All about Security, News, Events and Incidents

FYI - different regions have different levels of awareness in their communities, so while this may seem obvious us, for the viewers (and presenters) it may be their first time.

Where spycams can be hidden - and how to check if you're being watched
CNA
Published on Apr 18, 2019
How do you check if you're being watched? CNA's senior Korea correspondent Lim Yun Suk shows us how spycams can be concealed in the most ordinary objects.

 

Privacy expert resigns from Sidewalk Labs advisory role
CBC News
Published on Oct 21, 2018
Ann Cavoukian says she resigned from her role with Sidewalk Labs on Friday because her privacy concerns are not being addressed. This dealt a major blow to a planned high-tech neighbourhood on Toronto's waterfront.

 

Defense against the Darknet, or how to accessorize to defeat video surveillance
Boffins from Belgium break people recognition software with a colorful placard
https://www.theregister.co.uk/2019/...or_how_to_accessorize_to_defeat_surveillance/

 

Microsoft Edge Browser Permission Backdoor Can Allow Remote Attacks To Steal Data Hothardware.com | April 20, 2019

It has been nearly a week since security researcher John Page reported that he had found an Internet Explorer XML eXternal Entity (XXE) vulnerability. A new layer of this vulnerability has been recently discovered and the implications are far more serious. A Microsoft Edge feature may threaten Internet Explorer’s...

We would encourage users to always practice caution when downloading and opening files. It may also not hurt to simply choose a different browser. Hopefully Microsoft’s upcoming Chromium-based version of the Microsoft Edge browser will be more secure.

 

Another Sad day,
Sri Lanka blasts: More than 200 dead in bombings across country

 

I have my friends in Sri Lanka, this country has many Tribes and Religions living in peace and harmony all the time, politicians and their games is always behind all this blood not only in Sri Lanka but in all other countries, they don't mind to sacrifice their own people to achieve their dirty goals. I'll not mention all the other countries having the same tragedy, but dirty politicians are everywhere with no exceptions .

 

Why The Dark Web Became The Place You Should Never Visit

 

"Microsoft promises to boil down its lengthy and confusing privacy controls… in 1,500-word announcement"

- Microsoft has vowed to put an end to lengthy and confusing privacy controls and "give customers increased transparency and control over their data."

- in a sign that bad habits have not been fully unlearnt, the changes were announced in a 1,360-word blog post that is very long on explanation and dangerously short on detail.

- But to Microsoft's credit, somewhere hidden in the mountain of self-congratulatory words is a good idea: allow consumers to actually decide what information is gathered on their activity – and explain to them what is done with that data and why it is gathered in the first place.

https://www.theregister.co.uk/2019/04/30/microsoft_privacy_controls/

 

Dell laptops and computers vulnerable to remote hijacks
Another security flaw in a vendor's bloatware apps puts users at risk.
https://www.zdnet.com/article/dell-laptops-and-computers-vulnerable-to-remote-hijacks/

Dell has released a patch for this security flaw on April 23; however, many users are likely to remain vulnerable unless they've already updated the tool --which is used for debugging, diagnostics, and Dell drivers auto-updates.

One of many reasons you never should install bloat!

 

Cisco: Backdoor found in Nexus 9000 network devices
Published on 3 May 2019 by Günter Born

​

Security researchers have once again found a backdoor in networks, which is ideal for spying on companies. The Chinese should be locked out, banished, done, it usually sounds like from Amiland. Stop: This time it was Cisco.

 

More about Dell's bloatware, they force pre-installed on "most of all new" devices...


Dell laptops confirmed to be affected by serious SupportAssist security flaw Notebookcheck.net | May 3, 2019

Dell reportedly sat silently on a critical SupportAssist vulnerability for nearly 6 months, according to the security researcher that reported it to the company.

 

LOOOL

"Coincidentally, Dell’s own network suffered a data breach weeks after Demirkapi found the vulnerability in the SupportAssist application. Presumably the two incidents are unrelated, unless Dell also ran the SupportAssist application on its own internal computers with the same privileges, allowing attackers to take over its network through the same vulnerability"

https://www.tomshardware.com/news/dell-supportassist-security-vulnerability-laptops-pcs,39244.html

 

More detailed info here too - https://d4stiny.github.io/Remote-Code-Execution-on-most-Dell-computers/

 

I'm not sure this would be commercialzed, but this is some Interesting research nonetheless

"New chip stops attacks before they start"

- new computer processor architecture... could usher in a future where computers proactively defend against threats

- Called MORPHEUS, the chip blocks potential attacks by encrypting and randomly reshuffling key bits of its own code and data 20 times per second—infinitely faster than a human hacker can work and thousands of times faster than even the fastest electronic hacking techniques.

https://techxplore.com/news/2019-05-chip.html[/b]

 

"Google will soon let you auto-delete your location tracking data"

- Google is introducing a new feature for your Google account that will allow you to automatically delete your Location History and Web and App Activity data after a set period of time.

