Security News > 2020 > July

Open source expert Jack Wallen lists the apps he considers a must-have for every Android user. Although you might be able to get by for awhile by only using the stock apps included with the Android operating system, you'll very quickly find yourself needing more.

The US ambassador in Brasilia warned of "Consequences" if Brazil chooses Chinese telecoms company Huawei to develop its 5G network, in an interview published Wednesday. "I wouldn't say there would be retaliation, but there would be consequences" if Brazil goes against US advice and picks the Chinese firm, Ambassador Todd Chapman told newspaper Globo.

A vulnerability in the widely used GRUB2 bootloader opens most Linux and Windows systems in use today to persistent compromise, Eclypsium researchers have found. The list of affected systems includes servers and workstations, laptops and desktops, and possibly a large number of Linux-based OT and IoT systems.

The Federal Bureau of Investigation this week released an alert to warn businesses of ongoing cyberattacks involving the NetWalker ransomware. "As of June 2020, the FBI has received notifications of NetWalker ransomware attacks on U.S. and foreign government organizations, education entities, private companies, and health agencies by unidentified cyber actors," the FBI's alert reads.

Preventing BootHole attacks will require replacing vulnerable bootloaders with an updated version and releasing an update for the DBX database to ensure that the vulnerable bootloaders can no longer be executed. CERT/CC explained, "Linux distributions and other vendors using GRUB2 will need to update their installers, boot loaders, and shims. New shims will need to be signed by the Microsoft 3rd Party UEFI Certificate Authority. Administrators of affected devices will need to update installed versions of operating systems as well as installer images, including disaster recovery media. Until all affected versions are added to the dbx revocation list, an attacker would be able to use a vulnerable version of shim and GRUB2. Eventually the UEFI revocation list needs to be updated in the firmware of each affected system to prevent running this vulnerable code during boot."

Retailers have been warned to prepare for a wave of cyberattacks as they reopen to the public as hackers look to take advantage of on-premise systems that have remained unpatched during COVID-19 lockdowns. "Most of the big retailers have been in business in some way," Wright said.

Netgear has quietly decided not to patch more than 40 home routers to plug a remote code execution vulnerability - despite security researchers having published proof-of-concept exploit code. Keen-eyed Reg readers noticed that Netgear quietly declared 45 of the affected products as "Outside the security support period" - meaning those items won't be updated to protect them against the vuln.

At the RSA Cybersecurity Summit 2020 on Tuesday, security experts explained how to rethink the security operations center when analysts are working from home instead of side by side. Two RSA leaders shared advice on how to do this during a conversation about how the shift to 100% remote work has affected security teams who have the same challenges all other remote workers have.

DXC has recovered from a ransomware attack that hit its independent services-for-insurers operation Xchanging. The company revealed the attack on July 5th with an announcement that "Certain systems" of the IT environment at its insurance managed services subsidiary Xchanging had fallen victim to ransomware.

Conducted by the Ponemon Institute, the 2020 Cost of a Data Breach Report is based on in-depth interviews with more than 3,200 security professional in organizations that suffered a data breach over the past year. Smart tech slashes breach costs in half: Companies who had fully deployed security automation technologies experienced less than half the data breach costs compared to those who didn't have these tools deployed - $2.45 million vs. $6.03 million on average.