ENCS, the European Network for Cyber Security, and E.DSO, the European Distribution System Operators’ Association, announced the launch of security requirements for Distribution Automation (DA) of Remote Terminal Units (RTUs). The requirements provide European distribution system operators (DSOs) with a defined set of practical considerations for procuring secure RTUs and are a significant step forward to industry wide requirements.
The notorious TrickBot has released a new lightweight reconnaissance tool used to scope out an infected victim’s network for high-value targets. The new “LightBot” is a PowerShell reconnaissance script used by the same group linked to the high-level ransomware and breach incidents involving Universal Health Service (UHS).
ZDNet has announced that multiple threat actors have spent the past two-three years mass-scanning the internet for ENV files that have been accidentally uploaded and left exposed on web servers.
ENCS, the European Network for Cyber Security, and E.DSO, the European Distribution System Operators’ Association, announced the launch of security requirements for Distribution Automation (DA) of Remote Terminal Units (RTUs). The requirements provide European distribution system operators (DSOs) with a defined set of practical considerations for procuring secure RTUs and are a significant step forward to industry wide requirements.
A team of five security researchers found 55 vulnerabilities in Apple online services which they have analyzed for three months from July to September. The flaws — including 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to take over a victim’s iCloud account and the sessions of Apple employees with the capability of accessing management tools and sensitive resources.
Intel is warning of a rare critical-severity vulnerability affecting several of its motherboards, server systems and compute modules. The flaw could allow an unauthenticated, remote attacker to achieve escalated privileges. The recently patched flaw (CVE-2020-8708) ranks 9.6 out of 10 on the CVSS scale, making it critical.
The Chinese government has deployed an update to its national censorship tool, known as the Great Firewall (GFW), to block encrypted HTTPS traffic that uses TLS 1.3 with ESNI (Encrypted Server Name Indication) enabled.
FireEye is extending its private bug-bounty program to the public. The expanded program, like its predecessors, will be run in partnership with Bugcrowd. Anyone with credentials on the Bugcrowd platform can submit vulnerabilities to the program, which will pay a bounty of $50 to $2,500 depending on the bug’s severity and potential impact.
Troy Hunt, the security expert who handles the breach notification website Have I Been Pwned, announced that he is ready to make the code behind the site available in open source.
Сybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology (OT) networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems (ICS).
Japan is poised to start work on global quantum key distribution service and associated infrastructure. Toshiba as a lead contractor of this project aims to build a wide-area network that can accommodate over 100 quantum cryptographic devices and 10,000 users around the world.
NATO Cooperative Cyber Defence Centre of Excellence, NATO CCDCOE, published “Malware Reverse Engineering Handbook”. It gives an overview of how to analyze malware executables that are targeting the Windows platform.
A coalition of dozens of top cybersecurity and Internet freedom groups, academics and experts sent a blistering letter to the sponsors of an anti-encryption Senate bill they say would make hundreds of millions of Americans more vulnerable to hacking. The bill, called the Lawful Access to Encrypted Data Act, is the harshest among a number of efforts to weaken encryption across the Justice Department and Congress.
Business giant SAP released a patch for a major vulnerability that impacts the vast majority of its customers. The bug, codenamed RECON, exposes companies to easy hacks, according to cloud security firm Onapsis.
US Senators introduced the Lawful Access to Encrypted Data Act, a bill to bolster national security interests and better protect communities across the country by ending the use of “warrant-proof” encrypted technology by terrorists and other bad actors to conceal illicit behavior.
Security researchers from the Shadowserver Foundation, a non-profit organization focused on improving cyber-security practices across the world, have published a warning about companies that are leaving printers exposed online.
A newly disclosed UPnP vulnerability, which is tracked as CVE-2020-12695 and is referred to as CallStranger, affects billions of devices can be exploited for various types of malicious activities, including distributed denial-of-service (DDoS) attacks. This vulnerability can also be used for bypassing DLP and network security devices to exfiltrate data and scanning internal ports from Internet facing UPnP devices.
With the release of the June 2020 Patch security updates, Microsoft has released one advisory for an Adobe Flash Player update and fixes for 129 vulnerabilities in Microsoft products.
Microsoft shared threat data collected on PonyFinal, a Java-based ransomware deployed in human-operated ransomware campaigns. In these types of attacks, adversaries do their homework and choose a strategy and payload based on the target organization’s environment. Human-operated ransomware is not new, but it has been growing popular as attackers try to maximize ransom from individual victims.
A team of Chinese academics has found a new way to abuse HTTP packets to amplify web traffic and bring down websites and content delivery networks (CDNs).
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S. Government have published the top 10 most exploited vulnerabilities from 2016 to 2019 with recommendations for mitigation.
Israeli researches reveal NXNSAttack, a vulnerability in DNS servers that can be abused to launch DDoS attacks of massive proportions. They say that an attacker using NXNSAttack can amplify a simple DNS query from 2 to 1,620 times its initial size, creating a massive spike in traffic that can crash a victim’s DNS server.
Cisco Talos researchers said about a new malware, dubbed WolfRAT, that is a new variant of DenDroid, a mobile Remote Access Trojan (RAT) which targets Thai users of Whatsapp, Facebook Messenger, and Line messaging apps on the Android mobile platform.
