8-5-19 – News This Past Week

200 million devices—some mission-critical—vulnerable to remote takeover
For the 200 million devices Armis estimated are running a version that’s susceptible to a serious attack, however, the stakes may be high. Because many of the vulnerabilities reside in the networking stack known as IPnet, they can often be exploited by little more than boobytrapped packets sent from the Internet.
https://arstechnica.com/information-technology/2019/07/200-million-devices-some-mission-critical-vulnerable-to-remote-takeover/

‘URGENT/11’ Critical Infrastructure Bugs Threaten EternalBlue-Style Attacks
A cadre of 11 vulnerabilities, six of them critical remote code-execution (RCE) bugs, have been uncovered that affect millions of critical infrastructure systems, such as SCADA gear at utilities, elevator and industrial controllers, patient monitors and MRI machines, programmable logic controllers (PLCs), robotic arms and more – as well as firewalls, routers, satellite modems, VoIP phones and printers.

‘URGENT/11’ Critical Infrastructure Bugs Threaten EternalBlue-Style Attacks

‘Urgent/11’ flaws affect 200 million devices – from routers to elevators
According to Armis Labs, attackers could exploit them to take control of affected devices via the TCP/IP stack without user interaction. Firewalls wouldn’t be able to detect or stop such attacks and any using affected software would be at direct risk themselves.
‘Urgent/11’ flaws affect 200 million devices – from routers to elevators

U.S. Issues Hacking Security Alert for Small Planes
Most airports have security in place to restrict unauthorized access and there is no evidence that anyone has exploited the vulnerability. But a DHS official told The Associated Press that the agency independently confirmed the security flaw with outside partners and a national research laboratory, and decided it was necessary to issue the warning.
https://www.securityweek.com/us-issues-hacking-security-alert-small-planes

Cyberattacks on connected cars could gridlock entire cities
Thanks a whole bunch, Internet of Things (IoT): you’ve already brought us autonomous vehicles and other connected cars that can be turned into steel/glass/combustible whirling dervishes, as in, Jeep Cherokees that can be paralyzed by remote attackers 10 miles away and whose steering wheels could be spun 90 degrees while the car was zooming down the highway at 60 mph.
Cyberattacks on connected cars could gridlock entire cities

A newly discovered hacking group is targeting energy and telecoms companies
Industrial security company Dragos, which discovered the group, calls it “Hexane,” but remains largely tight-lipped on its activities. The security company said Thursday, however, that the group’s activity has ramped up in recent months amid heightened tensions in the region since the group first emerged a year ago.

A newly discovered hacking group is targeting energy and telecoms companies

Learn to Safeguard Critical Industrial Targets at Black Hat USA
Some of the most grievous cybersecurity breaches happen at industrial facilities responsible for providing critical services like power, so it pays to stay on top of what’s happening in the field of industrial security. Black Hat USA offers an entire track of Smart Grid and Industrial Security Briefings that will help you do just that.
https://www.darkreading.com/black-hat/learn-to-safeguard-critical-industrial-targets-at-black-hat-usa/d/d-id/1335416

US Utilities Hit with Phishing Attack
A new phishing attack is hitting US utilities with threats that their engineers could be in danger of losing their professional licenses. But in reality, the only danger comes from panicked employees clicking on the embedded Word document and infecting their computers with a remote access Trojan (RAT) and command-and-control proxy.
https://www.darkreading.com/attacks-breaches/us-utilities-hit-with-phishing-attack/d/d-id/1335431

New “LookBack” Malware Used in Attacks Against U.S. Utilities Sector
Sent on July 19  and July 25, the phishing emails had Word documents attatched that contained malicious macros designed to deploy and execute LookBack, a new RAT that uses a proxy mechanism for command and control (C&C) communication.
https://www.securityweek.com/new-lookback-malware-used-attacks-against-us-utilities-sector

‘Machete’ Cyberspies Target Military in Venezuela, Ecuador
The threat actor behind the cyberespionage campaign dubbed Machete continues to be active and some of its most recent attacks targeted the military in Venezuela and Ecuador, ESET reported on Monday
https://www.securityweek.com/machete-cyberspies-target-military-venezuela-ecuador

Unpatched Flaws in IoT Smart Deadbolt Open Homes to Danger
Researchers have uncovered vulnerabilities in a popular smart deadbolt could allow attackers to remotely unlock doors and break into homes. Making matters worse, the smart door lock manufacturer has not yet acknowledged nor fixed the flaws.

Unpatched Flaws in IoT Smart Deadbolt Open Homes to Danger

Cisco to pay $8.6 million fine for selling hackable surveillance technology
The tech giant continued to sell the software and didn’t fix the massive security weakness for about four years after a whistleblower alerted the company about it in 2008, according to a settlement unsealed Wednesday with the Justice Department and 15 states as well as the District of Columbia
https://www.sfgate.com/news/article/Cisco-to-pay-8-6-million-fine-for-selling-14271226.php

Posted in Uncategorized.