Tuesday, January 28, 2020

DEF CON China conference put on hold due to coronavirus outbreak

DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
The Register

Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates

We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma  More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...

Average Ransomware Payments More Than Doubled in Q4 2019

Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
The Security Ledger

Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable

Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...

One Small Fix Would Curb Stingray Surveillance

The technology needed to limit stingrays is clear—but good luck getting telecoms on board.

Good news! Maryland bill would make ransomware… a crime.

Enlarge / Sure, this will work. (credit: onathan Newton / The Washington Post via Getty Images) Remember last May, when Baltimore City was brought to a standstill by ransomware? Hot on the heels of that—in fact, the same...
SC Magazine

Tampa Bay Times hit by Ryuk, new variant of stealer aimed at gov’t, finance

On the heels of a Ryuk ransomware attack on the Tampa Bay Times, researchers reported a new variant of the Ryuk stealer being aimed at government, financial and law enforcement targets. The Times attack didn’t result in a breach, noted...

Risk managers: Here are the must-have skills for 2020

The risk management field is growing more challenging as threats evolve. How will these changing threats affect your organization in 2020?

Google, Mozilla Ban Hundreds of Browser Extensions in Chrome, Firefox

After discovering a wide pattern of potentially malicious behavior in browser extensions, the two search giants are cracking down.

Magecart-related arrests made in Indonesia

Three members of a group that infected hundreds of websites from around the world with payment card stealing malware were arrested in Indonesia, the International Criminal Police Organization (INTERPOL) announced Tuesday. The arrests are the result of a larger...
SC Magazine

Pre-Olympics cybersecurity exercise kicks off in Tokyo

A three-day cybersecurity wargame began today in Tokyo in preparation for the upcoming Olympic Summer Games. This particular exercise has 140 workers from 58 critical infrastructure firms defend against malware attacks that attempt to disrupt devices used for telecommuting, according to the Nippon News...

Who Watches The Watchers: Privacy Abuse By Security Vendors

Antivirus companies have to unequivocally not be in the data brokering business. Buyer beware in the wake of AVAST being discovered selling privacy-related data: there’s no such thing as a free lunch. If the product or service is free,...
SC Magazine

Bill seeks to reform NSA surveillance, aiming at Section 215, FISA process

Congress took on dual issues of Fourth Amendment and privacy rights in a bill meant to reform the Patriot Act to end the authority of NSA’s phone recording program, as well as, reform the FISA process, addressing the problems...

Hackers hijack Twitter accounts for Chicago Bears and Green Bay Packers

OurMine hacking crew returns after two years of inactivity.
The Register

Google halts paid-for Chrome extension updates amid fraud surge: Web Store in lockdown ‘due to the scale of abuse’

Meanwhile, probe reveals how Avast's 'anonymized' user data can be, er, deanonymized On Saturday, Google temporarily disabled the ability to publish paid Chrome apps, extensions, and themes in the Chrome Web Store due to a surge in fraud.…

As Necurs Botnet Falls from Grace, Emotet Rises

Researchers wonder if a recent "amateur spam" campaign by the once-prevalant malware distribution botnet is a sign of trojans looking to other infection paths.

Rui Pinto: Hacker Who Targeted Football and Angola’s ‘Princess’

Prosecutors in Portugal have denounced him as a criminal hacker, but his supporters describe the man behind the "Luanda Leaks" revelations as a public interest whistleblower. read more

Attacks on ADC Ramp Up as Citrix Releases Remaining Patches

Citrix has released the full set of patches for the recently disclosed security flaw tracked as CVE-2019-19781, but attacks on vulnerable systems are ramping up. read more
SC Magazine

Three Magecart operatives arrested in Indonesia

Several members of a group allegedly behind hundreds of Magecart-style attacks were arrested last month in Indonesia as the result of an international law enforcement operation. Interpol’s ASEAN Cyber Capability Desk and the Indonesian National Police just announced late last...

German Privacy Watchdog Investigates Clothing Retailer H&M

A German privacy watchdog says it has opened an investigation into clothing retailer H&M amid evidence that the Swedish retailer had committed “massive data protection breaches” by spying on its customer service representatives in Germany. read more
F5 Networks

Apache Tomcat vulnerability CVE-2018-1336

Apache Tomcat vulnerability CVE-2018-1336 Security Advisory Security Advisory Description An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite ...

Cisco Small Business Smart and Managed Switches Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections...
F5 Networks

Bash vulnerability CVE-2019-18276

Bash vulnerability CVE-2019-18276 Security Advisory Security Advisory Description An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is ...
F5 Networks

Linux kernel vulnerability CVE-2019-19069

Linux kernel vulnerability CVE-2019-19069 Security Advisory Security Advisory Description A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel ...

Vulnerability Summary for the Week of January 20, 2020

Original release date: January 27, 2020The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated...