Cisco cleans up critical flaws, Florida city forks out $600k to ransomware scumbags, and more from infosec land

Your quick guide to what else has been happening in computer security lately

Roundup Here's a quick Monday summary of recent infosec news, beyond what we've already reported.

Cisco emits critical bug fixes

Admins running Cisco gear will need to dedicate some time to updating their software an firmware following the release of 26 security patches from Switchzilla.

Of the fixes, three are for critical flaws: CVE-2019-1663 is a remote code execution flaw in the RV110W, RV130W and RV215W routers. CVE-2019-1848 is an authentication bypass flaw in DNA Center, and CVE-2019-1625 covers a privilege escalation flaw in SD-WAN. Additional patches address other bugs in SD-WAN and the RV-series switches.

Desjardens gets desjar-done by data-slurping insider

Canadian credit union Desjardens says it may have lost control of the personal information of 2.7 million people, or around 40 per cent of its clientele, thanks to a disgruntled employee.

The Montreal-based financial institution warned that the rogue insider, who was caught and terminated, had been able to collect detailed information on millions of account holders including their email and physical addresses, social insurance numbers, birth dates, and some account activity, and share it with people outside the company.

For what it's worth, the bad apple was not thought to have collected PINs, passwords, or security answers, and so far there has been no noticeable increase in account fraud activity. Still, the financial org said it would reimburse fraudulent charges and provide monitoring for anyone who is found to have had their data misused as a result of the leak.

Used Nest cams pose security risk

Getting a bargain on a pre-owned security camera may have put your privacy at risk. This is according to a report from the New York Times' Wire Cutter site, which found that people who had sold their Nest cameras after doing a factory reset could still access surveillance images from the new owner via the Wink home hub.

Fortunately, Google said it has since issued an automatic update that will roll out to every Nest camera. This means as long as you perform a factory reset, your used Nest should be OK from then on.

Florida town caves to ransomware demand

A city in Florida, US, has found itself $600,000 lighter following a ransomware infection on its officials' computers.

The city of Riviera Beach said that after initially opting to replace its IT systems in response to a ransomware outbreak, it is following the advice of outside security consultants and handing over the Bitcoin ransom to get their encrypted files descrambled.

While the FBI and many security pros discourage companies from paying off ransomware attackers (often this doesn't even work), the reality of long and costly recovery projects means that often companies might be better served by at least considering a payout.

Tor follows Mozilla's lead with bug fix

For those who don't know, the Tor browser is more or less a version of Firefox with a ton of privacy features baked in. It makes sense, then, that some bug fixes for the Mozilla browser also need to be applied to the Tor version.

That is the case with a sandbox escape bug that recently surfaced as part of a zero-day attack on Firefox. Tor says that users should make sure their browser is updated to protect against similar exploits.

Want another reason to patch the Exim bug? Here's another Linux attack

Researchers with Cybereason are reporting that malware is swirling around the 'net exploiting the Exim security flaw revealed earlier this month. The software nasty uses the security hole to inject crypto-miners into Linux servers, and then uses the commandeered boxes to search for other machines to infect. Admins are well-advised to check they have the latest version of Exim, or at least a patched build.

In brief...

Perceptics, a maker of license-plate recognition systems for the US border cops, was hacked, as we reported first last month, and its internal files spilled onto the dark web as a result. Well, that data, including plate photos, schematics, and other sensitive information, is still online, the Washington Post's Drew Harwell reports, and is now being mirrored on the public internet.

A set of WordPress site-editing plugins from Facebook suffer from cross-site request forgery vulnerabilities. The bugs are present in the WooCommerce for Facebook and Messenger Customer Chat add-ons, and were reportedly publicly disclosed by a security firm that was upset with WordPress for its handling of bug reports.

Finally, Cloudflare is offering a free service to certificate authorities to prevent miscreants from gaining certificates for trusted sites via BGP attacks. ®

Other stories you might like

  • Talos names eight deadly sins in widely used industrial software
    Entire swaths of gear relies on vulnerability-laden Open Automation Software (OAS)

    A researcher at Cisco's Talos threat intelligence team found eight vulnerabilities in the Open Automation Software (OAS) platform that, if exploited, could enable a bad actor to access a device and run code on a targeted system.

    The OAS platform is widely used by a range of industrial enterprises, essentially facilitating the transfer of data within an IT environment between hardware and software and playing a central role in organizations' industrial Internet of Things (IIoT) efforts. It touches a range of devices, including PLCs and OPCs and IoT devices, as well as custom applications and APIs, databases and edge systems.

    Companies like Volvo, General Dynamics, JBT Aerotech and wind-turbine maker AES are among the users of the OAS platform.

    Continue reading
  • Despite global uncertainty, $500m hit doesn't rattle Nvidia execs
    CEO acknowledges impact of war, pandemic but says fundamentals ‘are really good’

    Nvidia is expecting a $500 million hit to its global datacenter and consumer business in the second quarter due to COVID lockdowns in China and Russia's invasion of Ukraine. Despite those and other macroeconomic concerns, executives are still optimistic about future prospects.

    "The full impact and duration of the war in Ukraine and COVID lockdowns in China is difficult to predict. However, the impact of our technology and our market opportunities remain unchanged," said Jensen Huang, Nvidia's CEO and co-founder, during the company's first-quarter earnings call.

    Those two statements might sound a little contradictory, including to some investors, particularly following the stock selloff yesterday after concerns over Russia and China prompted Nvidia to issue lower-than-expected guidance for second-quarter revenue.

    Continue reading
  • Another AI supercomputer from HPE: Champollion lands in France
    That's the second in a week following similar system in Munich also aimed at researchers

    HPE is lifting the lid on a new AI supercomputer – the second this week – aimed at building and training larger machine learning models to underpin research.

    Based at HPE's Center of Excellence in Grenoble, France, the new supercomputer is to be named Champollion after the French scholar who made advances in deciphering Egyptian hieroglyphs in the 19th century. It was built in partnership with Nvidia using AMD-based Apollo computer nodes fitted with Nvidia's A100 GPUs.

    Champollion brings together HPC and purpose-built AI technologies to train machine learning models at scale and unlock results faster, HPE said. HPE already provides HPC and AI resources from its Grenoble facilities for customers, and the broader research community to access, and said it plans to provide access to Champollion for scientists and engineers globally to accelerate testing of their AI models and research.

    Continue reading

Biting the hand that feeds IT © 1998–2022