15-06-202017-06-2020

Security daily (16-06-2020)

Wyden seeks details on spies' data protection after scathing CIA audit on Vault 7 leaks

A senator with insight into the way U.S. intelligence agencies conduct espionage wants to know if American spies are protecting their secrets in a way that prevents intruders from stealing information that’s crucial to national security. In a letter sent Tuesday to the director of national intelligence, Sen. Ron Wyden, D-Ore., asked for more information about what he described as “widespread security problems across the intelligence community.”  Wyden was referencing, in part, an internal Central Intelligence Agency audit that described “longstanding imbalances and lapses” in data protection before WikiLeaks published secret U.S. hacking tools, known as the Vault 7 files, starting in 2017. The October 2017 audit encouraged the CIA to view the audit’s findings as “a wake-up call” and “an opportunity” to “reorient how we view risk.” Now, Wyden is asking Director of National Intelligence John Ratcliffe about whether known vulnerabilities still exist. The intelligence community “is still lagging […] The post Wyden seeks details on spies' data protection after scathing CIA audit on Vault 7 leaks appeared first on CyberScoop. (CyberScoop)

No, that wasn't a DDoS attack, just a cellular outage

If Anonymous actually knows about a cyberattack that knocked telecommunications services throughout the U.S. offline Monday, then its members aren’t saying much. A Twitter account claiming to be attached to the once formidable hacking group on Monday stated, without evidence, that the U.S. was enduring a distributed denial-of-service attack, perhaps from China. The tweets, sent by the @YourAnonCentral account to its 6.5 million followers, coincided with outages for T-Mobile customers in multiple cities. Two messages claiming a DDoS attack was underway had received more than 17,000 retweets by press time, while other Anonymous accounts also amplified the allegations without providing any additional insight. Neville Ray, chief technology officer at T-Mobile, said Tuesday that the company had fixed the issues. Security experts quickly pinned the issue on T-Mobile network configuration issues which resulted in the hours of downtime for customers, rather than a malicious DDoS meant to knock services offline by […] The post No, that wasn't a DDoS attack, just a cellular outage appeared first on CyberScoop. (CyberScoop)

‘Ripple’ effect: Flaws found in protocols impact everything from printers to infusion pumps

Treck Inc. may be one of the most important software companies you’ve never heard of. Engineers at the Cincinnati-based company build networking protocols that end up in everything from HP printers to medical devices made by Baxter International, a Fortune 500 company. That core software, however, contains no less than 19 vulnerabilities, at least two of which could let hackers remotely commandeer devices running the code. That was the verdict made public on Tuesday by researchers from Jerusalem-based security company JSOF after months of studying Treck’s code. The discovery highlights how obscure companies can have an outsize impact on the supply chain security of software products around the world. It also shows how painstaking the act of locating and patching vulnerable devices can be. The further that JSOF researchers dug, the more devices they found running the Treck software. The footprint of devices grew so big that JSOF called in Forescout […] The post ‘Ripple’ effect: Flaws found in protocols impact everything from printers to infusion pumps appeared first on CyberScoop. (CyberScoop)

Prioritize alerts and jump-start your investigations with Recorded Future’s free browser extension. Sign up now.

Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support! Drowning in alerts from many different sources and systems? Spending too much valuable time researching potential threats and vulnerabilities? You need Recorded Future Express, a new browser extension from the experts at […] (Graham Cluley)

Credit-card skimming malware hit websites as Coronavirus lockdown forced retailers to close high street stores

On March 20th, the Claire’s accessories retail chain beloved by young girls around the world made the sensible decision to close all of its physical stores in response to the Coronavirus Covid-19 pandemic. A nuisance for shoppers, certainly. But also an opportunity if you were a malicious hacker. Read more in my article on the Bitdefender Business Insights blog. (Graham Cluley)

