Another month, another cryptocurrency exchange hacked and 'millions of dollars' stolen by miscreants

In brief Cryptocurrency exchange Eterbase last week admitted hackers broke into its computers and made off with other people's coins, said to be worth $5.4m.

The plug was pulled on the digital dosh exchange as a result, though it may return at some point: it claims to have enough capital to surmount the cyber-heist. Investigations by staff and law enforcement are ongoing.

"We want to inform our users that we have enough capital to meet all our obligations," the site's operators said in a statement.

"We want to reassure everyone that this event won't stop our journey. After the security audit of renowned global companies, our operations will continue. We will announce the date of the reopening of the ETERBASE Exchange platform as soon as possible."

Patch your Palo Alto kit

Palo Alto Networks has emitted nine security patches for its products, and one of them is for a critical flaw in some installations.

The updates are for Palo Alto's PAN-OS and the most serious, CVE-2020-2040, has a CVSS score of 9.8 out of 10 – i.e. it needs fixing urgently. If you're running Multi-Factor Authentication (MFA) or Palo Alto's Captive Portal interface, an attacker can exploit a buffer overflow to ultimately gain code execution as root.

There are also a handful of more minor fixes for the PAN management web interface and some low-grade issues with passwords being occasionally stored in plain text.

Fortunately there's no sign of these being exploited in the wild as yet. But, with the patches released, it's only a matter of time before someone cooks up some exploit code, so it's worth patching early.

Zoom finally gets two-factor sorted

Popular videoconferencing app maker Zoom has started rolling out two-factor authentication for its desktop and mobile applications.

Previously only available on the web client, the security system will allow admins to insist on multiple forms of authentication for meeting participants. It'll work with Google Authenticator, Microsoft Authenticator, and FreeOTP.

As research this week showed, the majority of Zoom intrusions are not the work of hackers, but someone who has been given login details to a meeting and then shared them with miscreants. Two-factor authentication may put a dent in this kind of zoombombing by making it too much of a faff for miscreants to log in using shared credentials.

With its popularity exploding amid the COVID-19 coronavirus pandemic, Zoom has had to take a serious look at its security, including hiring key players to make sure it's up to scratch.

School's out for ransomware

Students in Hartford, Connecticut, got an extra day of holiday after the school system was taken down by ransomware.

The malware borked key logistics systems on Tuesday in the US city. Hartford Mayor Luke Bronin said the infection was “significantly limited” due to computer security systems installed last year. Schools were back up and running the following day, though we're sure students appreciated their digital snow day.

Hartford is far from alone in getting hit: research [PDF] this week from infosec outfit Bitdefender claimed ransomware attacks were up over 700 per cent year on year. Schools are easy targets, usually with very little security infrastructure, and typically with insurance that will pay the ransom to, hopefully but not necessarily, unscramble files.

There's also students themselves to contend with. A teenager is right now facing felony charges after allegedly taking down a Miami school's networks with a DDoS attack. ®