AttackWise cyber security round-up 8 March 2019

//AttackWise cyber security round-up 8 March 2019

AttackWise cyber security week in review is published every Monday 7:00 GMT. Subscribe for delivery direct to your inbox.

In the news

  • Citrix systems has been hacked resulting in an estimated exposure of 6 terabytes of sensitive data stored in the Citrix enterprise network, including e-mail correspondence, files in network shares and other services used for project management and procurement. Citrix has shared a theory that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords
  • Facebook has been caught red-handed using people’s cellphone numbers, provided exclusively for two-factor authentication, for targeted advertising and search. This looks like a clear infringement of GDPR and the “intended use” principle.
  • Chinese telecom manufacturer Huawei is suing the U.S. government, arguing that Congress violated the Constitution when it banned government agencies from purchasing Huawei equipment.
  • The US Senate has released a report, “how Equifax neglected Cybersecurity and suffered a devastating data breach”. The key findings are worth reading and considering in the context of your own Cybersecurity controls.
  • FBI warns the public of the dangers of SIM swapping related to criminals targeting victims with cryptocurrency and other digital currency accounts. This highlights the insecurity in SMS based multi factor authentication.
  • An unprotected MongoDB database belonging to marketing tech company,, exposed up to 809 million email addresses, phone numbers, business leads, and bits of personal information.

Research, reports, opinions

  • Researchers from the University of Bonn have conducted a study of freelancers on and found that “freelancers who believe they are creating code for a real company also seldom store passwords securely without prompting”. There is a clear implication for how and who develops code if a secure result is required.
  • An interesting article on hacking machine learning to trick algorithms to classify a Stop sign as a 45 mph sign and music as speech. There are obvious implication for self driving cars and voice command systems.
  • Really nice example of the power of a well-researched and well-timed phishing email.

Security advisories

  • Cisco has released 25 advisories that describe 26 vulnerabilities in Cisco FXOS Software and Cisco NX-OS Software.
  • Google’s Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers. The vulnerability is being actively exploited.

UK industry events