- The search giant’s location tracking practices got it into trouble last year when it emerged that Google would continue to track you even when you turn off the Location History setting.

- Google says it’s rolling out the new feature worldwide “in the coming weeks” and that it will be available in addition to the existing options that allow you to delete this data manually.

https://www.theverge.com/2019/5/1/1...ete-history-app-and-activity-data-3-18-months

---

 

"Evil Clippy is now helping hackers infect your Office documents"

- All the years of derision has caused Clippy to go over to the dark side.

- Evil Clippy can make malicious Microsoft Office docs undetectable. It can hide VBA macros, stomp VBA code (via p-code) and confuse popular macro analysis tools.

- The app can fool any tool that analyses the VBA source code, including antivirus software.

https://mspoweruser.com/evil-clippy-is-now-helping-hackers-infect-your-office-documents/

---

Don't open that email attachment of an unknown office document just yet!!

 

"Microsoft aims to modernize and secure voting with ElectionGuard"

- Microsoft is the first major tech company to take on this problem with a new platform it calls ElectionGuard that promises to make elections more secure and transparent — and yes, it’s free and open source.

- Set to be made available this summer and piloted during the 2020 elections, ElectionGuard is not a complete voting machine, but rather a platform for handling voting data that can either empower existing systems or have new ones built on top of it.

- The basic idea is to let voters track their votes securely and privately, while also allowing authorities to tabulate, store and, if necessary, audit them.

https://techcrunch.com/2019/05/06/microsoft-aims-to-modernize-and-secure-voting-with-electionguard/

---

Now who interfered with these 2020 election results?

 

WhatsApp hack: Company urges 1.5 billion users to update app
"ability to give hackers full access to a phone remotely, allowing them to read messages, see contacts and activate the camera"

https://www.telegraph.co.uk/technol...pp-flaw-allowed-israeli-hackers-snoop-phones/

 

Google recalls its 2FA Bluetooth Titan Security Key after security flaw discovered Pcworld.com | May 15, 2019

Google is offering free replacements for its Bluetooth Titan Security Key due to a security issue...

 

US Charges Chinese Hackers With Cyber Crimes: The Sequel | China Uncensored
China Uncensored
Published on May 15, 2019
The US has once again charged Chinese nationals with cyber crimes, including hacking into Anthem, one of the largest health insurance companies in the United States. Sensitive information from nearly 80 million people has been stolen. Is one of them you?

 

2:17 - Samsung spilled SmartThings app source code and secret keys

Samsung spilled SmartThings app source code and secret keys
Zack Whittaker @zackwhittaker / 1 week ago
https://techcrunch.com/2019/05/08/samsung-source-code-leak/

"A development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings platform, a security researcher found.

Spoiler

The electronics giant left dozens of internal coding projects on a GitLab instance hosted on a Samsung-owned domain, Vandev Lab. The instance, used by staff to share and contribute code to various Samsung apps, services and projects, was spilling data because the projects were set to “public” and not properly protected with a password, allowing anyone to look inside at each project, access and download the source code.

Mossab Hussein, a security researcher at Dubai-based cybersecurity firm SpiderSilk who discovered the exposed files, said one project contained credentials that allowed access to the entire AWS account that was being used, including more than 100 S3 storage buckets that contained logs and analytics data.

Many of the folders, he said, contained logs and analytics data for Samsung’s SmartThings and Bixby services, but also several employees’ exposed private GitLab tokens stored in plaintext, which allowed him to gain additional access from 42 public projects to 135 projects, including many private projects.

Samsung told him some of the files were for testing but Hussein challenged the claim, saying source code found in the GitLab repository contained the same code as the Android app, published in Google Play on April 10.

The app, which has since been updated, has more than 100 million installs to date.

