Security News > 2020
The Iranian cybercrime group that was expected to spearhead the rogue Middle East nation's revenge for the US assassination of General Qasem Soleimani has quite the arsenal at its digital fingertips. They added: "From a threat management and risk assessment perspective, we advise organisations not to conflate ongoing espionage operations with a retaliatory response. However, continually leveraging threat intelligence to assess and improve controls will help network defenders secure their environments against malicious activity regardless of intent."
Cisco on Wednesday released patches for 11 vulnerabilities in its products, including multiple flaws that impact Cisco UCS Manager, FXOS, and NX-OS software. Because the Discovery Protocol is enabled by default globally and on all interfaces in FXOS and NX-OS, the flaw impacts numerous products, including Nexus, Firepower, UCS and MDS. Cisco has pointed out that this vulnerability is different from the one disclosed earlier this month, which researchers said affected tens of millions of Cisco devices deployed in enterprise environments.
At RSA 2020, Steve Grobman, senior vice president and chief technology officer at McAfee, explained how easy it is to take advantage of cloud misconfigurations, an expensive security problem for corporations. His timely scenario was a group of researchers sequencing the genome of a virus to illustrate how sharing data through the cloud can lead to a security vulnerability.
Microsoft has a neat web page that helps you get Outlook set up on your phone. Just like Italian security researcher Luca Epifanio, our first thought was, "What if someone decides to put in someone else's phone number and then spam them over and over and over again?".
Garrison wants to move security away from software and into hardware
Spam, ransomware, and malware continue to haunt organizations, but bad actors are also cooking up new spins on these tried-and-true methods, according to security company Fortinet. A report from Fortinet on the threat landscape for the final quarter of 2019 reveals that cybercriminals will exploit every possible opportunity, both new and old, to attack organizations and users alike.
Hackers have started scanning the Internet for Microsoft Exchange Server instances that are affected by a remote code execution vulnerability patched earlier this month. The issue resides in the Exchange Control Panel component and consists of Exchange Server installations having the same validationKey and decryptionKey values in web.
They include everything from baby monitors to Wi-Fi chips. One such device is a connected vacuum cleaner, the Trifo Ironpie M6. According to researchers with Checkmarx, the vacuum has several high-severity flaws that open the device to remote attacks.
The owner of the data is Straffic.io, which describes itself as a "Private performance marketing network." According to its Facebook page, the company was founded in June 2017. "As of now, all systems are secure, and we did not find evidence of any data misuse or data loss. We continue to investigate and will notify if we find evidence to the contrary. Although we do our very best to protect the security of our service and deeply regret such a vulnerability has been found on our service, it is impossible to create a totally immune system, and these things can occur."
Slickwraps, a Kansas company that makes vinyl wraps for phones and other electronics, announced last week that it had suffered a data breach. This was a breach that earned the deep scorn of both the hacker - who was twice blocked by Slickwraps for reporting the vulnerability - and observers after some other hacker went ahead and exploited the company's vulnerable setup.