News – June 2018

  • Researchers warn SCADA systems are still hopelessly insecure

    June 18, 2018

    BSides Industrial control systems could be exposed not just to remote hackers, but to local attacks and physical manipulation as well. A presentation at last week’s BSides conference by researchers from INSINIA explained how a device planted on a factory floor can identify and list networks, and trigger controllers to stop processes or production lines. Read more… Source: The ...

  • PLATINUM SECURITY EXHIBITION – 10-12 April 2019: International Exhibition for Private Sector

    June 15, 2018

    The world private security market is growing rapidly. Faced with the rise of malicious acts, and growing insecurity, players in the field (businesses, high-end shops, luxury infrastructure, personalities, …) need to secure their properties and their spaces. Thousands of sites are to be equipped and the needs in new or proven technologies are real. Platinum ...

  • Cops Are Confident iPhone Hackers Have Found a Workaround to Apple’s New Security Feature

    June 14, 2018

    Apple confirmed to The New York Times Wednesday it was going to introduce a new security feature, first reported by Motherboard. USB Restricted Mode, as the new feature is called, essentially turns the iPhone’s lightning cable port into a charge-only interface if someone hasn’t unlocked the device with its passcode within the last hour, meaning phone forensic tools shouldn’t be able ...

  • Chinese Hackers Carried Out Country-Level Watering Hole Attack

    June 14, 2018

    Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers from Kaspersky Labs, who have attributed these attacks to a ...

  • GnuPG Flaw in Encryption Tools Lets Attackers Spoof Anyone’s Signature

    June 14, 2018

    A security researcher has discovered a critical vulnerability in some of the world’s most popular and widely used email encryption clients that use OpenPGP standard and rely on GnuPG for encrypting and digitally signing messages. The disclosure comes almost a month after researchers revealed a series of flaws, dubbed eFail, in PGP and S/Mime encryption tools that ...

  • Yahoo fined £250,000 by UK watchdog over data breach

    June 13, 2018

    The UK Information Commissioner’s Office (ICO) has fined Yahoo £250,000 over a data breach which occurred in 2014. The data breach resulted in the theft of at least 500 million records. It is believed that names, email addresses, telephone numbers, dates of birth, hashed passwords, and some “encrypted or unencrypted security questions and answers” were compromised. Yahoo has ...

  • Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist

    June 13, 2018

    A cyberattack against Chile’s largest financial institution last month, which reportedly destroyed 9,000 workstations and 500 servers, was actually cover for a larger plot to compromise endpoints handling transactions on the SWIFT network. When the dust settled on the attacks, investigators said $10 million was stolen from Banco de Chile and funneled off to an account in Hong ...

  • Lazarus Group used ActiveX zero-day vulnerability to attack South Korean security think tank

    June 13, 2018

    An ActiveX zero-day vulnerability used in attacks against a South Korean think tank has been connected to Lazarus Group. The target of these attacks was the Sejong Institute, a non-profit South Korean think tank which conducts research on national security. The private organization works with academic institutions worldwide. Read more… Source: ZDNet  

  • Bypass Glitch Allows Malware to Masquerade as Legit Apple Files

    June 12, 2018

    Masquerading as an official Apple system file sounds like a wonderful way for malware to worm its way onto Macs – and a recently discovered code-signing bypass flaw allows bad code to do just that. The way some developers have implemented Apple’s official code-signing API can be exploited by attackers. Essentially, Apple makes an API available ...

  • New Cortana Vulnerability Could Allow Cybercriminals to Bypass Lock Screen On Windows 10 Devices

    June 12, 2018

    Digital assistants help us look up the weather, play our favorite music, and allow us to quickly access a lot of our personal information. And between Amazon Alexa, Google Home, and Microsoft Cortana – these services have become all the rage these days. However, the latter service, according to the McAfee Labs Advanced Threat Research (ATR) ...