“I had the private token of a user who had full access to all 135 projects on that GitLab,” he said, which could have allowed him to make code changes using a staffer’s own account.

Hussein shared several screenshots and a video of his findings for TechCrunch to examine and verify.

The exposed GitLab instance also contained private certificates for Samsung’s SmartThings’ iOS and Android apps.

Hussein also found several internal documents and slideshows among the exposed files.

“The real threat lies in the possibility of someone acquiring this level of access to the application source code, and injecting it with malicious code without the company knowing,” he said.

Through exposed private keys and tokens, Hussein documented a vast amount of access that if obtained by a malicious actor could have been “disastrous,” he said.

Hussein, a white-hat hacker and data breach discoverer, reported the findings to Samsung on April 10. In the days following, Samsung began revoking the AWS credentials, but it’s not known if the remaining secret keys and certificates were revoked.

Samsung still hasn’t closed the case on Hussein’s vulnerability report, close to a month after he first disclosed the issue.

“Recently, an individual security researcher reported a vulnerability through our security rewards program regarding one of our testing platforms,” Samsung spokesperson Zach Dugan told TechCrunch when reached prior to publication. “We quickly revoked all keys and certificates for the reported testing platform and while we have yet to find evidence that any external access occurred, we are currently investigating this further.”

Hussein said Samsung took until April 30 to revoke the GitLab private keys. Samsung also declined to answer specific questions we had and provided no evidence that the Samsung-owned development environment was for testing.

Hussein is no stranger to reporting security vulnerabilities. He recently disclosed a vulnerable back-end database at Blind, an anonymous social networking site popular among Silicon Valley employees — and found a server leaking a rolling list of user passwords for scientific journal giant Elsevier.

Samsung’s data leak, he said, was his biggest find to date.

“I haven’t seen a company this big handle their infrastructure using weird practices like that,” he said."

 

Chief Privacy Officers: The Unicorns of K-12 Education
By Emily Tate, Feb 25, 2019
https://www.edsurge.com/news/2019-02-25-chief-privacy-officers-the-unicorns-of-k-12-"

"Last month, the nonprofit Center for Democracy and Technology (CDT) published a report arguing schools and districts should go the way of other industries and hire a Chief Privacy Officer to oversee their organization’s privacy policies and practices.

Page by page, the report explains what a CPO is, why the role is necessary and even provides a two-page sample job description districts can use to begin the hiring process for a CPO.

The intent here is good, says Linnette Attai, a K-12 privacy expert and founder of the global compliance consulting firm PlayWell, LLC. Schools and districts collect, manage and analyze more data now than ever before. That data can be used to improve K-12 decision-making, tailor instruction to each student and flag when one student needs extra attention or assistance.

But because data can also be misused, abused, exposed and manipulated, it must be protected. Thus, the need for a Chief Privacy Officer—someone who can establish and enforce privacy policies, train staff on privacy procedures and ensure that all data is collected and shared safely.

But the reality is that Chief Privacy Officers in K-12 education are about as common as unicorns. EdSurge contacted education nonprofits, a technology association and a handful of privacy experts, and none could identify a single school district with a K-12 CPO.

In fact, it is still extremely rare for districts to hire even one full-time employee dedicated to privacy—leadership or otherwise—says Attai, who frequently advises K-12 districts on privacy issues.

“It should be a leadership position, but it’s not,” she tells EdSurge. “We’re a really long way off from it ever being there, and we may never be there.”

It's fun watching change in motion...

Please use the URL to see the rest of the article...

 

New Zero-Day Exploit for Bug in Windows 10 Task Scheduler Image
http://forum.notebookreview.com/thr...nd-announcements.826887/page-14#post-10913668

 

RAMBleed Exploit Inflicts Rowhammer-Style Attack On Private Data From PC Memory hothardware.com | Jun 13, 2019
Sometimes it feels as though nary a day goes by without someone sounding the alarm on a new security vulnerability. More recently, there has been a lot of hoopla over side-channel exploits, such as Spectre and Meltdown, and various other variants. Here is another one to add to your mental catalog of exploits—RAMBleed....

