Weekly Infosec News Brief – Mar 23-29, 2015

Recently-Patched Flash Vulnerability Being Actively Exploited

A vulnerability in Adobe Flash (CVE-2015-0336) that was fixed on March 12 is now being actively exploited in drive-by download attacks as part of the Nuclear exploit kit. The recent trend has been that exploits for Flash vulnerabilities are being used in the wild within a shorter timeframe of the flaws being publicly announced and fixes being made available, sometimes before. The need to install Flash updates as soon as possible after they are released has never been more clear.
http://www.computerworld.com/article/2899702/new-attacks-suggest-timeline-for-patching-flash-player-is-shrinking.html


 New Jersey School District Recovering from Ransomware Attack

The Swedesboro-Woolwich School District in New Jersey had to take many of their systems offline for an extended period after many files were encrypted by a ransomware infection. The district was able, after several days’ work, to clean malware from their servers and restore most of the affected files from backups. The threat of ransomware is yet another reason for limiting who has direct access to what files via file shares. Web-based document management systems or SharePoint-type systems are far less susceptible to these threats. Also note that good backups saved this school district. Keep in mind, however, that if your backups are accessible to the file system you may turn to your backups after a ransomware incident only to find that your backups are also encrypted!
http://www.nj.com/gloucester-county/index.ssf/2015/03/school_district_bitcoin_hostage_situation_continue.html


 New York Requiring Insurers to Report Their Cybersecurity Preparations

Insurers doing business in New York are being required to provide information to the state regarding their cybersecurity preparations, and the state plans to conduct examinations of insurers’ systems to verify their preparations. Organizations that hold any significant quantities of customers’ personal and financial information should anticipate that they are likely to become subject to similar regulatory measures in the near future.
http://www.bloomberg.com/news/articles/2015-03-26/new-york-to-investigate-insurers-cybersecurity-work-after-hacks


 Flaw in Hotel WiFi Routers Puts Guests’ Systems and Data at Risk

A major vulnerability was discovered in a wifi router system (InnGate routers, made by ANTlabs of Singapore) commonly used in major hotel chains. This vulnerability could allow attackers to take over the routers, and from there they could monitor or alter communications to and from guests’ computers, and could redirect guests to malware sites or insert malicious code into their communications. The best defense against this kind of attack is to train your users to always use a VPN (with no split tunneling) whenever working from an untrusted network (any network you or your organization don’t control).
http://www.wired.com/2015/03/big-vulnerability-hotel-wi-fi-router-puts-guests-risk/

Comments

Post a Comment

Popular posts from this blog

Weekly Infosec News Brief: 14-20 March

Image
Major Media Websites Caught up inNew Malicious Advertising Attacks Last week multiple major advertising networks, including Google's DoubleClick, AppNexus, Rubicon, and AOL were abused by attackers to serve up malicious advertisements on major media sites. These malicious advertisements were redirecting to the "Angler" exploit kit, which uses multiple means to attempt to compromise a browser and install malware. While such malicious ads are common on smaller websites, they are not unheard-of on major media sites. This outbreak, however, was unusually large and long-lived, lasting at least the better part of two days. Given how common malicious web ads are, some security experts are recommending the use of ad blocking technology in web browsers. http://www.computerworld.com/article/3044565/security/advertising-based-cyberattacks-hit-bbc-new-york-times-msn.html Malicious Macros in Word Documents Used to Install Malware with No Files Needed Everything old is new a
Read more

Weekly Infosec News Brief 20-26 July

Image
FBI Sees Massive Increase in Espionage, Including Industrial Espionage, Against the US The FBI on Thursday issued a press release discussing what they believe is an increasing threat of economic espionage against US companies. They estimate that such espionage may cost the US as much as "hundreds of billions" of dollars a year. This espionage is not just directed against large industrial companies, but any place where trade secrets and innovations might be found, including third-party organizations (e.g. business partners, vendors, consultants, lawyers, etc.) affiliated with targeted companies. A key take-away is that the threat is more widespread than most people think, and that few organizations are immune. https://www.fbi.gov/news/pressrel/press-releases/fbi-announces-economic-espionage-awareness-campaign http://www.cnn.com/2015/07/24/politics/fbi-economic-espionage/ Microsoft Releases Out-of-Cycle Patch for Critical Font Driver Bug A flaw uncovered in connecti
Read more

Critical Vulnerability Discovered in IIS 6.0 Web Services

Image
IIS 6, the version that runs on Windows 2003 Server, was revealed this week to have a serious vulnerability that could allow an attacker to run malicious code on the server. The vulnerability has apparently been known to some malicious groups for some time, as attacks exploiting this vulnerability have been observed as far back as summer of 2016. But last week a proof-of-concept exploit for the vulnerability was posted to GitHub, bringing public attention to the problems and providing potential attackers with a head start on developing their own exploit code.  That is likely to take this from a secretive exploit used by a few actors to one that will be widely used by many attackers, meaning anyone running a vulnerable server is a likely victim. Vulnerability announcements are common, but this one is especially problematic for several reasons: IIS 6.0 is a part of the Windows 2003 Server operating system, which aged out of support from Microsoft almost two years ago. There are an
Read more