Weekly Infosec News Brief 20-26 July

FBI Sees Massive Increase in Espionage, Including Industrial Espionage, Against the US

The FBI on Thursday issued a press release discussing what they believe is an increasing threat of economic espionage against US companies. They estimate that such espionage may cost the US as much as "hundreds of billions" of dollars a year. This espionage is not just directed against large industrial companies, but any place where trade secrets and innovations might be found, including third-party organizations (e.g. business partners, vendors, consultants, lawyers, etc.) affiliated with targeted companies. A key take-away is that the threat is more widespread than most people think, and that few organizations are immune.
https://www.fbi.gov/news/pressrel/press-releases/fbi-announces-economic-espionage-awareness-campaign
http://www.cnn.com/2015/07/24/politics/fbi-economic-espionage/


 Microsoft Releases Out-of-Cycle Patch for Critical Font Driver Bug

A flaw uncovered in connection with the "Hacking Team" breach prompted Microsoft to issue an emergency patch last Monday. The vulnerability in the Windows Adobe Type Manager Library could allow a remote attacker direct access to the operating system kernel, and appears to be relatively easy to exploit. The new update, MS15-078, replaces MS15-077, which was released just a week prior as part of this month's "Patch Tuesday" set of software patches. The flaw affects all current Windows versions (even the Windows 10 beta), and organizations are urged to install this patch as soon as possible.
https://technet.microsoft.com/library/security/MS15-078
http://www.computerworld.com/article/2949589/malware-vulnerabilities/microsoft-patches-windows-zero-day-found-in-hacking-teams-leaked-docs.html


WordPress Update Issued, Fixes Twenty Vulnerabilities

On Thursday, WordPress released version 4.2.3, which includes fixes for twenty important security issues. The most prominent of these is a critical cross-site scripting (XSS) flaw that can enable an attacker to seriously compromise an affected site; though it is not easy to exploit, the results or a successful exploit are very serious. This announcement came just two days after a security firms publicized serious flaws in two popular WordPress plugins. For organizations running WordPress websites (and many are, even without realizing it), Anchor recommends updating to 4.2.3 as quickly as possible.
http://www.scmagazine.com/wordpress-423-released-addresses-critical-xss-vulnerability/article/428182/
http://www.scmagazine.com/security-firm-details-vulnerabilities-in-two-wordpress-plugins/article/427947/
https://wordpress.org/news/2015/07/wordpress-4-2-3/


Serious OpenSSH Vulnerability Opens Systems up to Remote Brute-Force Password Cracking

OpenSSH, a very common software allowing secure remote administration of Linux/UNIX computers, was demonstrated last week to have a serious flaw in its rate-limiting mechanism for failed login attempts. OpenSSH is supposed to limit anyone attempting to login to six attempts, thus making it hard for attackers to rapidly guess passwords. This flaw enables an attacker to instead make as many attempts as possible in the maximum "grace period" time for login (the default setting is two minutes). No patch is available yet, but suggested workarounds are presented at the first link below.
http://www.computerworld.com/article/2951541/security/bug-exposes-openssh-servers-to-bruteforce-password-guessing-attacks.html
https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/

Comments

Post a Comment

Popular posts from this blog

Weekly Infosec News Brief: 14-20 March

Image
Major Media Websites Caught up inNew Malicious Advertising Attacks Last week multiple major advertising networks, including Google's DoubleClick, AppNexus, Rubicon, and AOL were abused by attackers to serve up malicious advertisements on major media sites. These malicious advertisements were redirecting to the "Angler" exploit kit, which uses multiple means to attempt to compromise a browser and install malware. While such malicious ads are common on smaller websites, they are not unheard-of on major media sites. This outbreak, however, was unusually large and long-lived, lasting at least the better part of two days. Given how common malicious web ads are, some security experts are recommending the use of ad blocking technology in web browsers. http://www.computerworld.com/article/3044565/security/advertising-based-cyberattacks-hit-bbc-new-york-times-msn.html Malicious Macros in Word Documents Used to Install Malware with No Files Needed Everything old is new a
Read more

Weekly Infosec News Brief - Oct 12-18

Image
New Flash Zero-Day Vulnerability Being Actively Exploited Last Tuesday, the same day that Adobe released their regular monthly patches, Trend Micro disclosed their discovery of a new zero-day vulnerability being exploited by the “Pawn Storm” hacking group. The observed activity is directed primarily against various nations’ foreign affairs ministries, but the vulnerability (CVE-2015-7645) is not publicly disclosed and may be subject to further exploitation. Adobe released a new out-of-cycle patch for the issue on Friday evening. http://www.cnet.com/news/another-security-flaw-affects-all-versions-of-adobe-flash/ http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/ https://helpx.adobe.com/security/products/flash-player/apsa15-05.html Microsoft Releases Six Patches for IE/Edge, Office, Windows Last Tuesday, Microsoft released six updates that fix about 33 security issues in their browsers, in Windows, and in Office.
Read more