AttackWise cyber security week in review 15 March 2019

//AttackWise cyber security week in review 15 March 2019

AttackWise cyber security week in review is published every Monday 7:00 GMT. Subscribe for delivery direct to your inbox.

In the news

  • F5 has acquired NGINX, which is used by close to 60% of the top 10,000 websites, for $670 million.
  • NASA’s cybersecurity program has been audited resulting in an outcome which falls short of the level required to be considered effective. Apparently the same result was achieved last year.
  • McAfee has identified active exploits of an unpatched vulnerability in WinRAR compression tool where opening a malicious file silently installs malware. The exploit is perhaps significant as there are an estimated 500 million users, and WinRAR does not auto update.

Research, reports, opinions

  • F-Secure has completed research that conclude that the UK Brexit pro-leave Twitter community is receiving support from far-right Twitter accounts based outside of the UK. The report reminds me of “disinformation for hire” services.
  • Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, security researchers have found. The exposure was via an unsecured Elasticsearch database.
  • Another reason for pre-boot authentication for BitLocker. Apparently it is possible to sniff BitLocker keys in the default config, from either a TPM1.2 or TPM2.0 device, using a dirt cheap FPGA (~$40NZD) and publicly available code. After sniffing, you can decrypt the drive.
  • Rapid7 has produced attack surface research targeting the 200 largest listed companies in Australia. Some surprising results on some relatively simple controls not being maintained by big corporates down under.

Security advisories

  • Adobe has released patches for Adobe Digital Edition and Adobe Photoshop.
  • Cisco has high impact advisories for certain IP telephones and a critical advisory due to a hard coded default password in their Common Services Platform Collector product.
  • Google has released Chrome version 73.0.3683.75 for Windows, Mac, and Linux. This version addresses 60 security fixes.
  • Microsoft has released their March 2019 security updates.
  • SAP has released various patches including 9 security notes and 3 updates to previously released security notes.
  • WordPress has released a patch to resolve a vulnerability that allowed an unauthenticated remote attack.

UK industry events