"While this sounds frightening, the good news is attackers are not able to leverage RAMBleed remotely—it is a local attack. It is being tracked under advisory CVE-2019-0174 and has been assigned a Common Vulnerability Scoring System (CVSS) rating of 3.8 out of 10. Researchers also say it is "unlikely" that RAMBleed has ever been exploited in the wild up to this point"

 

Yeah... I s Dell Taking their Customer Security Seriously? As we know, Dell don't make much of it's own hardware, firmware and Software Bloatware by themself. Almost everything is created/made by outsourced tech team or third-party company. This is a good reminder why you shouldn't install all sorts of software from the ODM manufacturers. Be safe... Skip everything that doesn't smells as needed drivers...

Dell Discovers Yet Another SupportAssist Security Flaw Tomshardware.com | June 21, 2019

In May, Dell’s SupportAssist troubleshooting PC utility was found to be vulnerable to attacks that could compromises all Dell laptops and desktops. This week Dell disclosed a second flaw (CVE-2019-12280) that could allow both malware and rogue logged-in users to gain administrative privileges and take over victims’ computers. SupportAssist ships with all Dell desktops, laptops and tablets.


Is Dell Taking Customer Security Seriously?
More than one serious vulnerability that hackers could exploit to take over Dell PCs has been found in recent years. At this point we have to wonder if Dell is taking cybersecurity seriously...

----------------------------------------------


Cybersecurity company finds worrying vulnerability affecting millions of Dell laptops and desktops

Dell has published a security advisory, which can be accessed here. It offers a straightforward resolution for the potential threat, which involves updating the relevant software that now includes a fix provided by PC-Doctor.

 

10 Ways The Government Is Secretly Spying On You

 

"Billions of Records Including Passwords Leaked by Smart Home Vendor"

- A publicly accessible ElasticSearch cluster owned by Orvibo, a Chinese smart home solutions provider, leaked more than two billion user logs containing sensitive data of customers from countries all over the world.

- The vpnMentor research team found that "the video feed from the smart cameras is easily accessible by entering the owner’s account with the credentials found in the database" for users who added security cameras to their Orvibo smart home management accounts.

- Also, unlocking the users' smart door locks combined with precise geolocation and schedules swiped from built-in calendar displays exposes them to home break-ins.

https://www.bleepingcomputer.com/ne...luding-passwords-leaked-by-smart-home-vendor/

---

This is why my house remains (and forever will be) a 'dumb' house with lock and deadbolt. My doors, lights, etc., do not need to be exposed to hackers.

 

"120M users at risk from serious vulnerability in Microsoft Excel"

- Security researchers have uncovered a serious vulnerability in Microsoft Corp.’s Excel that exposes around 120 million users to attack.

- A would-be hacker is able to use Power Query to dynamically launch a remote Dynamic Data Exchange attack into an Excel spreadsheet to actively control the payload.

- The vulnerability can also be exploited to launch sophisticated, hard-to-detect attacks that combine several attack surfaces, embed malicious content in a separate data source and even load the content into the spreadsheet when it is opened to compromise the user’s machine.

https://siliconangle.com/2019/06/27/120m-users-risk-serious-vulnerability-microsoft-excel/

---

Seems like a quite involved attack, but we also have NBR users using Excel in a multitude of ways.

 

How Does "Sign in With Apple" Work?

 

Logitech keyboards and mice vulnerable
Published on July 9, 2019 by Günter Born

​

Wireless keyboards and mice from Logitech or the Wireless Presenter are vulnerable. There are serious security gaps in the devices connected via radio...

 

Update Your Logitech Wireless Dongle Right Now howtogeek.com | July 17, 2109

To fix the problem, visit this page on Logitech’s website, download the appropriate update, and install it. For Logitech unifying receivers (USB dongles), updates are available for both Windows PCs and Macs. There’s also a separate update to install if you have a Logitech G900 gaming mouse.

------------------------------------------------

Bluetooth Flaw Enables Tracking on Windows PCs Tomshardware.com | July 17, 2019
Boston University researchers have discovered flaws in the Bluetooth Low Energy (BLE) implementations of Windows 10, macOS and iOS that could allow devices running those operating systems to be tracked. ZDNet reported that the researchers shared details about the flaw at the Privacy Enhancing Technologies Symposium today in an effort to raise awareness for the flaw in a nigh-ubiquitous protocol.

 

"Ex-Microsoft dev used test account to swipe $10m in tech giant's own store credits, live life of luxury, Feds allege"

- A former Microsoft software engineer was arrested on Tuesday and charged with mail fraud for allegedly attempting to steal $10m in digital currency from his former employer

- ... was a member of Microsoft's Universal Store Team (UST), tasked with handling the company's e-commerce operations.

