2016/01/16

Cool News Story Bro! Week of 01-15-2016

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Hello Guys and Gals and welcome to another News roundup. As usual, we got some good stuff for you today so let’s get on to it.

News Stories

  1. Fortinet SSH Backdoor Found In Firewalls

    1. First story of the week takes a look at an issue discovered with Fortinet firewalls. Mainly, that they have a hardcoded SSH login, that has since been reverse engineered, and a script released to take advantage of it. When exploited you get full admin access to the device. Fortinet said this was not “planted by a third party” or anything quite so sinister but is rather just a management authentication issue, and has actually been patched since 2014. But there are certainly devices out there that have not been patched. Either way, poor practice.
    2. Read More @ http://www.darknet.org.uk/2016/01/fortinet-ssh-backdoor-found-firewalls/
  2. Uncovering the Seven Pointed Dagger

    1. Next, a story by Arbor Networks on a new APT Watering Hole campaign targeting Myanmar government sites. What makes this interesting is the discovery of a new RAT that has a very low detection rating, named “Trochilus”. Full report is linked on the page.
    2. Read More @ https://asert.arbornetworks.com/uncovering-the-seven-pointed-dagger/
  3. Netflix will shut down proxy users

    1. Next, news comes in that Netflix will start actively trying to prevent users from using proxy services to get around country restrictions in order to access different regions content. This is a bummer, given how common this is and how uneven the catalog is across the globe.
    2. Read More @ http://www.afterdawn.com/news/article.cfm/2016/01/15/netflix-will-shut-down-proxy-users
  4. Netflix says it’s ‘not obvious’ how to limit use of VPNs

    1. Following up on the above, Netflix did say that this task of preventing VPN users is not an easy problem to solve. Let’s hope it’s not, for all those taking advantage of such services. I am curious how much work they will put into this.
    2. Read More @ http://www.theglobeandmail.com/report-on-business/international-business/us-business/netflix-says-its-not-obvious-how-to-limit-use-of-vpns/article28100804/
  5. Denial-of-Service Flaw Patched in DHCP

    1. Next, a flaw in DHCP has been patched, that would cause a Denial of Service on all affected software by using a specially crafted packet. It affects almost all DHCPv4 clients and relays and most servers.
    2. Read More @ https://threatpost.com/denial-of-service-flaw-patched-in-dhcp/115875/
  6. The Mysterious Case of CVE-2016-0034: the hunt for a Microsoft Silverlight 0-day

    1. This is a really interesting one. The Hacking Team (Company making and selling spyware to governments)  breach from 2015 lead Kaspersky researchers on a hunt for a Silverlight 0-day mentioned in one of the articles around the breach. Since then, the Kaspersky team was trying to hunt down the specific vulnerability and details their process as well as the exploit itself. Really fun read.
    2. Read More @ https://securelist.com/blog/research/73255/the-mysterious-case-of-cve-2016-0034-the-hunt-for-a-microsoft-silverlight-0-day/
  7. OpenSSH Patches Critical Flaw That Could Leak Private Crypto Keys

    1. OpenSSH has patched a critical flaw in OpenSSH, discovered by researchers from Qualys, that could potentially leak private Crypto keys.
    2. Read More @ https://threatpost.com/openssh-patches-critical-flaw-that-could-leak-private-crypto-keys/115889/
  8. Android banking malware SlemBunk is part of a well-organized campaign

    1. Next, a follow up look at the SlemBunk Android Banking Malware campaign. New evidence has lead researchers to believe this to be a part of a well organized and fairly sophisticated campaign, that utilizes some interesting techniques to avoid triggering AVs, etc.
    2. Read More @ http://www.csoonline.com/article/3022428/security/android-banking-malware-slembunk-is-part-of-a-well-organized-campaign.html
  9. Ukrainian power grid was hit by “co-ordinated cyberattack”

    1. Next, this is an interesting one is it looks like the Ukranian power grid was hit by a coordinated cyber-attack that managed to take down the grid for a few hours. There is no conclusive proof this was done by a nation state but it does illustrate that these types of attacks are possible and maybe that more work needs to be done on securing critical infrastructure.
    2. Read More @ https://nakedsecurity.sophos.com/2016/01/14/ukrainian-power-grid-was-hit-by-coordinated-cyberattack/
  10. Hyatt Card Breach Hit 250 Hotels in 50 Nations

    1. So we brought news of the Hyatt breach few weeks ago, and now we have some more details. It looks like 250 hotels in 50 nations were hit and had their credit card data compromised. I’ve lost count of how many hotels got breached this year..
    2. Read More @ http://krebsonsecurity.com/2016/01/hyatt-card-breach-hit-250-hotels-in-50-nations/
  11. Security firm sued for filing “woefully inadequate” forensics report

    1. Last story of the week, and in my opinion the most interesting, is about the security firm “Trustwave” being sued for providing a “woefully inadequate” forensics report to a client. I have to admit this is the first time I ever seen anything like this happen. This looks pretty bad given that it seems like the company was re-compromised DURING the Trustwave investigation and after they claimed the breach was “contained”. Wow. I am interested to see where this goes.
    2. Read More @ http://arstechnica.com/security/2016/01/security-firm-sued-for-filing-woefully-inadequate-forensics-report/
Otakun
– Otakun –

Leave a Reply

Your email address will not be published. Required fields are marked *



Today is Friday
2018/02/23