Blog

Cybersecurity News Bytes for Mid-July 2018

The Return of Spectre

New attack vectors against CPU microprocessors have been identified by security researchers. These techniques can affect AMD, ARM, and Intel processors. Spectre 1.1 takes advantage of vulnerabilities in chips that use speculative data stores, using these stores to cause buffer overflows. Spectre 1.2 attacks CPUs that don’t enforce read/write protections, allowing overwriting of read-only data and enabling the redirection of pointers to breach sandboxes so that an attacker can own the machine. Mitigation approaches include adding software to reduce the amount of processor speculation, although this will impact performance negatively. ZDNet 11 July 2018

Air Force Drone Specs, Other Sensitive Documents For Sale on Dark Web

The cyber hygiene of U.S. military organizations has been brought into question by the discovery on the Dark Web of documents about the MQ-9 Reaper drone, tank platoon tactics, and manuals about defeating roadside bombs. Sale prices ranged from $150-200. Researchers at Recorded Future discovered these items for sale while looking at websites used by cyber criminals. The hacker leveraged a previously known FTP vulnerability in Netgear routers using default passwords. While sensitive, much of the information was apparently unclassified. Fifth Domain

China Hacks Cambodian Candidates and Government Organizations

Chinese hackers have intruded into Cambodian systems to gather information in the run-up to elections scheduled for 29 July. This activity is similar to Chinese hacks into Taiwan’s 2015 presidential election, although in the Cambodian election there is no opposition to pro-Chinese Prime Minister Hun Sen. The goal seemed to be to gather as much information as possible. The breach was discovered by FireEye, who noted that the hackers blundered in leaving their servers “open indexed,” allowing researchers to retrieve loads of information on their tactics, techniques, and procedures. Bloomberg, 11 July 2018

Cybercriminals Phish for Cryptocurrency

Kaspersky Labs reported that cybercriminals used social media scams and spearphishing email attacks to gain access to cryptocurrency accounts of unsuspecting users. Techniques included setting up false initial coin offerings and asking potential customers to send a small amount of bitcoin to get started and cryptocurrency give-away scams. These and other techniques resulted in the theft of GBP 7.5 million (about $9.9 million) in the first six months of 2018. Informationsecuritybuzz.com

Ransomware Reaches New Heights

Sonic Wall reports record volumes of malware, including ransomware which surged from January – June 2018, a 229% increase over the same period last year. After a decrease in these attacks from 2016-17, 181.5 million ransomware attacks were noted in the first six months of this year. Cybercriminals are also using encryption more frequently, taking advantage of available technology to prevent losing the spoils of their crimes. Help Net Security, 11 July 2018

Large Volume of Security Patches Issued

July’s Patch Tuesday saw 53 security patches including 18 critical ones. Key fixes affected Microsoft browsers and Adobe software. A total of 107 patches were issued by Adobe, for products such as Flash, Reader, Acrobat, and Adobe Experience. Trend Micro, 10 July 2018

Return to our HOME PAGE