- ... bought some Microsoft goods himself and also sold much of the currency – $10m worth, it's claimed – to third-parties, at a discount to its face value.

- ... bought himself a $162,000 Tesla and $1.6m home

https://www.theregister.co.uk/2019/07/17/exmicrosoft_engineer_arrested_fraud/

---

No wonder I got this XBox One soooo cheap on Ebay!

 

Nvidia addresses five big security issues in Windows driver
by Guru3d.com | 08/05/2019 08:41 AM | source: nvidia

Nvidia solved five security issues in its Windows drivers for GeForce, Quadro, NVS and Tesla video cards. Three of the problems are classified as 'serious', the other two vulnerabilities are of 'medium' risk. None of the issues could be triggered remotely though.

Nvidia has announced that the problems will be resolved in the August 2019 security update, and drivers can already be downloaded. NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to local code execution, denial of service, or escalation of privileges.

 

https://www.bitdefender.com/business/swapgs-attack.html

"Any device running an Intel Ivy Bridge or newer CPU: desktops, laptops, servers, etc. Both home and enterprise users are impacted by this vulnerability."

 

Fixed from what I know with last Windows 10 patch.

 

When will it end?

Microsoft Contractors Are Listening In On Your Cortana Interactions And Skype Chats
Over the last few weeks, there has been an increasing amount of concern over what Apple, Amazon, and Google are doing with the voice commands and conversations that their respective digital assistants hear and record. All of those companies have employees or contractors who listen to the transcripts of commands issued... Read more.

 

"Windows 10 security: Microsoft dismissed RDP flaw until it saw Hyper-V was affected"

- Microsoft recently reversed a decision not to patch a flaw in its Remote Desktop Protocol (RDP) client after realizing the same flaw could be used to target its Hyper-V virtualization software in Windows 10 and Azure.

- Check Point researcher Eyal Itkin informed Microsoft of a flaw in its RDP client but was told his finding "is valid but does not meet our bar for servicing", so it didn't warrant a patch.

- Microsoft recently reversed its decision and released a patch for the remote code execution bug CVE-2019-0887 in July

https://www.zdnet.com/article/windo...d-rdp-flaw-until-it-saw-hyper-v-was-affected/

---

A security issue in a Microsoft product? Say it ain't so!

 

Drivers from Over 40 Manufacturers Including Intel, NVIDIA, AMD Vulnerable to Privilege Escalation Malware Attacks
Techpowerrup.com Today, 16:59
Cybersecurity research firm Eclypsium published a report titled "Screwed Drivers," chronicling a critical flaw in the design of modern device driver software from over 40 hardware manufacturers, which allows malware to gain privilege from Ring 3 to Ring 0 (unrestricted hardware access). The long list of manufacturers publishing drivers that are fully signed and approved by Microsoft under its WHQL program, includes big names such as Intel, AMD, NVIDIA, AMI, Phoenix, ASUS, Toshiba, SuperMicro, GIGABYTE, MSI, and EVGA. Many of the latter few names are motherboard manufacturers who design hardware monitoring and overclocking applications that install kernel-mode drivers into Windows for Ring-0 hardware-access.

 

VLC 3.0.8 fixes 13 security issues and more
good Morning August 19, 2019

VideoLAN has updated the multimedia player VLC (Vetinari) to version 3.0.8. Here not only bugs were fixed, but also 13 security problems. So you should not wait too long. Corrects stuttering for low frame rate videos Improves adaptive streaming Improved adaptive streaming...

 

"All Windows users should update immediately as ‘Complete Control’ hack is confirmed"

- The tool is available on Dark Web for free

- Eclypsium revealed that almost all the major hardware manufacturers have a flaw that can allow malicious applications to gain kernel privileges at the user level, thereby gaining direct access to firmware and hardware.

- The flaw also affects all the new versions of Windows which includes Windows 7, 8, 8.1 and Windows 10.

- While Microsoft has already released a statement confirming that Windows Defender is more than capable of handling the issue, they didn’t mention that users need to be on the latest version of Windows to take benefit of the same.

- In case you were underestimating the tool, it can allow a hacker to remoting shutdown or reboot the system, remotely browse files, access and control the Task Manager, Registry Editor, and even the mouse. Not only that, but the attacker can also open web pages, disable the webcam activity light to spy on the victim unnoticed and capture audio and video.


https://mspoweruser.com/all-windows...iately-as-complete-control-hack-is-confirmed/

---

Looks like this vulnerability first posted by Papu was utilized (weaponized?) and has now made it into the wild. WIndows users be careful out there!

