Security News

The CERT Coordination Center at Carnegie Mellon University has published alerts on several vulnerabilities that impact Diebold Nixdorf ProCash and NCR SelfServ automated teller machines. A vulnerability in the Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30, CERT/CC reveals, could be abused by an attacker with physical access to internal machine components to commit deposit forgery.

More than 70% of ICS vulnerabilities disclosed in the first half of 2020 can be exploited remotely, highlighting the importance of protecting internet-facing ICS devices and remote access connections, according to Claroty. The report comprises The Claroty Research Team's assessment of 365 ICS vulnerabilities published by the National Vulnerability Database and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team during 1H 2020, affecting 53 vendors.

Over 70% of the industrial control system vulnerabilities disclosed in the first half of 2020 were remotely exploitable through a network attack vector, industrial cybersecurity company Claroty reported on Wednesday. Learn more about ICS vulnerabilities at SecurityWeek's 2020 ICS Cyber Security Conference and SecurityWeek's Security Summits virtual event series.

A report on industrial control system vulnerabilities from the first half of 2020 is shining a light on a rise in critical flaws in system security that can be remotely exploited by cybercriminals. Compiled by operational technology security firm Claroty, the "ICS Risk & Vulnerability Report" combined publicly disclosed vulnerabilities and those discovered by Claroty to arrive at a total of 365 vulnerabilities in ICS systems from 53 vendors, three-quarters of which received CVSS scores ranking them as high or critical risks.

The attacks involved a Cross-Origin Resource Sharing misconfiguration and Cross Site Scripting bugs identified on Amazon and Alexa subdomains, which eventually allowed the researchers to perform various actions on behalf of legitimate users. Successful exploitation of these vulnerabilities could allow an attacker to retrieve the personal information of an Alexa user, as well as their voice history with their Alexa, but also to install applications on the user's behalf, list installed skills, or remove them.

An attack launched in May 2020 against a South Korean company involved an exploit that chained zero-day vulnerabilities in Windows and Internet Explorer, Kaspersky reported on Wednesday. The vulnerabilities exploited in the attack have now been patched, but they had a zero-day status when exploitation was first observed.

Intel informed customers on Tuesday that it has patched many potentially serious privilege escalation vulnerabilities in its Server Board products. One advisory published by the tech giant describes over 20 vulnerabilities affecting Intel Server Boards, Server Systems and Compute Modules.

Microsoft has addressed 120 vulnerabilities with its August 2020 Patch Tuesday updates, including a Windows spoofing bug and a remote code execution flaw in Internet Explorer that have been exploited in attacks. The Windows spoofing vulnerability, tracked as CVE-2020-1464, is related to Windows incorrectly validating file signatures.

Microsoft has plugged 120 flaws, two of which are being exploited in attacks in the wild. One is publicly known and being actively exploited, and another one is also under attack.

Citrix on Tuesday released patches to address multiple vulnerabilities in Citrix Endpoint Management, which allow an attacker to gain administrative privileges on affected systems. The severity of the identified vulnerabilities, which carry the CVE identifiers CVE-2020-8208, CVE-2020-8209, CVE-2020-8210, CVE-2020-8211, and CVE-2020-8212, differs based on the installed version of XenMobile.