Security News

Several major industrial control system vendors have released security advisories in response to the recently disclosed vulnerabilities affecting the CodeMeter licensing and DRM solution made by Germany-based Wibu-Systems. The company's researchers showed how an attacker can launch attacks by setting up a malicious website and luring targeted users to it, or by creating their own CodeMeter API and client and sending commands to devices running CodeMeter.

Palo Alto Networks remediated vulnerabilities in PAN-OS. Attackers can use these vulnerabilities to gain access to sensitive data or develop the attack to gain access to the internal segments of the network of a company that uses vulnerable protection tools. Attackers can access a special firewall section, place malicious code in one of the web forms, and obtain maximum privileges in the OS. "We performed black-box testing of the NGFW management web interface to detect this vulnerability, which results from the lack of user input sanitization. During a real attack, hackers can, for example, bruteforce the password for the administrator panel, perform RCE, and gain access to the Palo Alto product, as well as the company's internal network," said Mikhail Klyuchnikov, researcher at Positive Technologies.

Google addressed two critical vulnerabilities in the Android System component as part of the newly released September 2020 set of security patches. More than 50 flaws are described in the Android Security Bulletin for September 2020: twenty-two as part of the 2020-09-01 security patch level and twenty-nine with the 2020-09-05 security patch level.

Microsoft's Patch Tuesday updates for September 2020 fix 129 vulnerabilities, but the company says none of them has been exploited in attacks or made public before patches were released. Several industry professionals have shared some thoughts on this month's patches and what they believe to be the most interesting vulnerabilities.

Vulnerabilities affecting CodeMeter, a popular licensing and DRM solution made by Germany-based Wibu-Systems, can expose industrial systems to remote attacks, industrial cybersecurity company Claroty warned on Tuesday. CodeMeter is designed to protect software against piracy and reverse engineering, it offers licensing management capabilities, and it includes security features that provide protection against tampering and other attacks.

Columbia University researchers have released Crylogger, an open source dynamic analysis tool that shows which Android apps feature cryptographic vulnerabilities. To confirm that the cryptographic vulnerabilities flagged by Crylogger can actually be exploited, the researchers manually reverse-engineered 28 of the tested apps and found that 14 of them are vulnerable to attacks.

Routers made by MoFi Network are affected by several vulnerabilities, including critical flaws that can be exploited to remotely hack a device. Some of the vulnerabilities can allow an unauthenticated, remote attacker who has access to this web interface to take complete control of the targeted router.

The number of vulnerabilities being disclosed by major technology companies is returning to normal levels after a lower-than-usual first quarter, due in no small part to the disruption from the coronavirus pandemic. "It is also important to note that 2015's single Fujiwhara event saw a total of 277 disclosed vulnerabilities from all reports that day, less than half of what we saw from the April Fujiwhara this year. During April's Fujiwhara event we saw 506 new vulnerabilities reported, 79% of which came from seven vendors. Compared to other Patch Tuesdays this year, the highest reported"only" 273 new vulnerabilities on June 9th.".

Cisco this week released patches for ten high-risk vulnerabilities in NX-OS software, including some that could lead to code execution and privilege escalation. Tracked as CVE-2020-3517, the first of the flaws resides in the Fabric Services component and could lead to a denial of service condition in both FXOS and NX-OS software.

Avast security researchers have identified vulnerabilities in DVB-T2 devices that could allow attackers to ensnare them in botnets. Many such set-top boxes are primitive, consisting of a TV tuner and an output device, some packing Internet support, and many are highly insecure, Avast's security researchers reveal.