Security News > 2020 > June

One of the several multinational corporations enlisted by the German government to help it obtain personal protective equipment for the care of COVID-19 patients has been targeted in an ongoing phishing campaign, IBM reported on Monday. According to IBM, a threat actor has targeted more than 100 high-ranking people within this company, which is part of Germany's Task Force Personal Protective Equipment, whose members leverage their contact networks, particularly in China, to secure PPE. The attackers have targeted executives within the organization, as well as its supply chain partners, and IBM believes the same group likely also targeted other members of the task force.

Based on a survey of 12,000 consumers across six different countries, the Veritas report found that 40% of consumers would hold CEOs personally responsible for ransomware breaches. How organizations should handle ransomware threats is a matter of some inconsistency among consumers.

It turns out that industrial enterprises are much better positioned to defeat most nation-state attacks on power plants, pipelines, and other critical infrastructures than governments are. Government intrusion detection is a little better at detecting attacks than our own systems and presents serious risks to corporate confidentiality.

Google's threat analysts have identified state-level attacks from China. I hope both campaigns are working under the assumption that everything they say and do will be dumped on the Internet before the election.

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time. Latest Naked Security podcast News, straight to your inbox.

A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.

Hackers are targeting German companies tasked with replenishing the nation's supply of personal protective equipment. The X-Force team believes that the corporation is being targeted specifically because of its status within the task force, and the phishing campaign is part of a larger effort by an unknown hacking crew to disrupt the PPE supply chain in Germany.

According to Mohan, all an attacker needs to know is either victim's Aadhaar ID or linked mobile number or username to unauthorizedly access a targeted Digilocker account, prompting the service to send an OTP and subsequently exploiting the flaw to bypass the sign-in process. It's worth noting that the mobile app version of Digilocker also comes with a 4-digit PIN for an added layer of security.

A report from consumer advocates Which? highlights the shockingly short lifespan of "Smart" appliances, with some losing software support after just a few years, despite costing vastly more than "Dumb" alternatives. Some devices like Samsung's Smart Fridge Freezers include large touchscreen displays, allowing users to do tasks that would otherwise be performed on a smartphone or computer.

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency has warned Windows users that a recently released proof-of-concept exploit for the vulnerability tracked as SMBGhost has been abused to launch attacks. The flaw affects Windows 10 and Windows Server and it can be exploited for denial-of-service attacks, local privilege escalation, and arbitrary code execution.