02-06-202104-06-2021

Security daily (03-06-2021)

White House executive order further restricts investments in Chinese surveillance technology

President Joe Biden on Thursday signed an executive order that expands restrictions on U.S. investments in the Chinese defense sector and takes aim at the export of Chinese surveillance technologies. Building on a Trump administration order, the new directive expands to 59 the list of Chinese companies that Americans are barred from investing in. The order, the White House said, will also give U.S. officials greater leeway in addressing the threat of Chinese surveillance technology that is used to repress religious or ethnic groups inside and outside of China. The directive allows the U.S. “to prohibit – in a targeted and scoped manner – U.S. investments in Chinese companies that undermine the security or democratic values of the United States and our allies,” the White House said in a statement. Several Chinese technology firms have been implicated in the Chinese government’s mass detention of Uyghurs, a mostly Muslim minority group whose […] The post White House executive order further restricts investments in Chinese surveillance technology appeared first on CyberScoop. (CyberScoop)

Justice Department orders prosecutors to more closely track ransomware, share case information

The Justice Department has required federal prosecutors across the U.S. to more closely track ransomware cases and notify department officials of key developments in the prosecution of hackers. It’s a move that, in the wake of ransomware attacks on key U.S. distributors of fuel and meat, elevates the fight against ransomware as a top priority for the government’s law enforcement division. The goal is to have a clearer view of extortion attempts occurring in every state, and any progress that’s being made in tracking down the perpetrators. A memo that Deputy Attorney General Lisa Monaco sent to U.S. Attorneys offices on Thursday requires the offices to notify senior department officials in Washington whenever they learn of a new ransomware attack in their district. Such “urgent reports,” for example, should cover ransomware incidents affecting critical infrastructure or a municipal government — something that happens regularly. “To ensure we can make necessary […] The post Justice Department orders prosecutors to more closely track ransomware, share case information appeared first on CyberScoop. (CyberScoop)

Fujifilm shuts down computer systems following apparent ransomware intrusion

Fujifilm Corp. has shut down part of its computer network and “disconnected from external correspondence” in the face of a possible ransomware attack, the Japanese electronics giant said Wednesday. In a brief statement, Fujifilm said that it became aware of the security issue late Tuesday and that it has “taken measures to suspend all affected systems in coordination with our various global entities.” The company said it was still “working to determine the extent and the scale of the issue.” Fujifilm is just the latest multinational company to be hamstrung by ransomware. JBS, the world’s largest beef producer, had to temporarily shut down facilities in Colorado, Canada and Australia following a ransomware hack. Perhaps best known for its photography equipment, Fujifilm also makes a range of medical products such as CT Scan and Xray devices. The company reported more than $20 billion in revenue last year and has offices around […] The post Fujifilm shuts down computer systems following apparent ransomware intrusion appeared first on CyberScoop. (CyberScoop)

First major voting vendor, Hart InterCivic, partners with Microsoft on ambitious software security tool ElectionGuard

The ElectionGuard technology that Microsoft touts as a way to make elections more secure and verifiable is taking its biggest step yet: Hart InterCivic, one of the big three election vendors, says it will incorporate ElectionGuard into one of its voting systems. The ElectionGuard open-source software development kit gives voters a unique code to track their encrypted vote and confirm it wasn’t manipulated, and it offers a way for third parties to validate election results, according to Microsoft. The two companies jointly announced the partnership on Thursday. Hart InterCivic is the biggest partner to date for ElectionGuard, as one of three vendors — alongside Election Systems & Software and Dominion Voting Systems — that dominate the marketplace for voting machine technology. “We believe we must constantly re-imagine how technology can make voting more secure and also more transparent, and this partnership with Microsoft is a strong step in that direction,” […] The post First major voting vendor, Hart InterCivic, partners with Microsoft on ambitious software security tool ElectionGuard appeared first on CyberScoop. (CyberScoop)

A Supreme Court ruling limits the reach of a landmark hacking law

The Supreme Court issued a 6-3 ruling Thursday determining that improper use of a computer system by someone allowed to use it does not fall under the Computer Fraud and Abuse Act, the nation’s landmark hacking law. The ruling is a significant step in limiting the bounds of the law, which critics have long blasted as overly broad. It’s the first time the court has ruled on a case involving the decades-old hacking statute. The case in question involved former Georgia police officer Nathan Van Buren, who was accused of looking up license plate data in a law enforcement database in exchange for bribes. The prosecution argued that Van Buren’s use exceeded “authorized access,” putting him in violation of the Computer Fraud and Abuse Act. Such an interpretation “would attach criminal penalties to a breathtaking amount of commonplace computer activity,” Justice Amy Coney Barrett, who authored the majority opinion, wrote. […] The post A Supreme Court ruling limits the reach of a landmark hacking law appeared first on CyberScoop. (CyberScoop)

S3 Ep35: Apple chip flaw, Have I Been Pwned, and Covid tracker trouble [Podcast]

Latest episode - listen now! (Naked Security)

Check Out This Great RCE PoC Walkthrough For The VMware ESXi OpenSLP Heap Overflow Vulnerability

(News ≈ Packet Storm)

White House Warns Companies To Step Up Cybersecurity

(News ≈ Packet Storm)

Norton Antivirus Adds Ethereum Cryptocurrency Mining

(News ≈ Packet Storm)

Necro Python Bot Revamped With New VMWare Server Exploits

(News ≈ Packet Storm)

Attack On Meat Supplier Came From REvil, Ransomware's Most Cut Throat Gang

(News ≈ Packet Storm)

Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities

New upgrades have been made to a Python-based "self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different command-and-control (C2) communications and the (The Hacker News)

The Vulnerabilities of the Past Are the Vulnerabilities of the Future

Major software vulnerabilities are a fact of life, as illustrated by the fact that Microsoft has patched between 55 and 110 vulnerabilities each month this year – with 7% to 17% of those vulnerabilities being critical. May had the fewest vulnerabilities, with a total of 55 and only four considered critical. The problem is that the critical vulnerabilities are things we have seen for many years, (The Hacker News)

Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module

A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an adversary could abuse to gain elevated privileges on a device and hijack wireless communications. "Successful exploitation would lead to complete control of the Wi-Fi module and potential root access on the OS (such as Linux or Android) of the embedded device that uses this module," researchers (The Hacker News)

‘Battle for the Galaxy’ Mobile Game Leaks 6M Gamer Profiles

Unprotected server exposes AMT Games user data containing user emails and purchase information. (Threatpost)

Google PPC Ads Used to Deliver Infostealers

The crooks pay top dollar for Google search results for the popular AnyDesk, Dropbox & Telegram apps that lead to a malicious, infostealer-packed website. (Threatpost)

Exchange Servers Targeted by ‘Epsilon Red’ Malware

REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. (Threatpost)

Then and Now: Securing Privileged Access Within Healthcare Orgs

Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, discusses best practices for securing healthcare data against the modern threat landscape. (Threatpost)

02-06-202104-06-2021

/security-daily/ 04-06-2021 23:44:23