 

Patch Lady – I smell a Rat
Posted on August 26th, 2019 at 20:03 Susan Bradley Comment on the AskWoody Lounge
(coming to you from the friendly wifi of United Airlines as I fly to the Quest/The Experts Conference)

So twice lately someone has asked about articles indicating that we should patch now. Yesterday. Like the day before yesterday. And yet, when I’m reading the articles, I can’t find a single specific update they are talking about.


and

https://www.forbes.com/sites/daveyw...e-control-hack-attack-confirmed/#268cd4715bdb

Okay so the gist of the article (that I can tell is) that a research firm came out with a PR whitepaper on NanoRat 1.2.2 and said that it’s being used more in attacks. The attacks come in via phishing and macro enabled documents.

So…..? This is different than any of the other daily phishing attacks I see in my spam filters?

And all you can tell me is to “patch now”? Patching my operating system won’t patch if I’m stupid enough to click on something. Patching my operating system won’t patch if I’m stupid enough to enter my credentials on a well done web page pretending to be my mail server needing me to “upgrade”.

Bottom line, telling me to patch now when there’s no specific operating system update in the August updates that will protect us from this is just running around like Chicken Little telling me the sky is falling.

Come on tech sites, stop using Public relations stunts to write your content. There’s enough true security stories out there for us to be more than scared over. (The one that concerns me is the recent r ansomware coming into multiple government entities via a shared managed service providers).

Make no mistake the bad guys want to get us, but articles like these that give no good solid actionable items other than “patch” when it’s not even Patch Tuesday are just ridiculous.

 

After posting this DDIO / RDMA NetCAT response from Intel:
http://forum.notebookreview.com/thr...atches-and-more.812424/page-129#post-10950369

I found these released today:

National Cyber Awareness System =>Current Activity Landing => Intel Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2019/08/13/intel-releases-security-updates

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

• RAID Web Console 2 Advisory INTEL-SA-00246
• NUC Advisory INTEL-SA-00272
• Authenticate Advisory INTEL-SA-00275
• Driver and Support Assistant Advisory INTEL-SA-00276
• Remote Displays SDK Advisory INTEL-SA-00277
• Processor Identification Utility for Windows Advisory INTEL-SA-00281
• Computing Improvement Program Advisory INTEL-SA-00283

And, these from a couple of days ago...

Intel Releases Security Updates, Mitigations for Multiple Products
Original release date: June 11, 2019 | Last revised: June 12, 2019
https://www.us-cert.gov/ncas/curren...ecurity-Updates-Mitigations-Multiple-Products

Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

• NUC Firmware Advisory INTEL-SA-00264
• RAID Web Console 3 for Windows Advisory INTEL-SA-00259
• Omni-Path Fabric Manager GUI Advisory INTEL-SA-00257
• Open Cloud Integrity Technology and OpenAttestation Advisory INTEL-SA-00248
• Partial Physical Address Leakage Advisory INTEL-SA-00247
• Turbo Boost Max Technology 3.0 Advisory INTEL-SA-00243
• SGX for Linux Advisory INTEL-SA-00235
• PROSet/Wireless WiFi Software Advisory INTEL-SA-00232
• Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise Advisory INTEL-SA-00226
• Chipset Device Software (INF Update Utility) Advisory INTEL-SA-00224
• ITE Tech Consumer Infrared Driver for Windows 10 Advisory INTEL-SA-00206

 

!

"German vuln-hunting firm Greenbone Networks found 590 "medical image archive systems online" containing a startling 737 million images, of which it said around 400 million were downloadable."

"A significant number of these servers have no protection at all, they aren't password protected and have no encryption."

https://www.theregister.co.uk/2019/09/17/24m_medical_records_unsecured_online/

 

Five years later, Heartbleed vulnerability still unpatched

 

CYBERSECURITY TODAY zdnet.com | Sept 26, 2019
Cisco warning: These routers have 9.9/10-severity security flaw

Cisco has disclosed over a dozen high-severity vulnerabilities affecting the widely deployed Cisco IOS and IOS XE network automation software, including a nasty one affecting its industrial routers and grid routers.