“Rebooting” – a video chat with Lisa Forte

Lisa Forte interviews me about how someone once turned me into a computer virus, some of the ethical issues that come out of blogging about security, and what you say when hackers contact you asking for help in blackmailing their victims. (Graham Cluley)

Intel announces “exploit busting” features in its next processor chips

More bad news for cybercrooks... we hope. (Naked Security)

‘Anonymous’ takes down Atlanta Police Dept. site after police shooting

Hackers affiliating themselves with the hacktivist label have joined the Black Lives Matter backlash after a fatal police shooting on Friday. (Naked Security)

Eavesdroppers can use light bulbs to listen in from afar

Researchers have developed an ingenious way to eavesdrop from a distance without relying on planted bugs: they just stare at a light bulb. (Naked Security)

How to Use One-Lin3r to Quickly Generate Reverse Shells, Privesc Commands & More

A lot of time can be wasted performing trivial tasks over and over again, and it's especially true when it comes to hacking and penetration testing. Trying different shells to own a target, and testing out privilege escalation commands afterward, can eat up a lot of time. Fortunately, there is a tool called One-Lin3r that can quickly generate shells, privesc commands, and more.

One-Lin3r is a Python tool that acts as a framework to automate the generation of one-liners commonly used in pentesting and hacking. Its usage is very similar to Metasploit, so it's natural and simple to pick up for... more (Null Byte « WonderHowTo)

Become a Computer Forensics Pro with This $29 Training

The increasingly important world of white hat or "ethical" hacking is getting competitive. Thanks to growing salaries and opportunities for talented and trained coding pros who can infiltrate servers and safeguard networks against digital threats, demand for intrepid cyber warriors is through the roof, and it shows no signs of slowing down any time soon.

That means that if you want to stand out from the crowd and land the best positions in the field, you need to find a niche or specialization — something that shows current and future employers that you have what it takes to be an expert in a... more (Null Byte « WonderHowTo)

Ripple20 Vulnerabilities Will Haunt The IoT Landscape For Years To Come

(News ≈ Packet Storm)

Theft Of CIA's Vault 7 Secrets Tied To Woefully Lax Security

(News ≈ Packet Storm)

Vulnerability In Trump Campaign App Revealed Keys And Secrets

(News ≈ Packet Storm)

Russian Disinfo Operation Discovered Dating Back To 2014

(News ≈ Packet Storm)

Experience + Technology: How We Clean Infected Websites at Sucuri

Our malware removal service is particularly effective because it combines automated and human elements. The process gets off to a quick start thanks to cleanup scripts developed by our threat researchers. Real people also get their hands dirty handling tough work that shouldn’t be automated. The automated scripts identify and remove a lot of website malware using the same threat definitions that power our Web Application Firewall (WAF) and SiteCheck website scanner. Continue reading Experience + Technology: How We Clean Infected Websites at Sucuri at Sucuri Blog. (Sucuri Blog)

Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations

If your business operations and security of sensitive data rely on Oracle's E-Business Suite (EBS), make sure you recently updated and are running the latest available version of the software.

In a report released by enterprise cybersecurity firm Onapsis and shared with The Hacker News, the firm today disclosed technical details for vulnerabilities it reported in Oracle's E-Business Suite (EBS), (The Hacker News)

Qbot Trojan Reappears to Go After U.S. Banking Customers

The 12-year-old malware is still dangerous, sporting advanced evasion techniques. (Threatpost)

Adobe Patches 18 Critical Flaws in Out-Of-Band Update

Critical vulnerabilities were patched in Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush and Audition. (Threatpost)

Theft of CIA’s ‘Vault 7’ Secrets Tied to ‘Woefully Lax” Security

An internal investigation into the 2016 CIA breach condemned the agency's security measures, saying it “focused more on building up cyber tools than keeping them secure." (Threatpost)

‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices

The vulnerabilities affect everything from printers to insulin pumps to ICS gear. (Threatpost)

15-06-202017-06-2020

/security-daily/ 17-06-2020 23:44:23