Security News

A Vanson Bourne survey report highlights ransomware payout demands and extortion fees are massively increasing, while trust in legacy IT vendors has dipped and organizations are in fact getting slower at detecting cybersecurity incidents. "The survey presents an alarming picture of the modern threat landscape, demonstrating that adversaries continue to exploit organizations around the world and circumvent outdated technologies. Today's threat environment is costing businesses around the world millions of dollars and causing additional fallout," said Michael Sentonas, CTO at CrowdStrike.

Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip security bugs impacting multiple vendors, including Intel, Qualcomm, Texas Instruments, and Cypress. CISA warned vendors Thursday to patch these vulnerabilities after the security researchers released the proof of concept tool to test Bluetooth devices against BrakTooth exploits.

Law enforcement authorities arrested 150 suspects allegedly involved in selling and buying illicit goods on DarkMarket, the largest illegal marketplace on the dark web when it was taken down in January 2021. The arrests are the result of a coordinated international operation dubbed Dark HunTOR that lasted ten months and involved police forces and investigators from nine countries.

Cybersecurity Advisors Network, the Paris-based body that represents infosec pros, has created a new working group to advocate for legislation that stops vendors from suing when security researchers show them zero-day bugs in their kit. Peter Coroneos, CyAN international veep and leader of its new "Zero Day Legislative Project" told The Register the organisation recently staged a virtual meeting of 150-plus security researchers and the topic of aggressive legal responses to disclosures was high on their list of worries.

A large number of IoT systems could be exposed to remote hacker attacks due to serious vulnerabilities found in software development kits provided to device manufacturers by Taiwan-based semiconductor company Realtek. Firmware security company IoT Inspector said its researchers have identified more than a dozen vulnerabilities in SDKs provided by Realtek to companies that use its RTL8xxx chips.

A vulnerability within the Realtek RTL819xD module allows attackers to gain complete access to the device, installed operating systems and other network devices. The chips supplied by Realtek are used by almost all well-known manufacturers and can be found in VoIP and wireless routers, repeaters, IP cameras, and smart lighting controls - just to name a few.

Cybercriminals quickly started exploiting a vulnerability that affects routers and modems from many vendors that use the same underlying firmware. On August 3, cybersecurity firm Tenable published a blog post describing a vulnerability affecting routers that use firmware from Arcadyan, a Taiwan-based provider of networking solutions.

Industrial control systems vendors and other organizations have published advisories to address a couple of serious denial of service vulnerabilities affecting a widely used licensing and DRM solution made by Germany-based Wibu-Systems. CodeMeter is designed to protect software against piracy and reverse engineering, it offers licensing management capabilities, and it includes security features that provide protection against tampering and other attacks.

Researchers have discovered 14 new vulnerabilities affecting the proprietary NicheStack TCP/IP stack, used in OT devices such as the extremely popular Siemens S7 PLCs. "Other major OT device vendors, such as Emerson, Honeywell, Mitsubishi Electric, Rockwell Automation, and Schneider Electric, were mentioned as customers of InterNiche, the original developers of the stack. Due to this popularity in OT, the most affected industry vertical is Manufacturing," Forescout noted. "If these vulnerabilities are exploited, bad actors can take control of building automation devices used to control lighting, power, security and fire systems, and programmable logic controllers used to run assembly lines, machines and robotic devices. This can significantly disrupt industrial operations and provide access to IoT devices," the researchers explained.

Researchers have identified more than a dozen vulnerabilities in the NicheStack TCP/IP stack, which appears to be used by many operational technology vendors. The vulnerabilities are collectively tracked as ??INFRA:HALT. The security holes, discovered by researchers from ??Forescout Research Labs and JFrog Security Research, can be exploited by an attacker for remote code execution, denial-of-service attacks, information leaks, TCP spoofing, and DNS cache poisoning.