flaw affects over half of the Internet’s email servers, and there’s no fix for it available, just yet.The bug is a vulnerability in Exim, a mail transfer agent (MTA), which is software that runs on email servers and that relays emails from senders to recipients.”
    Read More
     

  • Several Vulnerabilities Patched in PowerDNS
  • “Updates released for the authoritative nameserver and recursive nameserver components of PowerDNS patch several vulnerabilities that can be exploited for denial-of-service (DoS) attacks, records manipulation, modifying configurations, and cross-site scripting (XSS) attacks.”
    Read More
     

  • Critical Code Execution Flaw Found in Exim
  • “Serious vulnerabilities that can be exploited for remote code execution and denial-of-service (DoS) attacks have been found in the popular mail transfer agent (MTA) software Exim.”
    Read More
     

  • Cybersecurity: Fighting a Threat That Causes $450B of Damage Each Year
  • “With recent high profile hacks of companies such as Uber, Equifax, and HBO, it’s safe to say that cybersecurity is already top of mind for many of the world’s biggest companies.“
    Read More
     

  • Big Apple Flaw Allows Root Access to Macs without Password
  • “Mac users and administrators need to be on the lookout for compromised machines after a security researcher disclosed late yesterday a big flaw in Apple’s macOS High Sierra platform that allows for password-less logins to root accounts. Publicly disclosed by software engineer Lemi Orhan Ergin via Twitter, the flaw allows someone with physical access to the machine to log in as “root” by leaving the password field empty in a System Preferences unlock screen.”
    Read More
     

  • Big Apple Flaw Allows Root Access to Macs without Password
  • “With recent high profile hacks of companies such as Uber, Equifax, and HBO, it’s safe to say that cybersecurity is already top of mind for many of the world’s biggest companies.“
    Read More
     

  • Conference Calls a ‘Significant & Overlooked’ Security Gap in the Enterprise
  • Conference calls present a significant and overlooked security gap in the enterprise, according to a new research study from LoopUp.
    Read More
     

  • Recently Patched Dnsmasq Flaws Affect Siemens Industrial Devices
  • “Some of the vulnerabilities discovered recently by Google researchers in the Dnsmasq network services software affect several Siemens SCALANCE industrial communications products.”
    Read More
     

  • Cisco Patches Critical WebEx Vulnerabilities
  • “Updates released by Cisco for components of its online meetings and video conferencing platform WebEx patch nearly a dozen vulnerabilities, including critical flaws that can be exploited for remote code execution.”
    Read More
     

  • Patch for macOS Root Access Flaw Breaks File Sharing
  • “The patch released by Apple on Wednesday for a critical root access vulnerability affecting macOS High Sierra appears to break the operating system’s file sharing functionality in some cases. The company has provided an easy fix for affected users.”
    Read More
     

  • First US Federal CISO Shares Security Lessons Learned
  • “Greg Touhill’s advice for security leaders includes knowing the value of information, hardening their workforce, and prioritizing security by design.”
    Read More
     

  • Why it’s great news that cyber insurance is becoming more popular
  • “It’s not really in our nature to love competition. In fact, it’s complete animal instinct to want there to be no competition at all. This applies to business, relationships and basically every other form of human interaction. Nobody wants to compete. So you can imagine how a growth in businesses taking out cyber insurance (and therefore business insurance) could be a little concerning to certain people in the digital sphere.”
    Read More
     

  • New-But-Old US Bill Introduces Prison Time for Execs Who Conceal Data Breaches
  • “Three US senators have introduced a bill on Thursday that will make it mandatory for companies to report breaches to customers within 30 days, but also carries fines and possible prison time for execs who conceal breaches from users and authorities.”
    Read More
     

  • National Credit Federation leaked US citizen data through unsecured AWS bucket
  • “The National Credit Federation (NCF) has become the latest in a long list of companies to leave the sensitive, private data of customers exposed for all to see online. According to Chris Vickery, UpGuard Director of Cyber Risk Research, the Tampa, Florida-based credit repair firm left 111GB of internal customer information on an Amazon Web Services S3 cloud storage bucket configured to allow public access without restriction.”
    Read More
     

  • Siemens Patches Several Flaws in Teleprotection Devices
  • “Siemens has patched several vulnerabilities, including authentication bypass and denial-of-service (DoS) flaws, in its SWT 3000 teleprotection devices.The SWT 3000 teleprotection devices are designed for quickly identifying and isolating faults in high-voltage power grids. This Siemens product is used in the energy sector worldwide.”
    Read More
     

  • Brinqa Case Study : Fortune500 Financial Services
  • In this case study we discuss how a Fortune 500 Financial Services firm used Brinqa Threat & Vulnerability Management to improve the security of their ‘crown jewels’ – the applications and technology assets supporting the most critical business processes.

    “With the Brinqa Risk Platform we were quickly able to establish the business criticality and impact of our technology assets. We developed and implemented a remediation strategy with this insight, initially focusing our remediation efforts on our crown jewels and moving down the priority list, establishing a context-aware security baseline across the enterprise.”
    Read More
     


About

Director of Product Management at Brinqa — Passionate about design, travel and good food. When not working can be found hiking, snowboarding or exploring the wonderful city of San Francisco.
More posts by Syed Abdur