Security News > 2020 > July

Vulnerabilities discovered by researchers in VPN products primarily used for remote access to operational technology networks can allow hackers to compromise industrial control systems and possibly cause physical damage. Researchers from industrial cybersecurity company Claroty have identified potentially serious vulnerabilities in Secomea GateManager, Moxa EDR-G902 and EDR-G903, and HMS Networks' eWon.

GPS titan Garmin is still recovering from the fallout of the devastating ransomware attack that has crippled its website, disrupted customer support, disabled apps, and paused communications since late July 22. Since the crisis began, employees of the company around the world took to social media to admit what the company would not: That it was hit with a damaging ransomware attack that locked them out of significant portions of their own system globally.

Well, 28 July 2020 is a Blue Firefox Update event - the second major security fix of the month, given that Mozilla now uses an every-four-weeks-on-Tuesday rhythm, and Firefox 78.0 came out on the first day of the month. Microsoft and Adobe follow a process of "Once each month on the second Tuesday"; Oracle has a system than delivers "Four times a year on the Tuesday closest to the 17th day of the first month of each calendar quarter", and Apple favours the "When security fixes are ready they arrive, and we deliberately don't say exactly when for security reasons" approach.

A majority of election administrators in the United States have yet to implement cybersecurity controls designed to provide protection against phishing attacks, a new Area 1 Security report reveals. The U.S. elections have been targeted by phishing as well, with examples including attacks against election-sensitive organizations in 2016 and 2018, and phishing attempts targeting the current 2020 election cycle.

Critical vulnerabilities in several industrial VPN implementations for remotely accessing operational technology networks could allow attackers to overwrite data, execute malicious code or commands, cause a DoS condition, and more. "Exploiting these vulnerabilities can give an attacker direct access to the field devices and cause some physical damage," Claroty researchers noted.

Box announced the addition of automated classification to Box Shield on Tuesday. "As people are working from home, security has become one of the top considerations for IT departments. People used to be inside the corporate network, inside of a firewall. Now the perimeter is actually moved to your house. You could be accessing content from your personal device, where as an organization, you might not have the level of security capabilities that device has," said Varun Parmar, chief product officer at Box.

North Korean-linked threat actor Lazarus has been employing at least four new Mac-targeting malware families in recent attacks, SentinelOne security researchers reveal. Some of the most recent malware families that Lazarus has been leveraging in attacks include the macOS version of the DaclsRAT, and the cross-platform MATA framework, which also targets Windows and Linux systems.

Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, discusses the top threats and lessons learned from the first half of 2020. With the coronavirus pandemic breaking out, and corporate workforces going remote, "Uncertainty is a key word" for 2020, Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said.

Researchers have disclosed details of a recently patched, high-severity Dell PowerEdge server flaw, which if exploited could allow an attacker to fully take over and control server operations. The web vulnerability was found in the Dell EMC iDRAC remote access controller, technology embedded within the latest versions of Dell PowerEdge servers.

A classified report from IPCO was included in a bundle of court papers intended to be read by Lord Justice Singh in early 2019. IPT secretary Susan Cobb wrote back to say: "It was inappropriate for your staff to seek to intervene in ongoing legal proceedings in the way that they sought to do," the Daily Mail and BBC reported.