 

"Twitter: No, really, we're very sorry we sold your security info for a boatload of cash"
lol, another instance showing privacy, security, rules, trust etc only exists in theory.

https://www.theregister.co.uk/2019/10/09/twitter_data_leak/

 

"New Microsoft NTLM Flaws May Allow Full Domain Compromise"

- Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full domain compromise.

- Microsoft patched the two NTLM flaws and issued security advisories as part of the Patch Tuesday security updates issued yesterday after Preempt’s disclosure.

https://www.bleepingcomputer.com/ne...-ntlm-flaws-may-allow-full-domain-compromise/

---

On the bright side, at least the vulnerability wasn't caused by a Windows 10 update.

 

SECURITY
Hacker Selling User Info Stolen From Prostitution Forums bleepingcomputers.com | Oct 10, 2019
Popular prostitution and escort forums in the Netherlands and Italy have suffered data breaches that exposed the usernames, email addresses, and hashed passwords for their registered members.

----------------------------------

D-Link no longer wants to fix router vulnerability
Published on 10th October 2019 by Günter Born

​

The D-Link Routers DIR-652, DIR-655, DIR-866L, and DHP-1565 have a critical remote execution vulnerability, but the manufacturer does not want to fix it.

---------------------------------


Windows 10 Mobile with a security problem that will not be resolved [Workaround]
good Morning October 10, 2019 17:30 2 comments
On 8/10, the KB4522809 was shipped for Windows 10 Mobile. This increased the version number to 15254.590. As always, the changes are "identical" to the PC version of the 1709. But a security hole is no longer closed. Under the CVE-2019-1314 ...

 

Attackers Are Exploiting an Apple iTunes Zero-Day Bug to Install Ransomware on Windows Machines wccftech.com | Oct 12, 2019

A zero-day vulnerability in Apple iTunes for Windows enabled attackers to bypass antivirus detection on Windows devices. The targeted BitPaymer or IEncrypt ransomware campaign was detected by the security folks at Morphisec who called the iTunes exploit a "new and alarming evasion technique."

This Apple zero-day vulnerability is in the Bonjour updater that comes packaged with iTunes and iCloud for Windows. Morphisec said that the the "adversaries abused an unquoted path to maintain persistence and evade detection." The unquoted path vulnerability is a widely known bug that occurs due to developers forgetting to surround a file path with quotation marks. This latest zero-day is a proof that developers continue to ignore quotes.

Apple has fixed the flaw but it will affect even those who have uninstalled iTunes for Windows
Apple fixed the vulnerability with the release of iTunes 12.10.1 for Windows and iCloud for Windows 7.14, as well, since Bonjour updater ships with both of them.

Morphisec warns that even if you don't currently run iTunes but did so in the past, you could still be at risk, hinting that this could be the reason why attackers chose this process for evasion.

In most cases, people are not aware that they need to uninstall the Apple Software Update component separately when uninstalling iTunes. Because of this, machines are left with the updater task installed and working.

We were surprised by the results of an investigation that showed Apple Software Update is installed on a large number of computers across different enterprises. Many of the computers uninstalled iTunes years ago while the Apple Software Update component remains silently, un-updated, and still working in the background. Following this discovery, we identified the attack surface and the motivation of the attacker to choose this process for evasion.​

Morphisec researchers also added that Apple developers "haven't fixed all the vulnerabilities reported by us, only the one that was abused by the attackers." In any case, if you do use iTunes, make sure to update it to the very latest version. Mac users aren't affected by this bug.

 

Hackers Breach Avast Antivirus Network Through Insecure VPN Profile bleepingcomputers.com | Oct 21, 2019

Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14.
Following an investigation, the antivirus maker determined that the attacker was able to gain access using compromised credentials via a temporary VPN account.


Update [10.21.2019]: When CCleaner 5.63 came out on October 15, BleepingComputer sought comments from Avast about the reason and benefits of the update since it was an unexpected move. The company delayed responding to our questions at the time.
CCleaner General Manager David Peterson explains in a blog post today that the reason for automatically updating all CCleaner installations since 5.57 to the current latest version was a preventative measure to ensure that all users run a genuine release.
"We took these steps preventatively as our investigation is continuing, but we wanted to eliminate the risk of fraudulent software being delivered to our users. Since we have indications that the attempts to infiltrate our systems began in May this year, we automatically updated users on builds released after this time to ensure their safety."

A legitimate way (nice way) try snooping in their customers computers?