Industry Research and News:
Another Week, Another Vulnerable NAS Device
“There is a clear trend of hackers starting to focus on storage. We’ve seen it twice in the past few weeks, and we’ve also seen reports of data being stolen out of Amazon S3,” said Steve McDowell, a senior analyst at Moor Insights & Strategy, who advises security teams to make sure you are running the latest firmware.
The biggest cybersecurity crises of 2019 so far
The recent ASUS supply chain attack makes Wired’s list of the biggest cybersecurity events of 2019. Attackers were able to infiltrate ASUS and deliver malware via ASUS’s own Live Update Tool.
Huawei's telecom equipment is more likely to have flaws than rivals' claims report
A recent analysis of Huawei networking infrastructure finds that the vendor’s products contained significantly more weaknesses that their industry peers. The report analyzed more than 500 Huawei enterprise networking products and found that over half of them contained at least one critical vulnerability. The analysis found a variety of problems ranging from embedded accounts, passwords, and keys to thousands of known vulnerabilities in embedded firmware.
RAMBleed, Reading Bits in Memory Without Accessing Them
RAMBleed is a vulnerability published recently that leverages the prior Rowhammer DRAM issue to turn it into a mechanism to leak secrets rather than modifying memory. With the Rowhammer attack, bits are more likely to flip if their neighboring rows have the opposite value. Rather than inducing bit-flips in a target memory region by hammering neighbor memory rows with writes, RAMBleed repeatedly hammers reads to neighbor rows and detects if bits in its own memory region have flipped and uses this mechanism to infer the targeted secret values.
DHS cyber director warns of surge in Iranian “wiper” hack attacks
The Director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency is warning that Iran is elevating its efforts to do damage to US interests through destructive malware attacks on industrial and government networks.
OpenSSH gets protection against attacks like Spectre, Meltdown, Rowhammer, and Rambleed
OpenSSH adds new protections for SSH private keys to protect against attacks like Spectre, Meltdown, Rowhammer, and Rambleed. This change encrypts SSH private keys while at rest within RAM so that an attacker would not be able to use a key leaked via a side channel attack.
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Ryuk Ransomware is a recent family of ransomware known for targeting enterprises and critical infrastructure and for charging exceedingly high ransoms of $100k or more. In addition to encrypting data, the malware corrupts firmware to disable victim systems if the malware is interrupted during the encryption process.
Security Research and Advisories
Tools
More Suggested Reading ...