  • InvisiMole Burrows into Targets with Rich Espionage Tools

    June 11, 2018

    Researchers are expressing concern over a versatile spyware called InvisiMole that has been spotted in highly targeted campaigns targeting Windows PCs in Russia and the Ukraine. The malicious code, which comes in 32-bit and 64-bit versions, has a modular architecture, with two different, feature-rich backdoors that have overlapping functionality. Read more… Source: ThreatPost  

  • China blamed for data theft from US Navy contractor

    June 11, 2018

    China is being blamed for a cyberattack on a US Navy contractor which has led to the theft of sensitive military information. As reported by The Washington Post, US officials have claimed that up to 614 Gigabytes of information was stolen, including signal and sensor data, as well as submarine radio information relating to cryptographic systems. Plans for ...

  • Maritime navigation hack has potential to wreak havoc in English channel

    June 8, 2018

    A researcher has warned that threat actors are able to compromise common maritime navigation systems to potentially cause chaos in the shipping industry. As reported by the BBC, security researcher Ken Munro from Pen Test Partners has discovered that a ship navigation system called the Electronic Chart Display (Ecdis) can be compromised, potentially to disasterous effect Read more… Source: ...

  • Cyber security: Nation-state cyber attacks threaten everyone, warns ex-GCHQ boss

    June 8, 2018

    The dynamics of cyber warfare have changed so dramatically that nation-state attacks are now a problem everyone needs to face up to, the former head of the UK’s intelligence agency has warned. “Five years ago we were aware of nation-state attacks but we would’ve seen them as something that only a nation-state needs to worry about. Today they’re ...

  • Zero-Day Flash Exploit Targeting Middle East

    June 7, 2018

    A zero-day vulnerability is being exploited in the wild in targeted attacks against Windows users in the Middle East, researchers warned Thursday. The Flash Player vulnerability (CVE-2018-5002), a stack-based buffer overflow bug that could enable arbitrary code execution, was patched earlier today by Adobe. Read more… Source: ThreatPost  

  • Targeted Spy Campaign Hits Russian Service Centers

    June 7, 2018

    A series of espionage attacks have been uncovered, targeted at service centers in Russia that provide maintenance and support for a variety of electronic goods. The payload is a commercial version of the Imminent Monitor tool, which is freely available for purchase as legitimate software. Its developers explicitly prohibit any usage of the tool in a malicious way ...

  • VPNFilter Malware Impact Larger Than Previously Thought

    June 6, 2018

    Researchers say the impact of the VPNFilter malware discovered last month is larger than originally reported. On Wednesday, Cisco Talos researchers said they now believe the malware has infected twice the number of router brands than previously stated. They added that VPNFilter also delivers a more potent punch than they originally thought, and have identified a previously ...

  • Prowli Malware Targeting Servers, Routers, and IoT Devices

    June 6, 2018

    After the discovery of massive VPNFilter malware botnet, security researchers have now uncovered another giant botnet that has already compromised more than 40,000 servers, modems and internet-connected devices belonging to a wide number of organizations across the world. Dubbed Operation Prowli, the campaign has been spreading malware and injecting malicious code to take over servers and websites around ...

  • MyHeritage Says Over 92 Million User Accounts Have Been Compromised

    June 5, 2018

    MyHeritage, the Israel-based DNA testing service designed to investigate family history, has disclosed that the company website was breached last year by unknown attackers, who stole login credentials of its more than 92 million customers. The company learned about the breach on June 4, 2018, after an unnamed security researcher discovered a database file named “myheritage” ...

  • Facebook Accused of Giving Over 60 Device-Makers Deep Access to User Data

    June 4, 2018

    After being embroiled into controversies over its data sharing practices, it turns out that Facebook had granted inappropriate access to its users’ data to more than 60 device makers, including Amazon, Apple, Microsoft, Blackberry, and Samsung. According to a lengthy report published by The New York Times, the social network giant struck data-sharing partnerships with at least 60 device ...