Security News > 2020

Four of the five high-severity bugs are remote code execution issues affecting Cisco routers, switches, and IP cameras, whereas the fifth vulnerability is a denial-of-service issue affecting Cisco IP phones. Collectively dubbed 'CDPwn,' the reported vulnerabilities reside in the various implementations of the Cisco Discovery Protocol that comes enabled by default on virtually all Cisco devices and can not be turned OFF. Cisco Discovery Protocol is an administrative protocol that works at Layer 2 of the Internet Protocol stack.

The latest wave of attacks are highly personalized and, unlike previous campaigns, target victims' mobile banking apps as an extra step to evade detection when making fraudulent transfers. "Some observations from the campaigns are that the adversary operating CamuBot handpicks potential victims and remains as targeted as possible, likely to keep the attack's TTPs on low profile and their team from attracting the attention of local law enforcement," said IBM X-Force researchers Chen Nahman and Limor Kessem, in an analysis this week.

A Texas orthopedic practice says a recent malware attack "Permanently damaged" thousands of electronic patient records. The group practice says the malware attack "Damaged" some of the medical records in its systems, affecting current and former patients of one of its physicians, K. Mathew Warnock, M.D. Patient data contained in the damaged records includes name, address, phone number, diagnosis and treatment information, and health insurance information.

The bug, which Google describes as a technical issue, was triggered when users requested a Google "Download your data" export. In the notification sent to the impacted users, Google reveals that those who used Takeout to download their data might have ended up with someone else's videos in their Google Photos backups.

Researchers at Check Point have demonstrated how to infect a network with malware via a simple IoT device, a Philips Hue smart lightbulb. One is CVE-2020-6007 which is a buffer overflow in the Philips Hue Bridge controller firmware, in the part of the software that adds new devices to the controller.

On Monday, Google sent emails to certain Google Photos users alerting them of a problem that affected them in late November 2019, as described by 9to5Google. For some Google Photos users who turned to Google Takeout between November 21 and 25 to download their data, one or more of their videos were "Incorrectly exported to unrelated users' archives," meaning that other people were able to see them.

Printers, smart TVs and automated guided vehicles that depend on Windows 7 have become the latest juicy targets for cybercriminals leveraging a "Self-spreading" variant of the malware Lemon Duck. In a report released Wednesday by TrapX Security, researchers warn manufacturers dependent on IoT devices are targets in a new global campaign leveraging the malware variant.

Chrome 80 emerged from Google this week with a few more nails to hammer into the coffin of the venerable File Transfer Protocol. It has been a death by a thousand cuts for FTP in Chrome.

Europe's physics lab CERN on Wednesday said it had stopped using a Facebook team-chat application because of concerns about handing over data to the US tech giant. CERN said it had wound up its Facebook Workplace account on January 31 after the US firm gave it the choice of either paying to use the service or sharing data.

Researchers have shown how hackers could silently exfiltrate sensitive information from air-gapped computers by manipulating the brightness of their screen. Researchers from Ben-Gurion University previously demonstrated how hackers could exfiltrate data from air-gapped systems via power lines, magnetic fields, infrared cameras, router LEDs, scanners, HDD activity LEDs, USB devices, the noise emitted by hard drives and fans, and heat emissions.